USSD API on Android

I’m currently trying to build a small widget that shows you several statistics about your cell phone usage, this would require using USSD codes and catching their responses. I scoured the internet for a solution however wasn’t able to reach one.

The only available solution which is mainly a hack relied on catching the logcat entry and displaying it, unfortunately this was fixed in subsequent versions of android and now USSD response doesn’t appear in the logcat.

There is even a Facebook page created just to request this feature from google…anyway if anybody manages to find a way to handle USSD responses please do share.



It is now possible to read the USSDs using the accessibility services, the downside is how indirect this method is and how the app should be manually enabled as an accessibility app in the device setting.


On Local Open Source Products

I was called earlier this week by some technology show inquiring if I’d join a forum discussing the local Open Source Projects, and the reasons why the are rather scarce. I ended up not being able to join that forum, but it did get me thinking, I can’t think of even a handful of products that originated in our region, or even contributions to existing products. Even with the recent startups/innovation boom, I don’t recall seeing any opensource code to speak off.

After spending some time googling around and searching for any serious opensource project i was only able to find a Linux distro (Ojuba) that was developed in our region and seems like even that project was stopped 2 years ago. I also recalled seeing some Egyptian themed redhat based distro but can’t recall its name, I’m sure however it was discontinued. Other than that I wasn’t really able to find any mention worthy Open Source projects to speak off. Still I was able to find several Open Source fonts and even music…so seems the Open Source shortage is limited to code.

In the last 5 years several products emerged, some where complex enough for its code to be open source worthy, kngine for instance with their semantic web based search engine…it faded out of the scene now, but i believe it’d have persisted if he chose to open source it. Same applies to several other projects that may have failed business wise, but would have definitely left an impact if its code was shared with the world. So why aren’t people sharing their code with the world in our region as they do in other places.

There are several approaches to open source code development for instance:

  1. an individuals building such an amazing algorithm then sharing it on github for the world to use.
  2. A Company builds a really interesting product and decides to release its code for developers knowing that they still own it as intellectual property even though the world can see the code you can’t use it to earn money without contacting that company first.
  3. A group of developers collaborate to build a project then share its code to the world.

My thought process led me to question the motivations that lead source code to be shared. I believe in cases of individuals code is shared as a way to gain credit, after all who doesn’t know Linus Torvalds, or Phil Zimmermann, and their contributions. Even though their code is free to use, they still made more fame and subsequently money out of their products than they’d have if they sold it to some corporation. As for corporations, sharing the code serves to allow people to port and improve it, also to go over the code and increase the resilience through a process of global peer review, a really decent example here would be Android OS, open source and with millions of variations out and yet not nearly as many security issues as iOS.

I believe the following reasons are why we don’t see that many open source projects originating in our side of the world:

Lack of Time (individuals): Time being one of the most expensive assets we have (and the only one we can’t replenish) is wasted in traffic, red tape and other smaller fruitless activities, the time left after doing all of this isn’t nearly enough to be donate to open source development. Developing elegant share worthy code takes a lot of effort, not to mention the clarity of mind to sit down and plan something.

Lack of Recognition (Individuals): The local eco-systems doesn’t reward people who’ve been involved in even successful open source projects. Most corporate would dismiss that as irrelevant.

Lack of Resources (for Companies): Managing a project to completion is expensive, sharing the code isn’t nearly as rewarding in our region due to the lax intellectual property laws. Your competitors can just take your code and use it as is without crediting or consulting you. and good luck trying to convince a judge that this was actually your code, I don’t believe they have computer code technical advisers in our judiciary system to being with. Furthermore I’m not really sure you can patent code. Sharing your code wouldn’t result in people porting and improving it while retaining the credit, instead it’d result in creating competition and wasting the resources invested in the product.

Please feel free to share your opinions and your points of view on this topic…

Local Products Data Security Concerns

Last week a mini scandal broke out when Pavel Durov the founder of Vkontakte Russia’s dominant social network fled Russia and made really disturbing statements about the Kremlin trying to coerce him into divulging information about Ukrainian citizens and anti-corruption activists. Already the Russian Government is the majority stockholder of Vkontakte and they are in full control of the company.

Today, Durov announced he has fled Russia, citing security concerns after resisting pressure from the Kremlin to share user information from the Vkontakte network. In his public statements he has said that, in particular, the Kremlin had tried to force him to turn over information about Ukrainian citizens and anti-corruption activists in Russia.


This fits perfectly with a concern I’ve had for a while now about the privacy and security of local products and services. In my opinion privacy laws implementation in our region isn’t sufficient to protect our data from preying eyes, especially if backed by the government. It is quite easy to subpoena the entire database of a social network company for instance, or even require direct live access to the service based on the telecom laws. It gets even more interesting when you think of all the different ways the government can use to coerce “convince” the product founder to divulge the information he has about anonymous users he doesn’t know personally.

The concern here is not about technical security of the product as much as it is about the physical security of the founder and his family. Personally I don’t believe it’d take a lot of effort from the correct authority to extract all the info he has on any of the products users. After all such authorities have really convincing methods.

Another concern would be the political affiliation of the founder, since the product is local, his political affiliation may match or be quite different from yours. There is no guarantee that his access to your data wont be use either way. Again referring to our lax privacy laws implementation. Even if implemented without proper periodical auditing there is no way to be 100% sure no one is snooping on your data.

That is why I choose not to use local apps and services as much as possible. Most offer geo-services (cairo360-bey2ollak-wasalny-circle tie-etc…) and the last thing I want is for some entity to have real time access to my where abouts 24×7. Also their is that inherent risk associated with installing any mobile app on your phone, most request access to your contacts anyway (all android have access to all photos stored on device), just think about where your data may end up migrating to without your knowledge.

Naturally these risks are associated with almost any product you end up installing or using but I feel a lot more comfortable knowing that my data MAY end up getting exposed to some XYZ developer in some obscure country who knows nothing about me and has zero interest on our current local affairs. And knowing that it’d be quite hard to coerce someone that far away.

Sharing an Image from Bitmap in Android

I had a project that required downloading an image from the internet then calling the sharing intent to share that bitmap, I went through countless entries until I reached the conclusion that it is impossible to share an image directly from a bitmap object, the bitmap must be saved first and then you can share it and if you dont want to keep a copy on disk you have to explicitly delete it.

Here are how I ended up doing it.

1. Save BitMap

String file_path = Environment.getExternalStorageDirectory().getAbsolutePath() +
File dir = new File(file_path);
File file = new File(dir, name);
FileOutputStream fOut;
try {
fOut = new FileOutputStream(file);
abmp.compress(Bitmap.CompressFormat.PNG, 85, fOut);
} catch (Exception e) {

2. Share URI from file

Uri uri = Uri.fromFile(file);
Intent intent = new Intent();

intent.putExtra(android.content.Intent.EXTRA_SUBJECT, "");
intent.putExtra(android.content.Intent.EXTRA_TEXT, "");

intent.putExtra(Intent.EXTRA_STREAM, uri);
startActivity(Intent.createChooser(intent, "Share Cover Image"));


If you can come up with a hack to share directly from BitMap please do share, but I dont believe it is possible.


Samsung S4 Gestures SDK not supporting S4 phones!

Lately I just got myself a Samsung Galaxy S4 LTE, a decision based mainly on the array of sensors it supports that aren’t present in any other device in the market. Gesture control promised to be that one cool feature that I can build intuitive ergonomic apps around. I installed the Samsung SDK following the instructions on Samsung developers site only to get an exception stating that my device isn’t supported, which didn’t a lot of sense since I had the flag ship, the top of the line device and more importantly it had air gestures in many of the native apps. Turns out that the gesture control library requires at least Android 4.3 (Jelly Bean API level 18), while the S4 LTE is running android 4.2.2 with only the american carriers updating to 4.3 for the time being.

Gesture/Motion Control which are present in Samsung S4 devices are only accessible to developers if the device is running Android 4.3, while they have 4.2 factory installed.

Even if I install a custom ROM and bring my device up to 4.3 any app i’d build wouldn’t be useful for most of the users until 4.3 becomes the new standard.

It doesn’t really make much sense from Samsung’s part to release a device that supports certain functionality while the SDK can’t access them using the factory installed Android version, and its not like the features aren’t there, they are there and being used by the system. The only problem is they aren’t accessible through the SDK.

This may explain why these features are under used by developers. The only apps that use these features are either Samsung apps or released by one of their premium partners.

Yes i know there is a work around and you can always access the underlying API, reverse engineer one of the current Samsung apps and figure out how they access the sensors, but too much of a hassle for a simple silly app to be honest.


Fault Tolerant Process Design Patterns

Designing a fault tolerant system in a loosely coupled system based on async calls can be quite challenging, usually certain trade offs must be made between resilience and performance. The usual challenge faced while designing such a system is missed/unprocessed calls resulting in data drift, that exponentially increase overtime turning the system unusable.

Use Case:

GSM customer swapping his SIM card.

async SIM swap

async SIM swap

  1. SIM migration order created.
  2. Order processing starts, and SIM swap call is sent to network elements.
  3. Customer’s SIM is swapped but response from network elements is missed/not sent.
  4. CRM order is cancelled by customer care.
  5. Customer now has two different SIMs associated with his account, the one he is using listed in Network, and his old SIM card on CRM.
  6. All subsequent orders will fail since the customer’s service account is inconsistent through the BSS stack.

One way to prevent such an issue from happening all together is to lock the customer for editing until the SIM swap request is completed from network, and if a failure happens during SIM swap the customer remains locked until resolved manually, this approach is called Fault Avoidance, and its quite costly performance wise, also it provides a really poor customer experience.

Fault Tolerance on the other hand allows for such incidents to take place but the system prevents failure from happening. In my opinion the best pattern to handle faults in loosely coupled systems is check-pointing.

Checkpointing is a technique in which the system periodically checks for faults or inconsistencies and attempts to recover from them, thus preventing a failure from happening.

Check-pointing pattern is based on a  four-stage approach:

  1. Error detection
  2. Damage assessment and confinement (sometimes called “firewalling”)
  3. Error recovery
  4. Fault treatment and continued service

If this approach sounds familiar its because its been in use for quite sometime now in SQL (a loosely coupled system between client and DB Server), to retain DB consistency in the event of a faults during long running queries the following steps are taken :

  1. Client session termination is detected (step 1 detection).
  2. Does user have any uncommitted DML queries  (step 2 assessment).
  3. Access undo log and pull out data needed to rollback changes (step 3 recovery).
  4. Rollback changes and restore data consistency (step 4 fault treatment).

Checkpoint Roll-Back:

The pattern used by DBMSs, Checkpoint-rollback Scenario relies on taking a snap shot of the system at certain checkpoints through the process flow and upon failure between two checkpoints restoring the snapshot. However this pattern becomes too complex to implement in multi-tiered systems.

Checkpoint  Recovery Block:

This pattern relies on using alternative flows based on the type of fault, the checkpoint recognizes the type of fault and picks the correct block to use to recover from the error and complete the process.

This approach is extensively while coding, try with multiple catching blocks each handling a different type of exception, however instead of using it within the code of a single layer its taken one step further and used on the process level.

Temboo the on stop shop API

There is no way to capture the value of online APIs, basically they save you from the tedious effort of reinventing the wheel or maintaining a costly back end. Shifting your focus from algorithm to customer experience, the only expense here is integrating the API with your product. While most APIs rely on JSON calls of one kind or another integrating them into your code can be costly and time consuming, especially if you use multiple APIs, also it is quite time consuming to keep track of APIs as they get updated. also there is a certain degree of effort required to learn how to efficiently use each API. (API calls economics)

Temboo is a one stop SDK, providing a single interface for an ever expanding list of APIs and available in 7 languages!

Temboo standardizes the way you interact with an ever expanding list of APIs, updating frequently to match any changes in these APIs keeping your products in sync with them transparently. Basically Temboo is a wrapper that provides a standard API to a bunch of APIs and its available in a bunch of languages. With the end result being the ability to integrate any API you want into your code without spending tedious hours reading their documentation and testing various messages and their responses.

It gets even better, through the website you can test various APIs through a simple web interface, testing various test cases, by filling the variables in text boxes. It even provides you with a code snippet suitable to be plugged directly into your code. Basically saving you hours of testing and integration.

When I mentioned that their APIs list is ever expanding I really meant it, every time I visit the site I can see few more APIs added to the list, they just added twitter, and now I’m considering unifying all my products API usage and piping it through Temboos. I’m rarely that excited about a new product, but this one seriously blew me away.