1. The Camera+ secret cypher and hidden feature

    (If all you care about is what the link is and does, skip to the end. The rest of the this post is how I went about figuring out the cypher.)

    Earlier today, @taptaptap (the company that created the Camera+ iPhone app) tweeted the following:

    For those of you who like puzzles (and doors besides the front)… pnzcyhf://ranoyribyhzrfanc {this tweet will self-destruct in 30 minutes}

    Of course that URL makes no sense. Or does it? I figured they would have to make this cypher somewhat easy if the expected any lay person to be able to figure it out. It probably wouldn’t translate into a standard “http” link because there were 7 characters before the ://  Also, there were no decimals after the //, so I figured it wasn’t a standard website.

    The iPhone (and Safari in general) support special URLs besides the standard ones like HTTP and FTP. On the iPhone you can have your app register for certain URLs — when you open that link in Safari it will go ahead launch your app. There are seven letters before the :. “Camplus” also contains seven letters. We’re off to a good start!

    The simplest cyphers there are involve simply moving the alphabet a few letters (officially called “monoalphabetic substitution ciphers”). For example, to encrypt “rob” using a single letter alphabet “move”,  you look ahead one letter:  ”r” becomes “s,” “o” becomes “p” and “b” becomes “c”: spc.

    "c" and "a" are two letters apart and so are "p" and "n." After a quick calculation I found that both of these are thirteen letters away from "c" and "a." I found a website lets you quickly encrypt and decrypt these kinds of cyphers Once I plugged in the full alphabet rotated by 13 characters, voilà:

    camplus://enablevolumesnap

    Clicking that in your iPhone (assuming you have Camera+ installed) will open Camera+ and let you use the volume buttons to take photos! An official version of the app containing this feature was just rejected by Apple. Ironically, the taptaptap guys make a point of saying that several developers who have tried to sneak in features like this have been outright banned from developing apps ever again! I guess they’re going to take their chances. :)