Comment by gchamonlive
6 days ago
To everyone criticizing this project, you should probably dig a bit to find out what's the context of this project.
From the integuru page:
> We build integrations with platforms lacking official APIs. We specialize in low-latency integrations via reverse-engineering. All integrations are open-source.
So these warnings are probably wasted on someone that is very much aware of what he is doing.
I looked at the website before commenting just to be sure. Judging from the quality of the design (which, yes, I think is an appropriate way to arrive at this conclusion), I would not be surprised to find out that this is a couple recent college grads who don’t realize what this business entails.
> I would not be surprised to find out that this is a couple recent college grads who don’t realize what this business entails.
It's made by Y-combinator backed startup Taiki. The cofounders (who have names similar to the ones that made commits in the git repo) seem to be pretty experienced (Alibaba, and Amazon)[0]
[0] https://www.taiki.ai/about-us
> Judging from the quality of the design
Half of the respected users in this forum have websites like that.
Those simple, minimal css websites are trendy right now as a way to signal "this isn't a bloated business, we're practical and efficient". See ssi.inc for a high profile example
They claim it's a project by these people, who are YC-backed: https://www.taiki.ai/
> which, yes, I think is an appropriate way to arrive at this conclusion
it's not
Indeed. It also seems more like Plaid than ElcomSoft.
If this is indeed like Plaid, a simple clause in the README would put a lot of people at ease (I looked carefully for this before making my comment): This Unofficial API was built with the express written consent of Venmo (or whatever their LLC is called).
It’s an easy thing to add to the README if it’s true. But if it’s not, that’s a problem.
Mind providing a link so I can validate this? Plaid might have API providers' permission now, but did they at the start? I forgot to mention that I was talking about when Plaid first started.
Plaid use screen scraping which is why it breaks all the time. In terms of reverse engineering undocumented but official APIs, you’re thinking of their competitor Teller.
I was under the impression that they've built up much warmer relationships on the financial account side and correspondingly have more reliable integrations than they used to.
I've personally noticed it tends to break a lot less than it used to.
They have better integration with some banks, one which goes through an OAuth flow.
they can try to justify it all they want, using these apis still breaks multiple federal laws
i noted this in a previous thread with them, to which they replied if its your data you can access it which ever way you like. Which is like saying i can hack into my bankers computer remotely to view my account balance. Which is still illegal.
Using unapproved apis is unauthorized access to a computer or network, illegal in the US at least, which ever way you want to try and look at it
Remember both Plaid and Aaron Swartz did this, it can end if very different ways. Obviously the government can pick and choose who to send to jail, but that’s a risk
It's okay to break unjust laws.