What is ARCore?

Overview of Google platform for building augmented reality apps for Android
06 September 2017   2116

ARCore is a platform for building augmented reality apps on Android. ARCore uses three key technologies to integrate virtual content with the real world as seen through your phone's camera:

  • Motion tracking allows the phone to understand and track its position relative to the world.
  • Environmental understanding allows the phone to detect the size and location of flat horizontal surfaces like the ground or a coffee table.
  • Light estimation allows the phone to estimate the environment's current lighting conditions.

Also, a fresh videocap from Google Developers Days Europe 2017 can get you familiar with ARCore.

ARCore is Google’s new Android SDK that brings Augmented Reality capabilities to millions of mobile devices. In this video, Tom Slater introduces the main concepts of ARCore, walks through building your first AR app, and explains how to make the most of the ARCore SDK.

Third Party Apps Could Read Twitter Messaging

According to the company, no one used this vulnerability and the issues is now solved
18 December 2018   677

Until the beginning of December, third-party applications could access Twitter private messages. According to the company, no one took advantage of this vulnerability. Terence Eden, who found it, was paid almost $ 3,000 under the Bug Bounty program.

In 2013, there was a leak of keys to the Twitter API - so applications could access the interface bypassing the social network. To protect users, Twitter implemented an application authorization mechanism through predefined addresses (Callback URL), but it didn’t suit everyone.

Applications that do not support Callback URLs could authenticate using PIN codes. With this authorization, a window pops up that lists which data the user opens to access. The window did not request access to private messages, but in fact the application received it.

On December 6, Twitter reported that it had solved the problem. Judging by the statement of the company on the HackerOne website, no one had time to take advantage of this vulnerability.

This is not the first social network security error related to the API. In September, Twitter discovered a bug in AAAPI (Account Activity API): the system sent a copy of the user's personal message to a random recipient.