 |
|||||||||
|
|||||||||
|
|
So I just saw this on the Apple hot news site:
Let me just say it: We want native third party applications on the iPhone, and we plan to have an SDK in developers’ hands in February. We are excited about creating a vibrant third party developer community around the iPhone and enabling hundreds of new applications for our users. With our revolutionary multi-touch interface, powerful hardware and advanced software architecture, we believe we have created the best mobile platform ever for developers.
It will take until February to release an SDK because we’re trying to do two diametrically opposed things at once—provide an advanced and open platform to developers while at the same time protect iPhone users from viruses, malware, privacy attacks, etc. This is no easy task. Some claim that viruses and malware are not a problem on mobile phones—this is simply not true. There have been serious viruses on other mobile phones already, including some that silently spread from phone to phone over the cell network. As our phones become more powerful, these malicious programs will become more dangerous. And since the iPhone is the most advanced phone ever, it will be a highly visible target.
Some companies are already taking action. Nokia, for example, is not allowing any applications to be loaded onto some of their newest phones unless they have a digital signature that can be traced back to a known developer. While this makes such a phone less than “totally open,” we believe it is a step in the right direction. We are working on an advanced system which will offer developers broad access to natively program the iPhone’s amazing software platform while at the same time protecting users from malicious programs.
We think a few months of patience now will be rewarded by many years of great third party applications running on safe and reliable iPhones.
Steve
P.S.: The SDK will also allow developers to create applications for iPod touch. [Oct 17, 2007]
--------
While I am not one to say I told you so, let me just say I FREAKING TOLD YOU SO. When everyone was busy bitching and moaning about the lack of iPhone SDK, I remember clearly stating that the use of the Safari browser as the "development platform" was really a stopgap. There were too many ways in which an early-released SDK could backdoor and ruin the iPhone. The release date of February is actually earlier than I expected it - I expected it in April of 2008 to be honest.
What this means:
Here's the thing - Apple has made one of my favorite coding environments of all time (Xcode). If they can make Xcode be as useful for building iPhone apps as they have for building OS X apps - I will literally explode with pure freaking joy when I get my hands on that SDK.
Now begins the hard part - waiting until February. You can expect, nay, bet on, the fact that I will obsess endlessly over the SDK and hopefully dump a truckload of samples for it once everything is available and assuming there are no NDA issues.
Kevin,
Watch out Kevin, it's looking like you're in serious danger of having to
change your domain name :) We win everyone over, eventually :)
Paul,
All I have is theory at this point, since nobody knows what things will look like in February. However, my thinking is that signed applications for the iPhone/iPod Touch would require a certificate issued by Apple in order to be considered a valid app. I'm thinking that you will not be able to install unsigned apps on either device in order to ensure the safety of the devices and the network(s) on which they run.
Paul, as to your other question - I don't know. Will it prevent hobbyists
from getting little experimental hobby apps on a large quantity of iPhones?
Perhaps... But, I think anybody interested in making a profit on iPhone
apps will be OK with whatever hoops need to be jumped through in order to
get an app on the phone.
I don't mean to be rude, but you sound like you're new to this. It sounds
like you've never worked in a certed environment before. There isn't going
to be any "dev switch" you can flip on your consumer iPhone to let unsigned
code run. There isn't going to be any emulator. Here's how this is going
to work: There will be "development" iPhones that will not function on
production networks. Apple will produce these phones at a rate of about 1
per month, and will charge about $250k for each one. Even if your
development organization has $250k to drop on a dev unit your development
organization will not be allowed to purchase one. Only Apple's "Strategic
Partners" will be given the opportunity to purchase development phones.
You will develop your entire application with no access to a runtime
environment. 2 weeks before you're scheduled to go to cert, someone with
connections in your organization will receive, as a personal favor, 4 hours
of dev time on a dev phone at one of Apple's "strategic partners." This
will be the first time you ever see your code run, and you'll have all of 4
hours to get it working perfectly for the cert pass. After you go to cert,
you'll be told that you failed. You'll be given no feedback about why you
failed, which tests failed, how Apple's test environment differs from
yours, or what messages your app logged as it failed the tests.
I'm not new to this, and I have worked in a certed environment before. I
used to write code for very proprietary PalmOS devices.
To counter your point : here's how _I_ think this will work:
Fair enough. Like I said, I'm embittered by my experiences. Apple isn't
Broadcom, and while this isn't the cable industry, the telecom industry can
be just as old-skool as cable, if not moreso.
Yes, let's avoid me eating my hat.. though I do remember once in college
using my hat to hold a bag of Doritos...mmmm....Doritos... Anyway, if Apple
was really worried about people exploiting diffs in ROMs, they would've
made it harder to hack. As it is, it's only a matter of (short) time
between each iPhone update and when the hackers have a way into the
platform.
Why would you need ROM image. First the frameworks are cross platform.
You would test your app in your intel box and simply recompile.
What do you think those iphone hackers have done. They are using LLVM.
and have decompiled frameworks from the encrypted dmg image.
A simple emulator is all is needed to debug or test the app.
You're right... I actually meant to type "DMG" image instead of ROM. Sorry
about that. Running low on coffee today :)
Another possibility would be using a combination of an ADC user cert and a
phone-tied cert.
Each developer could use his (own) phone to sign the developed application
(you need to dock the phone anyway to sync the app to the phone). The
application would then be signed, but only run on that phone.
This would allow users to install themselves (with the appropriate warning
about costs due to misuse of gsm minutes, etc) while giving a significant
hurdle for widespread distribution. Each user must build from source and
have an ADC
account, etc.
When done, the developer can have a certified application created that can
be sold.
