STRIP is dead! Long live Strip!

2009-05-27 20:00:00 -0400


loginWe did it! The initial version of Strip has made it into the iTunes App Store, along side Strip Lite, a free version with a 10-record limit.

Strip is a password manager and data vault for the iPhone. It relies on SQLCipher for data storage – it’s our own build of SQLite that provides military-grade encryption of the entire database using the OpenSSL library. If you want to dig deeper, we have more information on the product site, and the SQLCipher page.

To check it out, download Strip Lite or take the tour.

Features:

  • Strip’s entire database is encrypted using 256-bit AES encryption
    (Compare to the weaker 128-bit encryption used by most other applications)
  • Extensible data fields, customizable labels and behaviors
  • Organize entries by category or view based on recent activity
  • Full text search across all database fields
  • Shake-to-create random password generator
  • Assign icons to entries for easy visual identification
  • 2-tap quick entry of common fields (e.g. usernames and email addresses)
  • Launch websites, dial phone numbers and address emails
  • Text or Quick-entry numeric access password input
  • Auto-lock when your device goes to sleep
  • Familiar interface similar in behavior to Contacts

Take a tour of the app if you’re still not convinced it rocks.

Ancient History

STRIP stands for “Secure Tool for Recalling Important Passwords.” STRIP first appeared for PalmOS mobile devices in 1997 and grew to be one of the highest rated, award winning security applications for the platform for over 12 years. This is a ground-up rewrite for the iPhone platform featuring improved usability and enhanced security. Thus, we’ve changed the name to “Strip”.

We discontinued STRIP’s development a couple of years ago due to the decline in the Palm OS platform. We’ve since added the source to Github for anyone who wants to take up the cause themselves. As we previously mentioned here, we will be providing a migration path to the iPhone version for Palm users ASAP, as well as updating strip-dump to support users moving to other platforms and software.

Shout-Outs

We’d like to extend our thanks to the many beta testers who helped us put together an excellent product. Extra special thanks goes out to nGen Works for designing Strip’s new identity, logo, and badge. Last but not least, the various articles and tips on Mobile Orchard, including a post on how to avoid app rejection, have been enormously helpful.


Mobile Orchard iPhone Workshop for Rubyists

2009-05-25 20:00:00 -0400


Future RubyOur man Dan Grigsby is kicking a new course this Summer, in coordination with the aforementioned Future Ruby:

I’m teaching a discounted, adapted for Rubyists version of our Beginning iPhone Programming Workshop in Toronto on July 9-10 — the Thursday and Friday immediately preceding the FutureRuby conference…. Details about the class, including a FutureRuby discount, here.

The course is specifically aimed at would-be iPhone developers, particularly those coming from a Ruby background, who have no previous experience with the iPhone SDK. No need to know Objective-C! It’s also being offered at a big discount.

Dan’s a really sharp guy and gave one of the best presentations at Ruby Fringe last year. His class is already getting some great accolades from Ruby hackers, and his baby Mobile Orchard is turning out to be one of the most competent and in-depth resources on iPhone development. Well worth your ducats, especially if you want to start developing iPhone applications and need a way to bootstrap your knowledge.


Memorial Holiday Update

2009-05-21 20:00:00 -0400


It’s been a little while since we’ve given any updates on the goings-on here at Zetetic, so a wrap-up is in order.

Apparel!

First, some fun: there’s a brand of clothing apparel in Taiwan that shares a name with us. Accordingly, we need to print some rad t-shirts of our own. I could use a thuggin’ trucker hat for FutureRuby:

Zetetic Technical

FutureRuby

We don’t attend that many conferences, but we’re looking to change that. And last year’s RubyFringe was just fantastic. It’s hard to describe, but they’re not kidding: it’s a conference for Rubyists, not a Ruby conference. FutureRuby looks just as promising, and Stephen and I will be there. If you will be, too, make sure to say hello! This is what we look like.

Tempo

“You gotta tame the beast before you let it out of its cage.” ~ Derrick Zoolander

We’ve undertaken a massive design and interface overhaul for our time-tracker, Tempo. Designed by nGen Works, it’s supra-suhweet, and near complete. We’re hammering out final issues with styles and cross-browser compatibility, and hope to offer a beta test to our users very soon. Hopefully we’ll have this live and out of beta by mid-June.

Strip for iPhone

Our encrypted data vault and password manager, Strip, and the accompanying Strip Lite, have been submitted to the iPhone App Store for review! We’ll let you know when it’s out there, and we plan on offering vouchers to our beta testers for being such a great help. It will be launching with a ton of great features, and it’s been heavily tweaked to make common operations quick and easy. Assuming we get through the approval process without refusal or pocket rejection. Fingers crossed.

We still have to work out a solution for users who want to bring over their Palm Strip databases. One of the reasons we haven’t provided a quick hack just yet is because this requires a secure solution. In fact, it probably requires a desktop-based solution. We’ve got a lot of people asking for a desktop version of Strip that syncs with the iPhone version over a local network connection. That goes hand-in-hand with our development road-map; we intended to provide some back-up/sync capability in the next major revision of the app. So I think it’s time to get cracking. Hopefully if you’ve been waiting for an exporter, you won’t mind waiting just a bit longer. In the meantime we’ll see if we can update Dave Dribin’s strip-dump to support Palm Strip v2 databases (currently it only supports up to v1.1).

SQLCipher

SQLCipher is our fork of SQLite that provides page-level database encryption. A lot of people are asking us how to compile SQLCipher in an Xcode project in order to use it in iPhone apps like we’re doing with Strip and Codebook. We’re putting together an article that we’ll publish soon documenting the process step-by-step. In addition, Apple first required that we go through a munitions export approval process with the Department of Commerce and the NSA to get our app reviewed at all. That in and of itself is a really complex process, but we’ve got documentation on that, too, describing how to crank it out. We’ve even got some Google docs we can re-use for filling out the paper work quickly. So there’s lots coming in this area, stay tuned!

Open Source Development

Steve Kradel recently posted Zetetic.Chain to Github, a .NET implementation for the Chain of Responsibility design pattern.


Responding to Online Criticism

2009-05-19 20:00:00 -0400


There I was minding my own business and waiting for a sandwich in the deli last week, when a headline in the NY Times poked me right between the eyes: Snark Attack, by Teri Karush Rogers. As it turns out, renters and prospective buyers in NYC are increasingly turning to online forums and blogs to share their opinions about real estate listings. They investigate, they gossip, they ask questions, speculate on pricing, and they often mock the scams and bad deals. Like all things that involve online commentary, it can get quite ugly (or entertaining, depending on your perspective):

For their part, sellers and their brokers are seething over what they perceive as a lack of accountability, hidden or misanthropic motives, and the fact that defending one’s property — even correcting a factual error — can prolong or aggravate its turn under the collective microscope. Sellers also object to being typecast as Marie Antoinette in the French Revolution-style discourse.

My, how we protest when the shoe is on the other foot. It’s really difficult to find a place to live in NYC that isn’t a complete dump without living beyond your means. Many most of the people you’ll deal with will do their best to rope you into paying a lot of money for a dismal home. It’s a hard slog and only two things are certain: there will be roommates, and it will still be expensive.

It’s no surprise that in a contracting economy people are talking more, and that sellers and landlords (and their often-inflated prices) are the butt of the discussion. Why wouldn’t buyers and renters turn to the greatest communication tool we have to enable the sharing of expertise, bloviation, and derision? It’s also no surprise that there appear to have been no seething sellers or brokers who were willing to be quoted for the article, but I sure was hoping so. It has the trashy appeal of reality television.

Obviously, value is a matter of perception; that’s why brokers always try to get you to believe they will rent the apartment later that day to somebody else if you don’t hand them a deposit immediately. The process is weighted heavily against you and relies on the fact that most people don’t know any better. People having easy access to each other and relevant information about a property changes that dynamic dramatically. Despite my faux-proletarian schadenfreude for the landlords of New York, I have some sympathy; it must be really frustrating to have some stranger come into your house and then go online afterwards and rip the place apart.

The underlying question here is when to respond to online criticism, and whether or not it is helpful. If you are selling something, it’s a pretty important question, and whether it’s helpful is determined by your attitude towards the whole thing. People are going to make online commentary, and people are going to read a lot of commentary to help them determine how to best spend their earnings. If you the vendor are going to sit this out entirely, you are doing yourself a disservice.

We find ourselves in this position once in a while. People write about our products, they make comments on our blog posts, they share their thoughts with entire social networks instantly, and they are not always laudatory. Which is fine! They’re not always accurate, either. It’s been our experience that you’re always better off keeping cool and correcting the record to the best of your ability. Reasonable people can follow along and make their own judgements. If you’re still angry, you’re not ready to respond! There’s no need to try and change somebody’s mind about what you’re selling, but you definitely don’t want any false claims to go entirely unchecked by reality.

The article makes a point of mentioning that many firms forbid or discourage their agents from participating in online threads, seeing a real potential for disaster that I wouldn’t want to under-play. At the same time, in the world of selling things online, it’s not in your best interest to sit things out, just proceed carefully.

Alison Rogers, an agent with DG Neary Realty … noted that anger, defensiveness and denial will almost certainly set off a feeding frenzy, as will a post that seems to be written by the owner or broker without the appropriate disclosure. She favors correcting factual errors and countering negative opinions — but only to a point. “You don’t want to draw conclusions for people.”

In the emerging economy, it’s people who get this who will do a lot better than the folks who just get mad. You can’t really take your ball and go home, anymore.


Zetetic.Chain - Some love for .NET

2009-05-13 20:00:00 -0400


Today we released Zetetic.Chain on github as open source under a BSD-style license. The inspiration for Zetetic.Chain is Apache Chain, but Zetetic.Chain also takes advantage of some of the things .NET does really well without lots of dependencies, like reflection attributes (well, reflection in general), XML serialization, Remoting, indexer properties, and so on.

The Chain concept lets you work with commands, and stacks of commands, with a simple model—just say the name of the command you want to run, pass it an object in which to get and set state / results, and the Zetetic.Chain library takes care of the rest, keeping your implementation nice and clean. You configure the details of each command in a lean n’ mean XML file. Example:


<catalog>
<chain name="TellStory">
<command name="first" typeName="Storybook.WalkInTheWoods">
<add key="BoysName" value="Hansel" />
<add key="GirlsName" value="Gretel" />
</command>
<command name="also" typeName="Storybook.BirdsEatTheBreadcrumbs" />
<command name="ohno" typeName="Storybook.WitchInCandyHouse" />
</chain>
</catalog>

Your code can fire off the chain of events simply by calling:


ICatalog catalog = CatalogFactory.GetFactory().GetCatalog("storybook.xml");
IContext context = new ContextBase();
catalog["TellStory"].Execute(context);

So check it out, let us know what you think! Personally I know this library is going to become part of most of my ongoing projects on the .NET platform.