Slashdot Mirror
Steve Jobs Announces iPhone SDK
An anonymous reader writes "It finally happened. Steve Jobs announced an iPhone SDK today. The plan is to release it in February, and the suggestion is that apps will need to be digitally signed (not unlike digital signing in Leopard). Here's hoping that developing for the iPhone/Touch will be cheap (or free) enough to allow the folks who have been writing apps to continue doing so. Says Jobs: 'It will take until February to release an SDK because we're trying to do two diametrically opposed things at once--provide an advanced and open platform to developers while at the same time protect iPhone users from viruses, malware, privacy attacks, etc. This is no easy task.'"
Better to be done right the first time a little late than cause serious security issues. Better press this way...
It makes me suspect that Steve was caught a bit flat-footed, if it'll take until then. If this was the usual Apple release, it would be a total surprise and be available Friday or something.
Of course, it could also be that it's taken them this long for events to prove to AT&T that resistance was ultimately futile and counterproductive. Hard to say, with that crowd.
I am the one true god. However, as an atheist, I don't believe in myself. I guess I have a self-esteem problem.
I think you should spell "surrender" instead.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Not likely. More likely your certificate will have to be signed by Apple which may in revoke it at any time. I would not be surprised if part of the delay is an integrating OSCP or some other form of pervasive certificate management into whatever goes for an app installer as well as preparing an OS update with this functionality. CRL checking at install is not something present in current OSX so they will have to add it to be ready to ship.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Considering that the iPhone's OS is a moving target, and the majority of the frameworks and private APIs have changed from 1.0.2 to 1.1.1 (which is why many third party apps broke between 1.0.2 and 1.1.1), I don't think it's unreasonable to wait until things on that front have stabilized before you start providing developers with an SDK.
:-/
I knew that most of the negative responses to this would be along the lines of saying that Apple was "forced" into doing an SDK because of the third party hacking community, when in reality third party development was very likely in the cards all along.
To further clarify, "malware" will consist of:
media players that support additional audio and video codecs,
anything that lets you install ringtones for free using your own licensed music,
anything that lets you make calls on alternative networks.
"Things are more moderner than before- bigger, and yet smaller- it's computers-- San Dimas High School football RULES!"
Isn't that the truth! It would be even better if Apple provided a glide-path to current developers to becoming "legit" so that they're encouraged to engage rather than fight. Apple really has no reason to be a jerk about it except spite. Unfortunately, Steve has proven that he's occasionally prone to that.
I am the one true god. However, as an atheist, I don't believe in myself. I guess I have a self-esteem problem.
Wrong.
I love all the people who are now going to say that Apple is only doing an SDK because the brave, innovative hackers who just want us all to be able to free our hardware have forced their hand.
Kind of like the only reason they have a battery replacement program for iPods was because of the Neistat Brothers' video, right?
Except that it would be wrong, on both counts.
For a device like the iPhone, Apple probably had SOME kind of SDK/third party development planned all along. But the iPhone's OS is still a wildly moving target, and it's not appropriate to have an SDK before things have calmed down with the OS APIs, frameworks, etc.
But if you want to believe that a statistically insignificant (yes, really - most people don't care, much less even know, about this) group of hobbyists and hackers have "forced" Apple to scramble to release an SDK, go right ahead.
I really cannot understand the whining of people who have been so vocal about this SDK, and now that all this gnashing of teeth has forced Apple to pre-announce, people like you come along claiming this is 'long overdue'.
The fact that Apple is a ~15k person company with a massive variety of products means that there must be focus. In part this slim headcount and focus is what allows Apple to produce really great products. (For comparison - Apple is now roughly worth the same, by market cap., as IBM, which employs around 300,000 people worldwide).
Think for a moment what a considerable development the iPhone is. Particularly the software, there is an ungodly amount of work and rework that has gone into producing the final product that you can pick up at the mall. The last thing that Apple was thinking about during the development phase was a clean documented publically available and stable API. No, you can bet that the iPhone API twisted and turned through the development cycle, massive rewritings, refactorings, and changes over a number of years. For Apple to release an SDK and API they have to be clean, stable, unlikely to change and break existing code - all of the things that during the development phase the internal API was not.
When releasing an SDK and an API, massive resources must be put into considering flexibility and change 2, 5, 10 years down the line. These things take time. Apple decided, rightly, to release a finished device this Summer. All the whining in the world (and I believe we got close to that) could not push Apple's internal API into a publicly usable stable state at that time. I think, considering that this is a brand new phone platform (not something like Symbian etc. which has been around a long time), waiting 9 months for an SDK is nothing, in fact, I'm amazed they've done it in less than a year. Mark though - Apple would have been mad never to have provided one, and personally I expected this announcement for WWDC'08, but I have found it astoundingly ridiculous how people have cried and whined about the lack of an SDK without thinking for a single minute. For crying out loud, it's been only three months. The only thing 'long overdue' will, hopefully, be the shutting of the mouths of all the incessant whining.
This sig has been deprecated.
Wow! Perhaps that will be one of the things that is addressed by the time third party apps are allowed, considering that they're not now? Could this perhaps be part of the reason (among many others) that third party apps aren't currently allowed?
I mean, I know it would be unheard of for an issue to be addressed or fixed on an OS that is clearly undergoing active major change and development (as is evidenced by internals and framework changes between 1.0.2 and 1.1.1) in four months...
Could the things that Jobs says Apple is working on to make the iPhone platform secure possibly include things like this, or does Jobs need to explicitly say they're addressing this exact problem in order for you to believe Apple might actually be working on the security of one of the most important and visible products in their history?
Remember how unwillingness Steve had been about native apps? He even went out on a leg to try and make Web Apps easy to get to by creating that apps repository.... Well it seems that the _large_ number of people who are jailbreaking their iPod Touches and iPhones to install third party apps have been heard. They probably weren't planning on releasing an SDK until Steve realized how popular native apps are/would be.
I never really understood the resistance to third party apps in the first place. The iPhone could not only take a chunk of the phone market, but it could take over the entire smart phone market. The same goes for the iPod Touch and the PDA market.
This puts me in a tough position though... I want a Touch right now, but what if Steve screws current Touch owners by making the SDK cost money? Or only allows for proprietary apps to be installable (locking out the Open Source developers)? or something else... hmmm
if it doesnt cost anything to sign an application (assuming the signature is only to establish who wrote the code and not actually certifying that it wont fuck with your iPhone or the network) then there is no reason to create unsigned apps unless you are writing viruses.
"In America, first you get the sugar, then you get the power, then you get the women..." -H. Simpson
Mark though - Apple would have been mad never to have provided one, and personally I expected this announcement for WWDC'08, but I have found it astoundingly ridiculous how people have cried and whined about the lack of an SDK without thinking for a single minute. For crying out loud, it's been only three months. The only thing 'long overdue' will, hopefully, be the shutting of the mouths of all the incessant whining.
Steve could have announced the SDK for February 2008 from the very beginning and you'd not see the bitter remarks you rant about.
The strategy Jobs uses for announcing products only when 100% done has its benefits with consumers, but developers hate when you cut them off and don't give them a clear roadmap for what to expect ahead.
Learn from this, don't just add another rant to the thousands.
Wrong.
I love all the people who think Apple (particularly Jobs) is some sort of prophetic visionary. They react to the market as much as any other profit-seeking companies.
Geek cred is a small but significant factor in tech gadgets and Apple knows this, given that one of the primary reasons for Apple's rising popularity is due to OS X, and one of the reason for OS X's rising popularity is the *nix code base.
That particular video may not have been the sole factor for the Apple's battery replacement program, but it was certainly part of the increasing public awareness of the defects in the Apple devices. However, (and I say this in deep admirations) Apple nevertheless found a way to extract even more money out of its blindly loyal customers while at the same time somewhat-sorta-maybe addressing the criticisms.
And your "moving target" theory is just BS. 1) OS X as a platform has been around for long enough, and Apple took pride in announcing that their phone and new iPod runs on the same platform, and being the first non-smart phone to require some 800mb of OS codes. 2) it didn't take lots of arm-twisting for Symbian, Nokia and (dare I say) Microsoft and other companies to release SDKs for their mobile platforms. While they may have varying validation protocols and so on, they didn't parade some random wild BS theory about their OS being "uncertain". Even Jobs wasn't saying this in his bit. If the API's have been settled, they wouldn't and shouldn't have released the product.
As usual, they were just testing the market to see if they can make even more money out of 3rd parties and customers, which is after all, the goal of every profitable company.
"The last thing that Apple was thinking about during the development phase was a clean documented publically available and stable API."
First of all, you're making that up.
But second of all, even if you are right, then Apple would have to be the dumbest development company ever. Here's a company that has a 30 year history of making products that have API's (yes, even the Apple ][ had API's of a sort), but on their latest computer, the one they saw had a huge strategic impact, they never gave it a thought?
Seriously, what you're suggesting is so ridiculous, that I'm guessing you're trolling or astroturfing.
My guess is there never was going to be a publicly available API, but Apple finally realized if they didn't make it available, they'd be overwhelmed by people who actually want to use what they bought in the way the want to.
Wrong again. If geek cred is so important, Apple would've made Apple TV a much better product, with DivX/Xvid support out of the box. But they haven't and they won't. Geek cred means very little to Apple. Gamers are a much, much larger market than geeks and Apple has never made the Mac a game-friendly or game developer-friendly platform. They don't give a crap about geeks or gamers.
Because if he announced there would be an SDK, but not until next year, some people would wait to buy it until then. The same reason Apple says noting about new computer models until they're released. Actually, I'm surprised they announced the SDK early at all.
Every time one of these stories comes out I point out that the situation will be the same as with the iTunes SDK: to get the SDK you'll have to sign an agreement that gives Apple veto power over your application. Every time people flamed me. It still looks like I'm right.
Anything they don't like, gone. They say its to protect users from spyware and other forms of malware but it'll be used to eliminate anything they don't like. Just like there isn't any decent music sharing functionality in iTunes, there won't be anything on the iPhone that doesn't settle well with the ultraconservatives in Apples Ivory Tower. Instead you'll get crippled functionality, like music sharing with ridiculous limits on the number of people/playbacks per day. As if all of their developers and customers are children who can't be given responsibility. Children don't own copyrights, so they don't need the discretion to share music beyond what Apple believes is "fair enough."
People are still going to flame me saying that we should wait and see. Well, I've been waiting and I see no way to set an mp3 on your iPhone as a ringtone. Is there any reason not to give this functionality other than to protect Apple's new ringtone business? Why would any reasonable person believe that Apple won't do the same thing when granting ISVs permission to deploy applications on iPhone?
The argument that phones are somehow more vulnerable than any other network connected computer and need to be controlled by a central authority is specious.
"Crouch down and lick the hand that feeds you. May your chains rest lightly upon you..."
Let me get this straight. Apple released a product that contains an operating system that's still in alpha?
No. Their OS works well and will have passed QA before they shipped. Like any humans, Apple make mistakes, but they generally at least try to adhere to "it just works".
They ported their (stable) OS to a new architecture. The internal developers put up with the codebase (with any extant foibles), and they wrote a completely new UI framework (based on, but different to, Cocoa). They did sufficient QA to get the built-in applications working correctly, and then shipped the device, hitting their target.
Now that it's out, and there's less pressure, they've been tidying it up, and polishing the UI framework, the compilers, any OS routines, and they've announced they're opening it up to 3rd parties. Presumably this means they've been patching the areas they worked around internally.
There's nothing too surprising in any of the above, in fact I'm surprised the "official" SDK will be available so soon. Porting an OS and writing a good accelerated UI framework is a non-trivial task.
Simon.
Physicists get Hadrons!
"Instead, now we have hackers who have already worked on third-party native apps, there's all kinds of web-apps to keep those who won't jailbreak busy in the meantime."
Give me a break. Sorry but that is uber spin of the worst sort. Apple didn't tell anyone that they where going to release and SDK to encourage development! Sorry but one of the reasons I didn't buy an iPhone was the lack of an SDK. Do you really think that anyone said "I really want more apps on the iPhone but since they are not going to release and SDK will get one now instead of later!"
Good heavens!
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Perhaps some faction at Apple truly thought that web-apps would be enough. Or they couldn't release an iPhone, Leopard, and a SDK all at the same time. Or the web-based SDK was a trial balloon, floated to see if they really needed to do all of that work after all.
Any sect, cult, or religion will legislate its creed into law if it acquires the political power to do so.
[flame]but, but, but! Apple can't get viruses? They say so in the commercials![/flame]
You have confused two very different things.
No one is saying OS X *cannot* get viruses. There are always security holes.
What we are all saying is that you *don't* get viruses, because there are none. Pick your reason - better security model, faster TTF (time to fix), smaller marketshare - the thing is there are no viruses in teh wild to catch right now. That may change but that's how it is currently and has been for years.
Until you can understand the distinction between security flaws and active exploits, you really should refrain from commenting on anything security (or even Mac) related.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I think you are partially right, that the iPhone is still in flux, and thus difficult to make a real API for. But I also think that the more important point is that since the iPhone uses the MacOS X kernel and lower layers that the same team that was working on the iPhone also has the 10.5 rollout on its plate, and so has not had time to work on the API for the iPhone.
Notice the timing: the MacOS X development team is just winding down from the marathon to get MacOS X 10.5 out the door, and so now are available to do things like this. Personally I think that February is pushing it a bit for this. I was surprised that it would be so soon.
Apple doesn't use signing the same way Microsoft does.
/exact/ same app instead of popping up a dialog asking: "The app changed, and wants permission to access passwords the old version stored on your computer, are you sure this app was updated and should be allowed to read them?"
Microsoft tries to use signing for trust, which is usually a bad idea, because it leads towards the whole model of 'pay me to trust you so our users trust you' that Windows and Windows Mobile currently have.
Apple's Leopard signing is closer to a SHA1 hash + signature for validity of application updates. If version 1.0 is signed, and version 1.1 is correctly signed using the same private key, then OS X will treat the two versions as the
And if the signature becomes invalid, the application can no longer access your keychain passwords, meaning a virii-infected signed app will actually be blocked from accessing personal data it had permission to access just moments before.
Signing for trust and signing for validation are two different problems, and come with their own pros and cons. Not saying Apple is innovating here, but that the purpose of signing is quite different, and provides different benefits.
You can't take the sky from me...
You can't take the sky from me...
Agreed. Best rebuttal of the thread. Mod +5 Informative
"Time is nothing; timing is everything."
But if you want to believe that a statistically insignificant (yes, really - most people don't care, much less even know, about this) group of hobbyists and hackers have "forced" Apple to scramble to release an SDK, go right ahead. So if they were planning it all along as you assert, why did they wait for 3 months after the release to announce it? It's not like they're saying "Here's the SDK right now! Surprise! Have at it!". They announced it'll be available in 4 months. You don't make any sense. One of the biggest blemishes on the iPhone release was the lack of third party apps. Every review I've read of the device has slammed Apple for it. All that they had to say to get rid of this was to say "The SDK will be ready in February" and all of that criticism disappears. But they didn't.
I don't believe that the hackers were solely the cause for the SDK, but make no mistake, market pressure forced Apple to capitulate. They weren't planning this. They were blindsided with negative press and pressure from their customers and potential customers. At first they attempted to lay this at the feet of AT&T saying that AT&T was concerned with network stability, but that proved to be a big pile of BS, as evidences by AT&T's software development site assisting in software development for every phone in it's lineup except Apples.
And to say that the Apple battery replacement program wasn't directly influenced by that video... well, I see you've drank a little too much of the Steve Jobs Kool-Aid. Enjoy the dreams that he's told you will come.
by Mike Buddha -- Someday the mountain might get him, but the law never will.
Sure, Artie MacStrawman will, but the sophisticated fanboy will make two points:
1) Sometimes Microsoft actually gets stuff right before Apple. For example, until 10.4, OS X only had UNIX-style permissions, which are inferior to NTFS-style permissions. But,
2) How things are put into practice matters, too. Microsoft has had a good permissions system in place since, what was it, NT 4.0? However, it wasn't until Vista that Microsoft actually started, you know, using them on consumer systems to separate users as has been done in Unix forever.
So yes, sometimes MS is ahead of the curve, like with this applications signing thing, but the question is how are these things put to use? Has MS used application signing to prevent security problems? Pre-Vista, the answer was no. I don't know enough about Vista to say if they're being put to good use now.