Hi, Jane here! I hope you like this profile of me :)
It has been delightful to watch different approaches companies take to enrich, optimize and harden their web and mobile apps.
For example, Facebook has been dogfooding a new approach to improve the overhead in their mobile apps since last year. I speculate (or hope) they will announce it during F8 2019 in coming days.
Question: why don’t you profit from this either with the stock market or selling info to companies? What is your motivation for doing this anyway since it takes significant time and skill?
Have you done any analysis of job ads to see whether they give you insights into the product strategy of a company? I know you can’t uncover specific features from them, but it might offer clues into their priorities or roadmap. Just a thought.
My focus has been analysing within the scope of apps and its code. But I do read tech news of journalists' analysis on job ads, and note that down for future references
What's your preference for tools to go about this? I've found some dex decompilation to be very hit and miss. Just wondering what is your go to/process for android and iOS if you don't mind sharing ? Cheers
> But some of Ms Wong's scoops are so big that they threaten to impact the stock market, leading some to accuse her of insider trading.
Can anyone with a good understanding tell me if that really qualifies as insider trading or market manipulation? As I understand it, she reverse engineers a publicly available app, something that anyone with the technical know-how could do. So even if she bought stocks before releasing this information, anyone could have done the same and learned the information the same way.
I would be really surprised if big investment firms aren’t already doing that (but just don’t release this information publicly). I don’t see how this is any different from collecting other public information and placing bets based on that information. (e.g. reading import lists from container ships and estimate the production volume from a company before they announce it).
Otherwise, Jane’s efforts seem to be pretty cool and I am honestly surprised that more people aren’t doing it. I can’t wait to get read her blog later!
As ever, Matt Levine comes in handy here: "The law doesn’t say that any time you trade on material nonpublic information it’s illegal. The law, to oversimplify a complicated area, makes it illegal to trade on material nonpublic information that you obtained in violation of a duty to someone" [0]
Unless Ms. Wong was cracking into companies and stealing pre-release versions of their apps, or had received them on promise of confidentiality, it's hard to see how this would reasonably class as insider trading. As to the market manipulation angle, even if she were trading on the information she uncovered, would this be materially different to short sellers publishing their research on a company to push the stock down?
This is a really interesting question. IANAL and I am not sure a decisive answer even exists, but here is another thread to pull: Lots of traders work with satelite data to estimate non-disclosed info about energy and agriculture companies: https://www.theatlantic.com/magazine/archive/2019/05/stock-v...
That article suggests that there is a consensus that high tech surveillance doesn't count as inside information, and I can't see why Jane's reverse engineering would be different. There's also an argument that she is publicizing the material, so depending on the order of operations maybe it is public?
A separate question is what kind of trouble you might be able to get into with specific companies due to license agreements. Would love legal take on any of above as well.
> A separate question is what kind of trouble you might be able to get into with specific companies due to license agreements. Would love legal take on any of above as well.
I believe you are allowed to reverse engineer software you own in most countries despite what the TOS says. But they might ban you from their platform which doesn’t stop reverse engineering because Apple/Google is distributing the software.
Big fan of Jane's overall approach. Since the profile focuses on the leaks themselves, here's something the HN crowd might find especially cool - disclosures for the reverse engineering methods behind many of the leaks: https://wongmjane.com/
Jane, since you're on: I'm curious how you feel about the red-team/blue-team dynamics of what you're doing. If companies get better at hiding tests and under-development features, is that a Good Thing? Or, does reverse engineering demonstrate that they should be more transparent about dev in the first place? Or, is the frontier of reverse-engineering / hiding stuff itself something productive?
As a user, I am curious and excited to know the future of the apps I use. Reverse engineering allows catching a glimpse of the future without having to wait for launch events or press releases.
Often times, this kind of scoops could be beneficial to companies. Product teams at companies could look at public opinions and take that into the consideration of product decision. It functions similarly to "focus groups" or "soft launch", except it's free. According to my profile on CNN, a Twitter spokesperson mentioned [0]:
> the platform wants its users to be part of the process, and these types of discoveries help it learn
That's not to say companies encourage users to reverse engineer their apps. However, if they make it completely impossible to find any unreleased features whatsoever, it will kill off this free channel of unofficially gathering public opinions (or hype) before launch.
It is understandable there are competitors out there in reality. Getting better at hiding tests and under-development features could help preventing the competitors from knowing the company's upcoming strategies.
To hide or to not hide, they both have pros and cons. It really comes down to how companies balance their priorities. If their priority is to hide everything until launch, even if it means getting rid of the free QA and focus groups, go for it.
I personally hope companies will choose the transparent route rather than being a sealed black box. I believe users deserve to know what is changed in the apps installed on their own phones. Being more specific than the vague "bug fixes and improvements" will provide a sense of assurance to users.
“she faced a Twitter storm of comments saying that she was purposefully manipulating the market for her own profit.”
If they were fabricated screenshots or leaked press releases then they might have a case. But if these companies really didnt want these features to be leaked, then they should have done a better job of securing them. Is it really that hard? It wasnt like this was a rogue employee!
Also, I was a broke college student. How can I even afford to invest! Still having hard time grasping the concept of stock market and related topics :P
I think there are better ways to bring food to the table than this, such as getting a job as SWE, or donations.
I never earned any money from this hobby and have no plans to change it
It has been delightful to watch different approaches companies take to enrich, optimize and harden their web and mobile apps.
For example, Facebook has been dogfooding a new approach to improve the overhead in their mobile apps since last year. I speculate (or hope) they will announce it during F8 2019 in coming days.