iPhone. News and Tips

text by Slava (slavikus) Karpenko (RiP Dev)

Guys, I am sick and tired of all the fuss and exaggerations around the recent hacker attack against the products we are developing.

Short preface. This morning, waking up from a dreadful dream spawning with dissected insects inside my PC (we are currently preparing a very curious update for Caterpillar) and wearing nothing but underwear, I approached my computer just to find links to another hack of our software in my inbox.

“Oh, one more genius”, I thought and went on to check the info in a quite relaxed manner. I should mention all kinds of people “hack” our products every once in a while and share the exciting news with us right away, maybe so that we praise them for their efforts and mail them a box of jelly beans to soak in beer. Never mind these hacks don’t work because people just seem to be not diligent enough. So another incident seemed quite innocent at first.

However the new hacker creation proved to be quite a good one, developed by someone who actually sat down and took time to do the job thoughtfully – without running around and shouting it out. It may seem weird, but I realize and to some extent respect the effort required to perform this tremendous work (in spite of the fact that breaking something is always easier than creating things from scratch).

What does it mean to us as a team? First of all, it means that the product we developed has finally reached certain maturity. In software world, the very fact of hacking signifies both the loss of virginity and attainment of a certain maturity level. If a program was first hacked two hours after release, it was a stillborn – the developer won’t be able to refute hacker attacks and will eventually give it up. It’s that situation when nobody wins – neither the author, nor his/her users.

When a software piece is actually hacked 4.5 months after the initial release, it is either pretty well protected or of no interest to anyone. I am no megalomaniac, but I can tell without prejudice that the latter is hardly possible in our case.

Frankly speaking, we didn’t pay much attention and did miss some security features we had in mind, opening the doors to the talented hacker. It had a strategic reason behind however – comprehensive product functionality is way more important to us than 100-% protection. When agreeing on the present security level we already provided for the next steps to be taken when (it’s “when”, not “if”) it’s hacked.

So I would like to assure all those already using our products – what happened doesn’t discourage us in any way, and we will continue to support both our freeware and paid products. We do know how to protect our intellectual property and we won’t give up. Especially with such incidents that challenge our professionalism and motivate us to try harder.

As to the current hack – the first but definitely not the last one – it is life, baby. Yet I would like to make one important warning: unlike us hackers don’t care about their reputations, remaining anonymous, so they can implant potentially hazardous modules in hacked versions of widely popular products. We did come across such instances, so please take care.

Thank you for your support.

text by Slava (slavikus) Karpenko (RiP Dev)