In the world of IT, information security is something you can’t go past, having the basic understanding is a must. One building block of it is authentication and authorisation; to know what do they mean, how they effect the users and what they provide for them.
Authentication is identifying yourself. In the real world, you have your ID card that carries your unique, personally identifiable information like name, birth day and place, mother’s name, etc. But you can’t use your ID card on a computer, so there must be an other identifier. The most common one is a username, and to protect the account, a unique password. The goal is to prove you are who you say you are.
After you are successfully authenticated, you gain access to different things; you have the authority to use resources. The system where you identified yourself provide you permission for example to print documents, browse a shared directory on the company’s network, read and answer your e-mails, send a post on a forum. If you don’t have the permission, you get an “Access denied”, “Permission denied” or similar message. Authorisation is about what permissions you have, what can you do.
Without listing every option, I would like to list the most used ones.
- Password: I think everybody knows it. You have a username and either a self- or a system generated password.
- Biometric authentication: nowadays it’s the 2nd most used method, smartphones allow access after recognising the user’s recorded fingerprint or face.
- Token: Usually companies use this method where a purpose-built physical device shows a random string or -numbers, it must be provided by the user after entering the username.
In 2017 I started to follow a free and open source project that aims to protect user privacy and -data on Android systems. It is Blokada, an ad- and tracking blocker. Since then I help it to grow its user base, have big communities on various platforms, manage the default DNS- and host lists.
Recently I have tried to familiarise myself with its code and was especially interested in the memory management, so I thought I’d optimise that a bit. Here is what I have learnt along the way:
On Android, applications can’t utilise the full RAM of the device, instead, every app the user start gets a portion of it. Because Android apps are based on Java, this allocated memory is called the same way as in Java: heap.
What is heap and how big is that?
Simply phrased, heap is the memory of the running application and similarly to the memory of a physical machine (PC or notebook), it has an upper limit. The manufacturer (or in custom ROMs the maintainer) decides and defines the maximum size; no app nor system configuration can change that. Newer devices have more RAM, hence, bigger heap can be allocated without problems.
The app’s memory is allocated at its start up and lasts during its runtime; so while that is not closed, killed, crashed or the device is not restarted. If the program is sent into the background, the heap isn’t totally cleared, a small portion will remain allocated.
So, how is that you can start a lot of apps but they don’t run into memory problems?
The system tracks each memory allocation and if it determines that a piece isn’t used anymore, it frees that up removing objects that are not referenced. The mechanism that reclaims unused memory is called Garbage Collection (shortly: GC) and it is triggered by the underlaying Android system; it can’t be started manually.
The GC ensures the program has minimal footprint: it is necessary to be able to start other applications, have enough space in RAM to allocate heap for newer ones. This is how you can run a lot of them in parallel.
But what happens when something needs more resource than it can access? The application crashes with an OutOfMemory (shortly: OOM) exception and the allocated memory chunk is cleared up totally.
If you want to read more in this topic, please refer to the Overview of memory management.
It’s possible to see the set limit with the maxMemory() method.
Hello and welcome to my hobby project and -blog, this is the very first entry here. The plan is to have technical and non-technical articles as well, based on my interest and current focus, furthermore it will carry my up-to-date Curriculum Vitae.
The ‘About me’ section will be uploaded (hopefully very) soon, but until that, let me introduce myself shortly: I’m Peter, a professional IT guy with support, OS administration (mostly Linux), virtualisation, Big Data and some marketing background and experience. I have had the chance to work with AIX 5L, RedHat Linux, VMware, Cloudera CDH components, Amazon AWS, Microsoft Azure. Right now I’m interested in Docker and Kubernetes, security and cryptography.
Regarding my hobbies, I like doing different kind of sports. Nowadays I run a few kilometers when my free time allows it, previously I had experience with Krav Maga, MMA, weight-lifting, wall climbing and kempo.
So, let’s kick(start) it off.