tablet-hardening.md

-## Tablet Hardening process
+# Tablet Hardening process
 
 In the development environment, builds are not required to be release builds.
 Development Environment
 + It is required that all key information is removed from logging calls.
 
-Production apk builds for tablets are built in release mode:
+## Production apk builds for tablets are built in release mode:  
 + Debugging flag is disabled
 + Proguard rules are standardized 
   + required that apk methods and classes are obfuscated
   + all unused classes and methods are stripped
   + apks are signed with a buzztime release keystore (not the android sdk default keystore)
 
-APK deployment :
+## APK deployment :  
 Apks deployed to tablets are managed through a package manifest delivered through a SOAP request.
 + Apk's that are not whitelisted or present in the manifest are removed from the tablet.
 + Apk's in the manifest are securely downloaded and installed.
 + Apk's in the com.buzztime package space must be signed with the buzztime release keystore
 
-Runtime validations and security measures:
+## Runtime validations and security measures:  
 + Tablets do not enable ADB or USB modes at startup and only enable it if the tablet is associated with a site that is configured to allow it.
 + The Buzztime Core package declares special permissions which may be used by applications to require that Intent, Service and ContentProvider requests are made only by buzztime signed applications.
 + SSL HTTP client requests are configured to use TLS 1.2 and the allowed cipher list is pruned to remove all ciphers that have been identified as insecure.