[Interview] Why do roasting machines need security?

This post covers the story on how ‘Stronghold Technology’, a company that serves everyone with the desire to enjoy better coffee, has faced and solved a hacking attack.


[Interview] Why do roasting machines need security?

This post covers the story on how ‘Stronghold Technology’, a company that serves with a desire for everyone to enjoy better coffee, has faced and solved a hacking attack.
Q : Please tell me briefly about yourself.
A: Hi, it is a pleasure to meet you. I'm Seung-jin Jang, a leader of Embedded Software team at Stronghold Technology, who developed a smart coffee roasting machine.
Q : Is there any special meaning to the company's name,’ Stronghold Technology’?
A : Yes, it is actually a question that everyone asks (laughs)
STRONGHOLD has two definitions: ‘fortress, a large, strong building or base that can be defended from attack' or 'base of thought'.
So, our company name implies our vision to build a fortress where ideas are innovatively challenged to create an environment where advanced technology is affordable and enjoyable for everyone. Sounds very serious, right?
Q : Please explain about the mobile app service you are working with currently.
A : Our app is a unique service that is hard to see in the App Store unlike other apps.
It's because the app is built into our smart coffee roaster machine and distributed.
Therefore, the mobile app lets you control your smart roasting machine directly from your smart phone. The roasting process is to stir the beans until the desired state by applying the right heat at the right time.

To this end, we provide an app service that provides detailed control over components such as heat sources, motors, blower, and sensors.
Q : What is the most appealing part of your app service?
A : The taste of beans varies depending on the intensity, temperature and time of heating. So it's only a field where professionals with at least five years of experience can work in.

Everyone knows the fact that it's good to make coffee with the freshest beans which have just been roasted by skilled professionals; nonetheless most coffees shops use large amounts of roasting coffee because of the lack of professional staff and the high cost of the roasting machines.

By using our Stronghold Technology's smart roaster, even beginners can produce the quality coffee beans with desired state.

This can happen because our in-house roaster experts developed and programmed the roasting method, making it simple to roast with just a few touch. There's also a reproducibility function that mimics the roasting you did before, so you don't have to go through the same process again every time.

In addition, roasting records can be shared between users through web services. We are actually getting positive feeback from the customers because it created a community where people share their own roasting recipes.
The roasting records can be shared between users through web services.
I'm continuously receiving good consumer feedbacks since people are very enjoying sharing their own recipes in the community.

Q : It is tempting to hear that even beginners are able to easily use the machine. I would like to purchase it at home if I can. Is there a reason why you started this service?
A : The history of coffee is quite long, whereas the development rate of coffee roasting has been slow.
This is because people actually have to be infront of the machine every time they roast coffee and since the knowledge of roasting is unique for a few, it is only possessed by particular experts. Besides, the price of roasted beans is very high.

Beginning at these concerns, we, ‘Stronghold Technology’ was established to develop the coffee industry by creating a platform that allows many people to produce quality beans at affordable price and create a community where they share their own knowledge, tips about roasting with each other.
Q : Then, Seungjin, I got curious. Do you enjoy drinking coffee also?
A : Of course! I work for a coffee company, meaning I actually drink too much coffee. (^^;;;) Every time I go to the dentist, I get scolded by the doctor. (laughs)
I used to be an instant coffee maniac, but started drinking drip coffee since I joined Stronghold Technology. It's a great improvement.
Q : Can you share any memorable episodes, maybe a moment you felt worthwhile while working in the team Stronghold Technology?
A : I feel paid off for our team’s hard work the most whenever I hear compliments from the customers.
Recently, I had a chance to talk to one of our customers from in China and he told me he is very satisfied with our machine that he is still using our discontinued model from long time ago.

I can't describe the scale of joy when our technology is recognized.
Q : Have you ever experienced the necessity of app security? If yes, how did you solve the issue by LIAPP?
A : There was an incident when we mended the barn after the horse was stolen.

We had a prejudice that typical coffee roasters would not know or would have no interest in S/W and mobile app development.
Unexpectedly, however, we found that a customer was using our app by extracting and decompiling the file to bypass certain restrictions.

This incident has given me a deep understanding of the importance of app security.
(I learned later that the customer was an ex-developer from certain smartphone manufacturing firm and was running a coffee shop after leaving the company.)

Until then, I personally believed that H/W implementations can be replicated quickly by purchasing and disassembling the machine, but only the accumulated intellectual property could prevent competitors from chasing and overtaking.

In other words, I was thoughtless thinking that unconditionally blocking any approach and hiding the information of our app, which was created by years of our roasting experiments and research, would be the best barrier to our competitors.

Ever since, we've been distributing apps after applying app security solution to our app service.
We believed that a tight security approach to app information produced by our years of roasting experiments and research will be a barrier to our competitors.
Q : As an actual user, what do you think is the biggest advantage of LIAAP?
A : I like the part where LIAPP can be simply and quickly applied to an app. Moreover, LIAPP has very reasonable price which makes us to reach the product without budget burdens. We and LIAPP share a similarity in this sense.
Q : How do you expect the future of app security service industry?
A : My personal wish is to become an environment where original source code cannot be understood without a professional hacker because it is fundamentally impossible or difficult to decrypt the app.
But I don't think there is nothing we can do about it unless the Android platform will be used. (Code obfuscation is actually not enough...)

In fact, since we're not uncomfortable using the SaaS model that LIAPP provides, our company is very satisfied with the current LIAPP product. We sincerely hope LIAPP will show us the future of app security services (laughs).
I like the part where LIAPP can be simply and quickly applied to an app and its reasonable price.
We are very satisfied with LIAPP product and sincerely hope LIAPP will show us the bright future of app security services (laughs).
#android_application_security #ios_application_security #ios_application_security #source_code_hardening