Open Letter: Worth more than "Free"

2009-07-23 20:00:00 -0400

An irate user sent us an email today about Strip, our iPhone data vault software. She wasn’t mad about a bug, or a missing feature. She was upset that we were charging money for it.

I am highly annoyed that your company would jump from a free app to a $9.99 app with such a limited number of entries. No, I will not be upgrading.

We don’t take this kind of feedback personally, but do feel it warrants a response. We decided to reply in an open letter explaining the motivation behind our software pricing.

Dear Customer,

I’m very sorry to hear that you’re upset about the charge associated with upgrading Strip. The App Store is filled with inexpensive applications: some of these are low quality, hastily developed, and quickly released. Hopefully you recognize through your evaluation that Strip doesn’t fall into that category.

Strip took 6 months for our team to build and represented a big investment for our company. We spent countless hours refining the design and adding features to make it easy and pleasing to use. Working with a large group of beta testers delayed our release but ensured the application was stable and high quality. It took months for us to wade through documentation and approval with the US Government to have Strip’s encryption classified for mass market release. On top of this we continue to provide support, bug fixes when problems occur, and new feature updates. We even released our secure database library as open source software to the community so that other developers can use it.

Strip Lite is as an opportunity for everyone to try the software without purchasing it first. That’s also why the description in the App Store clearly explains that the Lite version is an evaluation limited to a small number of records.

We are a small business that builds software. We have employees and families, and our objective is to make money. Our software, and the time that we spend building it, is worth more than “Free”. It’s worth more than $0.99 cents-a-pop, too.

What’s more, the vast majority of our customers agree. We have a growing community of active users that were happy to purchase a quality piece of software at a reasonable price.

The decision to upgrade or stop using Strip is entirely yours, but I really hope you will reconsider its value. Thanks so much for your time.



Zetetic is the creator of the encrypted iPhone data vault and password manager Strip and the open source encryption-enhanced database engine SQLCipher.

Staying Motivated and Creative

2009-07-22 20:00:00 -0400

I saw this post from The Flying Jalapeño Lives just now, wherein Corey poses a couple of methods for staying motivated as a programmer, particularly somebody works solo or remotely, possibly out of his or her home. They aren’t bad suggestions, but I figured I’d respond with another take on things, since I have some first-hand experience with the matter.

No amount of mental tricks and playing with your IDE can make up for the importance of real human company. For about a year and a half I worked out of my home, just me and the cats, and it was incredibly isolating. When you work alone all the time, you begin to actively seek out distractions on the intertubes (as if there aren’t enough to begin with!) Being around other flesh-and-blood people is critical to staying grounded, and really helps me to focus and stay motivated, rather than distracting me. I’m not the only member of Team Z in a co-working setup, either. Our man Steve Kradel is a recent convert down in Philadelphia.

I mentioned my problem to Lennon/R-Coder last year at RubyFringe, and he said something to the effect of, “dude, you need to get out of your house! Find a coworking space!” I’d never heard of such a thing, but The Bossman went and looked up Williamsburg Coworking, and I’ve been there almost every work day since. My productivity shot up by a lot (we checked, using Tempo!) I get to work with really smart people like Alexis and Stan from Percent Mobile, I’m in a creative environment, I have people to talk to, and it’s really easy to stay focused. Can’t recommend it enough. If you’re looking for a space in your city, get in touch. There’s quite a network of coworkers out there (ours spread across some 47 cities) who’d be glad to have your company, and I’d be happy to put anyone in touch, just send me an email.

On a tangential note, I saw this great interview with Amanda Palmer, which has some delicious quotes about staying on your work (or not!):

I got to a certain point where I realized that the voices in my head were working on an old, conditioned blueprint of what it actually means to be fulfilled and happy.

Slowly, I started to let that blueprint go and starting to improvise another one, just for the day. And now, I draw a new blueprint every day and then set it on fire at the end of the night. I think the key for me has been realizing that every day and week and month is an improvisation…and that I can never define my success or happiness by last week’s measuring stick…I wrote when I feel like it, and I don’t feel catholic guilt anymore when I don’t.

Interesting stuff, and as a song-writer myself, I know that guilt, I know it well. Obviously, composition and programming aren’t the same thing, but you do have to know when to walk away and recharge. Having other people around can help prevent you from banging your head on your desk instead of relaxing and trying to look at things differently. It’s time we all started valuing one another’s company more.

Zetetic is the creator of the encrypted iPhone data vault and password manager Strip and the open source encryption-enhanced database engine SQLCipher.

Trading Ideas from #futureruby

2009-07-15 20:00:00 -0400

I’ve been meaning to get a post up about Future Ruby, the fantastic conference hosted by Unspace last weekend in Toronto, but I haven’t had a chance. Since we got back our team has been playing catch-up, so I wanted to pause quickly to highlight some interesting developments since the conference.

I got to chatting with Dan Grigsby about a possible means of offsetting the iTunes App Store’s negative review bias, and he went and made it a reality, with sample code and all. Very cool.

There were a number of inspiring and challenging presentations that have inspired post-con discussion and debate. If you search on the #futureruby hash tag on Twitter you’ll find all sorts of links to discussions, comment threads, summaries and even video. Looks like even BoingBoing took notice! Many of the attendees (including myself) have taken to watching the tag to keep up and keep in touch with each other.

More thoughts to come tomorrow, there’s more testing to do this afternoon on Tempo for the maintenance update.

IE users on Tempo have been dropping off

2009-07-15 20:00:00 -0400

Like most web programmers out there, we’ve wasted spent some “kwality” time trying to get our page layouts for Tempo to work and look good in Internet Explorer 7 (we don’t support IE6). The advent of IE8 has made this a bit easier by providing a compatibility mode for going back and forth, helping us to identify needed fixes for our ie7.css file.

As we delayed another over-due set of updates in order to fix some IE issues, I started to wonder what percentage of our users actually use IE, and if that percentage justifies spending all this time. According to Google Analytics, only 10.25% of our visitors (which is a larger group than our active subscribers) in the last two months were using some form of Internet Explorer.

Tempo Analytics Browser S

Ten-odd percent of our users certainly warrants us taking the time, but it’s still a surprising metric. Furthermore, it’s down 1% from July of 2008 when IE clocked in at 11.28% of our users, despite the fact that our traffic and active users have climbed substantially from that period. I’m not sure if this indicates a preference on the part of our customers and our would-be customers, or if it means we haven’t provided IE users with the kind of interface they really want.

That said, we’ve been hard at work on a number of adjustments to Tempo’s interface to tidy things up, and many of these adjustments specifically address some display issues in IE7. We’re working on it, dear customers!

The Case for Strip-ing

2009-07-14 20:00:00 -0400

When people ask us if we have any iPhone apps in the iTunes App Store1 and we tell them, “yes,” they invariably get excited. Their expectations of some cool, new, game-changing technology seem to dampen when we tell them about Strip (unless they are cryptography enthusiasts). However, we often hear back from many of these same folks a few months later, telling us that they use Strip all the time, and can’t live without it.

Homer Oh NoOur friends and colleagues are starting to get worried about the bazillion sites on which they’ve set the same password. Maybe I’m preaching to the choir here, but we all do it from time to time. There’s just too many to track: car insurance websites, bank accounts, social networks,newspaper site, some online community where you registered to leave comments, some new online tool you want to try out, a thing here, a thing there. You probably sign up for something new on the Inter-tubes at least once a day.

As far as settings passwords go, you really have two options:

  1. Set something different for each one and actually remember them all (good luck with that).
  2. Use some clever ‘p4ssw0rd123’ or variant for all of them (e.g. p4assw0rd-facebook).

Choosing option 1 is the most secure, and the most difficult. Option 2 leaves you exposed to massive risk – one good guess, a password cracker, or a break-in on a site that didn’t hash your non-unique password could allow an attacker to get into your online bank account. Many sites e-mail your password back to you – then your ‘p4ssw0rd123’ has gone through quite a few tubes and machines in clear text by the time it arrives in your inbox. Which is also on someone else’s computers, isn’t it?

The basic work-flow of Strip was designed to fix this very problem, and it seems to get people hooked. Say you want to sign up for some new web service to try it out, but you don’t want to use that bank account or email account password. You hit the sign-up screen, you get to the password field and you fire up your iPhone (or Palm, for the Old School-ers), open up Strip, create a new entry, and generate a random password. Save it in Strip, set it on the site, and you’re done. Sure, it introduces an extra step, but now your brain isn’t filling up with garbage and you’ve drastically reduced the risk to your online information and identity.

Strip Generate Palm Strip Generate iPhone

Obviously, Strip itself could be a point of potential failure. If you left your iPhone (or Treo) in a taxi like many of our customers have done, you wouldn’t want the cabby or the next occupant to have access to private networks and mail servers. To mitigate this we use high-grade, peer-reviewed open source cryptography to make it very unlikely that anyone will ever unlock your copy of Strip before the heat death of the universe (so long as you set a strong password!) At this point we’ve got 12 years of experience under our belt, and the code is out there for anyone to see, improve, and criticize. We will continue to update Strip’s encryption engine, SQLCipher, to stay on top of the latest encryption updates, protocols, and techniques. We’ve even strengthened SQLCipher since we launched Strip in the App Store. Don’t take our word for it, have a look yourself.

1 Overheard snark last week at FutureRuby: “They managed to build an App Store without actually building an App Store.”