Sourcecode Review of IntelliJIdea CE

Since Russia was starting a war against the Ukraine we realized that using Software and Services of Companies developing most of the stuffs in russia will be dangerous especially after the Russian Kreml Speaker declared that Company ownerships of western companies are starting from beginning of the blockade campaign of the Nato States to be a property of the Russian state.

In the same interview they declared also that their Cyber army will also start to be activated.

As a result it can be dangerous to use Jetbrains Software at the moment. Therefore we started now for the community a Code review of the Jetbrains IntelliJIdea Community Edition to help to decide which IDE should be used. We at Stueker Human Engineers are aware of the fact that many Java Developers are working with IntelliJ every day. Count as as our plan to make the world a bit more cyber secure.

We will state the status and the results of code review in this forum.

1 Like

After reviewing the Code we found no troll code inside. But. There is the Update Server. Updates can contain risky code. So with the update server possibly you can get malicious code later. The use of Software of Jetbrains contains the risk of malicious code while developed in big parts in russia. As long as they do not declare how they prevent from changes made on order of Russian government and coming up in Europe as malware I see a big risk of using Jetbrains Software. As I am by self Customer of Jetbrains it is a big loss for me but I am not sure that we can trust them. People which want to use it will find the community edition downloads on our Homepage. I will provide the link when everything is ready,

So we could not find any malware inside now. But we also can say: installed Jetbrains Software has an automatically Updating and can only installed with Online connection and has then also possibility to install patches without asking. It asks normally but - following to the code - they can switch exactly that off.
I could not find any problem in the code but I have always a connection to their Servers.

Asking me: use Netbeans instead. If you builded Swing Software with JFormdesigner you can still use the JFormdesigner Netbeans Plugin. The rest is - nearly the same

Seems a prudent choice to avoid Russian built software with possible automagic updates of unknown provenance

sucks but it is what it is for now

They may loose many customers over this time of war

Their Headquarter is in Czech Republic.

Where can I look up this information (JetBrains developed mostly in Russia)?

Okay they have 1500 employees in russia and 500 outside.

Look on their informations and read them carefully. They have small offices in many cities but the big ones are in Moscow, St. Petersburg and Novosibirsk. There are the development facilities and the main development is settled down there. They do not want to make this pubic but it is like it is.

Not to forget: I trust them that they do not want to do anything bad to their customers. But I know also that we are in a starting cyber war with russia. And this war is a complete different situation. Therefore I was moving my developments in Stueker Group away from Jetbrains. Nothing else. Everybody can decide for himself if he is possibly a target or not.

For me the risk is to high. I will start trusting them again when changed their development structure entirely.

Also their institutional contacts to universities are speaking a clear language: Inside Russia: 7 Universities (the main ones of russia) and outside 3 in Netherlands, USA and Germany.

So if you may have further questions I guess you can read and search by self.


In addition: the founders of Jetbrains are Russian. They went to Prag while it looks better than Russia for European Customers. But they where growing in russia to a Multinational Company with really many employees.

The point is: if they can still pay them: how can they transfer the money to russia and why they do not want to fulfill the sanctions of EU and United States? If they don’t pay them but they are still active: how can it be that they are operating without money from outside? I can’t see that there legal operations in russia are fulfilling the European rules in this time.

After a Discussion with Jetbrains Representative they realized by self that the situation with Russia is critical. Nobody from Europe or north America can pay debts to Russia at the moment and that makes the situation for the employees in russia critical.

Jetbrains is working on this situation and they will find a way out. So my Idea is: work with Netbeans if you feel insecure or if you see the risk for your properties. You can change back later without problems.

Since Jetbrains closed all Russian offices indefinitely I believe that it is possible to believe them that they will produce reliable Software. I still recommend to wait until using it for production while Jetbrains employees from russia having a deep knowledge of all of the products especially the Cloud based Products which are still possibly dangerous while the developers and Service staffs of Jetbrains in Russia can have access to all of these properties from russia.