Curated topic

mobile

Posts tagged with mobile

Engineering at MetaMar 13, 2026

Patch Me If You Can: AI Codemods for Secure-by-Default Android Apps

Why it matters: Scaling security updates across massive codebases is traditionally slow and error-prone. By combining secure-by-default frameworks with AI-powered codemods, Meta demonstrates how to automate large-scale security migrations, reducing developer friction and improving app safety at scale.

Meta utilizes a two-pronged strategy for mobile security: secure-by-default frameworks and AI-driven automated migrations.
Secure-by-default frameworks wrap unsafe Android OS APIs to ensure the secure path is the easiest for developers to follow.
Generative AI is leveraged to automate the migration of legacy code to these secure frameworks at a massive scale.
The system automates the proposal, validation, and submission of security patches across millions of lines of code.
This approach significantly reduces developer friction and manual effort required to maintain security across a sprawling codebase.

#security #mobile #mlp

Read original

Salesforce EngineeringMar 2, 2026

Delivering Accurate, Low-Latency Voice-to-Form AI in Real-World Field Conditions

Why it matters: This architecture demonstrates how to balance on-device processing with cloud AI to solve real-world data entry challenges. It provides a blueprint for building low-latency, high-accuracy mobile AI features that function reliably in noisy, bandwidth-constrained environments.

Implemented a hybrid architecture using on-device speech-to-text (STT) to minimize latency and cloud-based LLMs for semantic field mapping.
Achieved 85% field-level accuracy by providing LLMs with schema-driven metadata, including field types, constraints, and examples.
Managed latency by performing transcription locally on mobile devices, reducing payload sizes and avoiding audio transmission to the cloud.
Developed a Voice Utterance Library containing real-world field recordings to test system reliability against background noise and diverse accents.
Integrated a human-in-the-loop review step, allowing technicians to edit transcriptions before final submission to ensure data integrity.

#mobile #mlp #data

Read original

Salesforce EngineeringFeb 23, 2026

Building an AI-Accelerated Compliance Automation Platform for 24x Faster Audits

Why it matters: Automating compliance reduces operational risk and engineering toil. By moving from fragile UI-driven workflows to API-first systems using AI-assisted development, teams can deliver audit-ready evidence 24x faster while maintaining high engineering standards.

Developed FastTrack, an API-first automation platform that replaced manual, screenshot-driven compliance audits for mobile app stores.
Achieved a 24x reduction in audit execution time by moving from fragile UI-based workflows to deterministic API integrations.
Utilized AI-assisted development to accelerate the path from system design to production, enabling rapid prototyping of validation logic.
Addressed data granularity gaps in the Google Play Console API by redefining evidence boundaries in collaboration with compliance stakeholders.
Embedded runtime validation and transparent API query logging to create verifiable, compliance-grade audit trails.

#mobile #security #culture

Read original

Spotify EngineeringFeb 9, 2026

How We Release the Spotify App: A Look Under the Hood (Part 2)

Why it matters: Scaling mobile releases to hundreds of engineers requires robust automation. This look into Spotify's tooling provides insights into building resilient CI/CD pipelines that maintain high velocity and app stability.

Spotify utilizes specialized internal tooling to orchestrate the complex release cycle of its mobile applications.
The release infrastructure is designed to handle the scale of hundreds of developers contributing to a single codebase.
Automation is a core component, managing the process from code freeze to final app store submission.
The tooling ensures consistency across platforms while maintaining high stability through automated validation gates.

#mobile #sre

Read original

Engineering at MetaFeb 4, 2026

No Display? No Problem: Cross-Device Passkey Authentication for XR Devices

Why it matters: This approach enables secure, phishing-resistant authentication for devices with limited UI, like XR headsets and IoT. By replacing QR codes with companion app transport, it maintains FIDO security standards while significantly improving the user experience for passwordless logins.

Meta introduced a novel cross-device passkey flow for XR and screenless devices that eliminates the need for scanning QR codes.
The approach utilizes the FIDO CTAP hybrid protocol, replacing visual data transfer with a secure message transport via a companion mobile app.
The XR device generates a FIDO URL containing an ECDH public key and session secret, delivered to the phone via GraphQL-based push notifications.
The companion app triggers native iOS or Android passkey verification flows upon receiving the notification, maintaining standard security requirements.
Proximity verification via Bluetooth or NFC is still enforced to ensure the authenticating device is physically near the XR hardware.

#security #mobile

Read original

Engineering at MetaJan 27, 2026

Rust at Scale: An Added Layer of Security for WhatsApp

Why it matters: WhatsApp's migration demonstrates that Rust is production-ready for massive-scale, cross-platform applications. It proves memory-safe languages can replace legacy C++ to eliminate vulnerabilities while improving performance and maintainability.

WhatsApp replaced its wamedia C++ library with a Rust implementation to mitigate memory-related vulnerabilities in media file processing.
The migration reduced the codebase from 160,000 lines of C++ to 90,000 lines of Rust while improving performance and memory efficiency.
The Kaleidoscope system performs structural checks on media, detects masquerading file types, and flags high-risk elements like embedded scripts.
WhatsApp utilized differential fuzzing and extensive integration testing to ensure compatibility between the legacy C++ and new Rust versions.
This deployment represents one of the largest global rollouts of Rust, spanning billions of devices across Android, iOS, Web, and wearables.

#security #mobile #dist

Read original

Engineering at MetaDec 17, 2025

How We Built Meta Ray-Ban Display: From Zero to Polish

Why it matters: This article offers insights into the complex engineering and design challenges of developing advanced wearable AI glasses, providing valuable lessons for hardware and software engineers working on next-gen devices and user interfaces.

The Meta Tech Podcast delves into the engineering challenges behind the Meta Ray-Ban Display, Meta's advanced AI glasses.
Engineers Kenan and Emanuel discuss unique design hurdles, from display technology to emerging UI patterns for wearable glasses.
The episode explores the intersection of particle physics and hardware design in developing cutting-edge wearable tech.
It highlights the importance of celebrating incremental wins within a fast-moving development culture for innovative products.

#mobile #culture

Read original

Engineering at MetaDec 15, 2025

How AI Is Transforming the Adoption of Secure-by-Default Mobile Frameworks

Why it matters: This article demonstrates how Meta leverages secure-by-default mobile frameworks and AI to proactively embed security into development workflows. It's crucial for engineers to understand how to balance security with developer velocity and how AI can scale these efforts.

Meta implements secure-by-default mobile frameworks to wrap potentially unsafe OS and third-party functions, ensuring security while maintaining developer speed.
These frameworks are designed to closely mimic existing APIs, utilize public interfaces, and reduce complexity to maximize developer adoption.
Generative AI and automation significantly accelerate the large-scale adoption of these secure frameworks, enabling consistent security enforcement and efficient code migration.
Key design principles include API resemblance to reduce cognitive burden, reliance on stable public APIs, and broad applicability across applications.
SecureLinkLauncher (SLL) for Android is an example, preventing intent hijacking by wrapping native intent launching methods with robust security checks.

#security #mobile

Read original

Netflix Tech BlogDec 4, 2025

AV1 — Now Powering 30% of Netflix Streaming

Why it matters: This article highlights how open video codecs like AV1 drive significant improvements in streaming quality and network efficiency. It showcases a successful large-scale rollout across diverse devices, offering valuable insights into optimizing content delivery and user experience.

Netflix's AV1 codec adoption has reached 30% of all streaming, becoming their second most-used codec due to its superior efficiency.
AV1 delivers higher video quality (4.3 VMAF points over AVC) with one-third less bandwidth and 45% fewer buffering interruptions.
The rollout began with Android mobile in 2020 using the dav1d software decoder, expanding to smart TVs, web browsers, and Apple devices with hardware support.
This advanced codec significantly improves network efficiency for Netflix's Open Connect CDN and partner ISPs by reducing overall internet bandwidth consumption.
AV1 enables advanced features like HDR10+ streaming and cinematic film grain, enhancing the overall viewing experience for members.

#dist #mobile

Read original

Slack EngineeringNov 19, 2025

Android VPAT journey

Why it matters: Ensuring mobile accessibility is critical for legal compliance and inclusive user experiences. This post provides practical implementation details for common Android a11y hurdles, like custom actions and semantic announcements, helping engineers build more robust, accessible apps.

Slack conducted a VPAT audit in 2024 to identify and fix accessibility (a11y) gaps in their Android app following a major UI redesign.
Improved error communication by updating OutlinedTextField and SKBanner to trigger TalkBack announcements when validation fails.
Enhanced navigation by explicitly marking headings using semantics { heading() } in Jetpack Compose and accessibilityHeading in XML.
Resolved list count inaccuracies for screen readers by implementing CollectionInfo and CollectionItemInfo semantics.
Implemented CustomAccessibilityAction to make drag-and-drop functionality in the workspace switcher accessible to non-visual users.
Utilized TtsSpan to ensure screen readers announce text formatting like strikethrough, which is otherwise ignored by default.

#mobile #frontend

Read original

Page 1 of 2

Prev1 2 Next