Reverse-engineering APIs is a tech band-aid, not a strategy. It's like trying to tune a piano with a hammer. Legal ramifications aside, it's an unsustainable approach. Seen too many startups crash this way.
Totally agree itās risky if reverse-engineering becomes the whole strategy āļø But used intentionally, it can be a powerful way to learn, explore, or validate ideas-especially when official APIs are missing or limited. Itās not the endgame, but sometimes itās the spark āØ
Great breakdown! I used to use this technique for some of my old projects. The only problem with this approach is that if we want to create apps or workflows to sell, like in your example to help manage Substack: users need to provide a cookie, which they may be afraid to do due to security risks. But aside from that concern, we can create a lot of useful things to help grow Substack newsletters more effectively.
Thanks for the kind and thoughtful words - really appreciate it! šš» And totally agree that asking for cookies can be a blocker, especially for non-technical users. Curious if youāve come across any other ways to handle auth in setups like this? š
Yes!!! I had AI built a chrome extension for me to use locally. Most of my notes were scheduled, though to be fair, even with scheduling I still donāt post that much :)
Reverse-engineering APIs is a tech band-aid, not a strategy. It's like trying to tune a piano with a hammer. Legal ramifications aside, it's an unsustainable approach. Seen too many startups crash this way.
Totally agree itās risky if reverse-engineering becomes the whole strategy āļø But used intentionally, it can be a powerful way to learn, explore, or validate ideas-especially when official APIs are missing or limited. Itās not the endgame, but sometimes itās the spark āØ
Great breakdown! I used to use this technique for some of my old projects. The only problem with this approach is that if we want to create apps or workflows to sell, like in your example to help manage Substack: users need to provide a cookie, which they may be afraid to do due to security risks. But aside from that concern, we can create a lot of useful things to help grow Substack newsletters more effectively.
Thanks for the kind and thoughtful words - really appreciate it! šš» And totally agree that asking for cookies can be a blocker, especially for non-technical users. Curious if youāve come across any other ways to handle auth in setups like this? š
Enjoyed the walk through even though itās a lot for my non-technical brain š
Love it
This is exactly how I would figure out a hidden API :)
So there are two of us š Have you tried doing it before?
Yes!!! I had AI built a chrome extension for me to use locally. Most of my notes were scheduled, though to be fair, even with scheduling I still donāt post that much :)
And what do you use for scheduling now?
Still the same extension.