One Year At GuardSquare
Today marks my one year anniversary at GuardSquare. On the one hand it feels like yesterday (as cliché as that might sound) but on the other hand it feels like ages ago, considering how much we have been able to do in just one year's time.
For those that don't know GuardSquare yet, allow me to quickly introduce our company. If you have ever used Java, you probably know ProGuard, our open source optimizer for Java bytecode. It comes with the Android SDK and is used by hundreds of thousands of mobile applications. Our commercial product DexGuard takes things a step further and has proven itself to be the industry standard for app security on the Android platform. Now we also offer iXGuard, which brings mobile application protection to the iOS platform. More on that later in this post!
When I joined, the company was still located at I&I, the University of Leuven's Innovation & Incubation Center. Our office consisted of 3 rooms, a bigger one that could seat about 12 people, and two smaller ones with space for 6 persons each. Back then we were only really using two of them, one served as a meeting room.
I was the first hire for what is now the iOS-team, which back then only consisted of Sander, our current PM, and his proof of concept. The latter was around a thousand lines of code, in size not even a hundredth of the code base I came from. Yet I was struggling. I remember a conversation where Sander asked me what exactly I didn't understand, to which I replied "everything!". Even though it was far from idiomatic C++, the code wasn't particularly bad, messy or lacking comments. It was just very dense, with loads of LLVM API calls I didn't know and a bunch of intrinsic knowledge about the Objective-C runtime. Back then I knew a bit about the Clang front-end and the LLVM compiler infrastructure, but not too much about its intermediate representation and basically nothing about Objective-C, let alone its runtime.
It took a few weeks to get the hang of things and to fully get up to speed. After that we started making progress. Some things were easy and straightforward, most things were not and required quite a bit of research. That's what I still like most about my job, doing real research and development. The kind where you start with and idea, work towards a proof of concept and finally develop it as part of your product.
Of course from a technical perspective we had our fair share of set-backs. Quite often we would reach a point where we had something working quite well, only to later realize that it wouldn't work for some other reason. It's not that we didn't think things through, just that we lacked a lot of information. Our approach was sensible and clearly the best course of action based on what we knew. You could argue that it keeps the job challenging, but when you are rethinking something for the fourth time, it starts to lose its charm!
Our third team member, Dennis, joined in May. We went to university together and became friends. The company was looking for engineers and he was looking for a different opportunity, so it made sense to bring them together. Initially it wasn't certain if he would be joining the Android or iOS team, but either way I was happy to have a friend become a colleague.
With some interns coming in over the summer, our office became a little crowded. Our team moved to the former conference room. My new seat was next to the window, which was pretty great given we didn't have AC. Other teams were growing as well, so the company started to look for a new location. By November we moved to our current offices, located on the first floor at the Tervuursevest in Leuven. With lots of space, natural light and a big terrace, it was quite the upgrade.
The new office was only the first of many changes. We opened an office in San Francisco, we launched a new website and hired a bunch of new people. Last but not least, we also released a new product: iXGuard.
This is what we have been working on for the past 10 months, a brand new product, completely from scratch. For the official launch in December, we focused on three core features:
- Name obfuscation, for both Objective-C and Swift. Starting from LLVM IR, we build an in memory representation of the target application, modelling everything from classes to synthesized methods. Think of it as an abstract syntax tree, but neither abstract nor syntax based. 😉
- Arithmetic obfuscation applies a random number of transformations on arithmetic expressions. Math is awesome!
- String encryption uses a range of pluggable algorithms to encrypt strings at compile time. At run time they are decrypted just-in-time when the application needs them.
Although technically not really a feature, integration with the Xcode IDE is something worth mentioning here. Apple didn't make it easy for us, with significant or breaking changes in about every release of its IDE.
Since the release, our attention was divided between improving our core product and working on new features. We get invaluable feedback from developers using iXGuard, helping us make the product better. Meanwhile we also have quite a few new things in the pipeline, which unfortunately I can't discuss, because they haven't been released yet. What I can say is that we are quite proud of them.
We have a pretty long list of ideas we want to realize, some of which are quite challenging. Even if we would limit ourselves to the ideas we already have, it will require way more work than our team can handle. I consider that a good thing though, there's nothing more motivating than knowing you'll be able to do awesome stuff for the foreseeable future.
Looking back I'm happy to say that I am very proud of what we have achieved, as a team but mostly as a company. If it wasn't for every single one of my colleagues, we wouldn't have been where we are today!
Does the above sound interesting? We are hiring!