Reverse Engineering APIs

588546210fcf916c39dafebdbb2ddbb5?s=47 mikz
May 30, 2014

Reverse Engineering APIs

Hacking Sonos and Bicing APIs with APItools.
ApiDays

588546210fcf916c39dafebdbb2ddbb5?s=128

mikz

May 30, 2014
Tweet

Transcript

  1. 5.

    Get in touch! hello@apitools.com Cases of study • ‘Hidden’ API:

    Sonos • Combining APIs: Bicing on steroids
  2. 11.
  3. 13.

    Get in touch! hello@apitools.com What else you could do? •

    Transfer song from Spotify to the Sonos • Backup playlists • Stream the music to remote locations • Vote the songs added to the queue
  4. 14.

    Get in touch! hello@apitools.com Case 2: Api aggregation Bicing +

    Google Maps Source: Carlos Mejía Greene https://www.flickr.com/photos/carlitos/3101121106/ CC BY-NC-SA 2.0
  5. 15.

    Get in touch! hello@apitools.com Improvements • Reduce transfer size •

    Reduce roundtrips • Improve accuracy by getting info from multiple sources • Improve API interface
  6. 17.

    Get in touch! hello@apitools.com Api Aggregation Mobile app Middleware Web

    APIs requests responses http://techblog.netflix.com/2013/01/optimizing-netflix-api.html
  7. 18.
  8. 19.

    Get in touch! hello@apitools.com How we improved? Size Savings Response

    time Original XML 131k ~0.7s JSON 80k 39% ~0.7s JSON with distances 91k 30% ~0.7s nearest 10 5k 96% ~0.8s
  9. 20.

    Get in touch! hello@apitools.com What APIs to combine? Hue +

    Google Calendar Google Maps + Foursquare Sonos + Last.fm Dropbox + Github Almost any, actually
  10. 21.

    Get in touch! hello@apitools.com What do we get from it?

    • As hackers we like to know what’s under the hood • Cross API • We can ‘discover’ hidden APIs. :) • It’s fun! • We can improve performance by aggregating multiple calls.
  11. 22.

    Get in touch! hello@apitools.com Special Treat Primavera Sound Festival 2014

    fake apps on Google Play Store real iOS app with a twist