A followup about Error 53

Today, Apple released at least one statement which describes Error 53 as a factory test which was never intended to be released to customers – apparently, while disabling Touch ID was intentional, bricking the phones was not.

The article giving this information is http://techcrunch.com/2016/02/18/apple-apologizes-and-updates-ios-to-restore-iphones-disabled-by-error-53/, and it and others have referenced Apple’s KB article https://support.apple.com/en-us/HT205628. Apple’s article makes no mention of error 53 being a factory test, nor of reimbursing out-of-warranty replacements.

I don’t quite know what to make of this. I’m certainly willing to believe that it was only intended as a factory test and that bricking was never intended; it seems far more in line with Apple’s general attitude. And despite the justifications I offered in my last post, I’m not surprised that it was possible to not brick the device while also maintaining reasonable security. I’m actually gratified to find that Apple had never intended such a blatantly awful UX. I have plenty of complaints about Apple’s UX in recent times, but nothing measured up to abruptly bricking devices without warning. It’s also extremely plausible that a measure such as that might have escaped QA, given that it’s an expected error when not seen in the wild.

At the same time, it took Apple quite some time to respond, to the point of a class action having been filed. Most likely that’s due to the sensitivity of the issue, especially in the wake of the recent well-publicized court order directing Apple to break a particular iPhone’s encryption. Certainly the existence of that issue only makes the timing more interesting.

I’m not trying to accuse Apple of anything here; I’m personally satisfied with how they’ve handled the Error 53 situation. While I favor “right to repair”, and strongly dislike the trend towards hardware that the customer doesn’t effectively own, security of a device carrying important data in the context of the infamous gullibility and technical inexperience of the majority of users is a knotty problem at best and Apple is walking a fine line with relatively few missteps (though the “few” here is a long, long way from zero). What I do wonder about is what more there is behind some of the decisions that were made, and the timing of those decisions. If nothing else, it’s a matter of curiosity.

A short rant about Error 53 and why it exists

So I went on a bit of a tear at some people I know when they were complaining about Apple’s implementation of Error 53, which (to the best of my understanding) bricks iPhones which have been detected as having a third-party repair performed on the Touch ID sensor. Here are the highlights, slightly edited for language.

EDIT: A number of people have asked why Apple didn’t disable just Apple Pay and leave the rest of the phone functional. Technically speaking, I can’t do more than guess at the details, but it’s my presumption that this is the only way they could prevent jailbreaks and other “the user will do any stupid thing rather than actually listen to security warnings” (the effect of user arrogance on security is a whole separate issue from user ignorance that I’m not going to get into) from getting around the error, which would have rendered it useless. If there was any workaround for the error, the protection would effectively not exist, and then all Apple’s done is made themselves the target of more “annoying popups” complaints. It’d actually be worse PR for them than Error 53 is now! Once again, I am 100% in agreement that the user experience is abysmal and could have been dealt with far better, even within these technical constraints. But it’s still my guess (and again, I do not speak from any position of actual knowledge whatsoever) that disabling just Apple Pay wasn’t a viable option.

And let’s not forget, the data that’s being guarded here is in the Secure Enclave. That means your fingerprints, which are biometrics you can’t (practically) change, and your financial data, which one typically suffers from exposure of even in the best case.

Here’s what gets Apple to do things like this: USERS ARE STUPID! Given the choice, users will do the wrong thing almost every time, especially with respect to security. It’s the same reason Windows Update is now mandatory in most Windows 10 setups despite the screaming about it!

Now granted, I do agree that error 53 should not cause an absolute brick, as it seems to. But I absolutely 100% believe a measure like it is absolutely reasonable.

Here’s the problem – Let’s say Apple doesn’t do this, and someone does break the system and steal a bunch of money. Who are users most likely to blame? Apple, of course, for making a weak system. ​Any one person might individually think to blame the malicious third-party, but I will tell you now it has been proven through harsh experience that the overwhelming majority of users will blame the manufacturer for not making the device more secure!

Apple can suffer the blame for being secure more than it can suffer the fallout from not being secure. Same is true of MS and Google.

I know just enough about how iPhones work to wonder if maybe bricking is literally all Apple can really ​do​. For all I know, if Apple lets the device boot ANY level of the OS, even with passcode security enabled, a compromised sensor could very well then have enough to work with to trick data out of the secure enclave/element (whichever it is!).

At this point it was suggested that Apple could add a slider on the Error 53 screen which warned the user that Apple was not responsible for the consequences if the user chose to continue. To which I said:


Because every single user will instantly slide the slider. And you’re back to “well Apple didn’t actually do anything”.

In fact, the malicious third-party will just say “you’ll get this warning after the repair, don’t worry about it” And ​legit third parties would have to the say the same! So you’re back to the problem of trust model.

You must predicate everything you do in the name of security on the presumption that users are hopelessly lacking in knowledge.

They ​WILL​ be socially engineered into giving up credentials.

They ​WILL​ be socially engineered into turning off security features that give them even a moment’s annoyance even just once.

They ​WILL often do these things without any need to be prodded into it.

They ​WILL follow arcane, complicated, meaningless-to-them instructions to disable some critical safety features just to get a happy kitty running around on the lock screen instead of a static wallpaper. Don’t think so? What do you think jailbreaking ​is​?

The only way to fix this is to deal with the ​FUNDAMENTAL​ failures of the entire model of tech. Tech is not designed for people who don’t understand it. It never has been, it still is not. That includes the iPhone and all things like it.

Look at a different field, like finance – credit card debt is companies designing an entire industry around the predication that users are stupid.

Look at, say, being an electrician. I personally don’t know more than the basics of electronics; I couldn’t tell a three-phase power line from a one-phase with an illustrated freaking diagram. BUT I DON’T HAVE TO, because the person who wired up my apartment didn’t leave all the wires hanging around outside the walls, and there’s insulation on my power cables!

Computers, right up to and including the iPhone and similar, are effectively designed with all the live wires hanging out.

So that’s basically my opinion. All of my opinions are very much specifically my own, they don’t represent those of anyone I have ever before, do now, or ever will work for. If they did, I’d probably be a lot more critical, because I’d have to worry more about looking biased. I’d be pointing out more forcefully how Apple has a lot of problems about listening to what users want, same for Microsoft.

But when you get down to it, none of it is a problem with any one company or piece of technology. Apple is just the latest scapegoat in a debate that has more to do with the fact that society as a whole has a broken trust model than anything about who owns what. Could Error 53 have been handled better? You better believe it could have. But it’s a relatively reasonable solution in an overly complicated world where you effectively can’t trust anyone to know what they’re doing.

Rosyna Keller

By now, many of you have no doubt heard of Rosyna Keller and the problems that he’s suffered. He wrote about them today; the full post can be found on Medium at https://medium.com/@rosyna/the-horrors-of-extended-stay-debilitating-depression-and-a-plea-for-help-c450425fb9ec. (If you can help him, please take a moment to go to Paypal and send what you can spare.)

As Michael Tsai’s blog post on the subject shows, there are many of us who know Rosyna and what he’s done for the Mac developer community. But there are also many who don’t, so I’d like to explore it for a moment from my own perspective.

Michael Tsai writes that Rosyna is “an enigma”, and that’s certainly true. I was only barely aware of him at the time when I benefited most from his work. He was the brilliant mind behind APplication Enhancer (known in the dev community as APE) and the outstanding haxies made by Unsanity. (He was not, to my knowledge, the sole person involved in the development of those projects, but his role was considerable.) My personal favorite had to have been ShapeShifter, a tool which allowed users of Mac OS X back in the 10.5 and earlier days to heavily theme their installations. WindowShadeX, Xounds, and Mighty Mouse were also staples of any Mac install I used. I credit the availability of these haxies with keeping me from souring entirely on development in general at that time in my life- they allowed me the chance to get used to OS X, without losing the sense of flexibility that the older MacOS had.

Those of you who were around for the pre-OSX era are probably scratching your heads about now and wondering what I’m talking about. The truth is, I was simply much younger, and the ability to make my screen change to the colors I wanted after getting stuck with the stupid that was Aqua was really important to me!

Even more than that, the very existence of APE grabbed hold of my imagination – and let me remind you that I would never have known what it was if not for the haxies and all the work Rosyna put into Unsanity. At the time, I was a great amateur as a developer; I knew very little about what was really going on in the system. Many who know me may find that surprising, given the study I’ve made of exactly that subject and in light of my work on OS X Internals, but it was things like APE which put me truly on that track.

In short, while Rosyna can’t be said to be solely responsible for my career, his work was a major factor in making what I’ve accomplished so far possible.

Of course, all I knew about this “Rosyna” back then was that it was a name associated with Unsanity. I never really read the blog, I had no knowledge of the history of the person or the company, and when the haxies stopped coming, a lot of it all faded from my memory. It wasn’t until several years after that I ran into him.

And even then, I didn’t know who he was for a long time yet. All I saw was someone who, despite his obvious misery, reminded me a lot of myself in many ways. It’d be a lie to say I’ve ever been through what he has, but he was a person who made sense to me on a personal level. There aren’t a great many of those; the majority of my relationships are largely or entirely professional.

Imagine my amazement when I finally learned he was the (to me, at least) legendary Rosyna of Unsanity! The symbol of the magic that could be wrought within the machines before me, if you’ll allow me the conceit. Again, while he wasn’t the only inspiration I ever had, he was certainly an important and memorable one, even if I didn’t realize it for a long time.

I learned in that time that it wasn’t just Unsanity that Rosyna was known for. He is a diligent researcher, a person of great insight into the workings of these machines. He has solved problems no one else could. He has helped any number of fellow developers and fellow people when he could, and with more patience and compassion than some of the most famous minds of our generation.

And for this, he has ended up with the burdens he’s described.

In the time that followed, I lost touch with him for a while. When I was lucky enough to connect again, I found him in the precursors to the troubles he described in the Medium post.

Through everything, Rosyna has remained a person who keeps hold of the things that, to my limited knowledge, fascinate and cheer him. He has his eyes on the things that are happening, and while his choices of what matter may seem strange to some, he has rarely if ever Tweeted or otherwise remarked on something that I didn’t find at least momentarily worth my attention. And for me, that’s saying a lot.

In depression, he’s never lost hope. In turmoil, he’s reached out for help, a strength that I’ve failed to find in myself many times over. In the extremity of fear and oppression, he’s spoken out for himself and risked asking the kindness of a community infamous for narcissism and elitism, and in doing so, proven that that very infamity is undeserved.

I can only hope I would have half the strength in me that he does if ever I found myself in his position.

If you are reading this, I ask you to reach out to Rosyna and help him. Even if all you have is a kind word – they do not fall on deaf ears.


It’s been a long time since I wrote here – well over a year, in fact. I imagine most of those who still follow this feed are expecting the answers to some pretty obvious questions. I’m not here today to talk about those, but at the same time, I think it would be unfair to leave them unacknowledged. Therefore:

  • Yes, I’m still working on the OS X Internals book. For various reasons there have been some delays (to say the least!), but the project is not dead or forgotten. More will be said on this subject soon.
  • Yes, I’m also still intending to finish my port of Missions of the Reliant. For several of the same reasons, that got very back-burnered, but I haven’t left that project behind either.

With that in mind, I turn to the subject that first inspired this post: C.S. Lewis’ famous Chronicles of Narnia. WARNING: SPOILERS FOLLOW! If you are one of the unlucky souls who hasn’t read the books but wishes to, don’t continue!

I had occasion of late to run across the debate regarding whether the original Narnia books should be published in story-chronological order (based on the timeline of events in the novels) or original publication order (based on the order in which Lewis wrote them). I therefore did a little research on C.S. Lewis’ own opinion on the subject, and it seems to be generally accepted that he said they should be read in chronological order.

That, as close as I can understand the information I’ve found, is not what he said.

What he said (again, limited to what information I’ve found with my lackadaisical efforts) was that he personally liked that order, but that it doesn’t really matter. That it’s a matter of preference on the part of the reader. There’s also some mention that the idea of putting a numbering on the books in the first place was based on the demands of American publishers, and never intended by him at all.

I like that point of view. Personally, I’m ecstatic that my first copies of the books were presented to me in publication order, and that I read them in that way. It is my opinion that everyone should read the novels that way the first time, so that they can experience the gradual sense of revelation that culminates only in The Magician’s Nephew, rather than coming into it (as one Amazon reviewer quite astutely put it) already knowing about the lamppost and the Professor and the manner in which Narnia began. After you’ve seen it that way, you can read it after that however you like – I’ve gone back and read it both ways, and I’d be hard-pressed to decide which I prefer now that I already know the secrets.

But then that brought me to another point of contention I find often with Narnia. This is one that I encounter in many other series as well (Wheel of Time, in particular, comes to mine), and it’s another one to which any answer must be considered subjective at best: How to interpret the story.

It’s largely accepted as fact that Narnia is an allegory for various events described in the Christian faith – that Aslan, the magical lion, the Son of the Emperor-Over-the-Sea and the one who both calls Narnia into being and sinks it into its final eternal night, is meant to represent Jesus. That the progression described of how the children experience that world is representative of growing up, and there’s a whole separate debate as to what’s intended by Susan’s absence in The Last Battle.

I am not here to stir up a religious debate. I have no interest at all in questioning the allegory, any meaning it might carry, or anything of the kind. What I do want to comment upon is the oft-seeming requirement that the existence of that allegory be acknowledged by all readers.

As a child, one who was not raised in the Christian faith, I had no understanding of the allusions made in the text. Aslan was to me simply a kindly, if often stern, magical creature. The mysterious Emperor-Over-the-Sea was only a name, one about which we never learned anything. And when Aslan closes the door at the end, what I saw was a world whose time had come, and that they’d gone to another. In short, I accepted the universe of Narnia on its own terms, without reference to anything else at all. It had never occurred to me to consider that it was similar to any other story. Indeed, even now, many years later, I only barely understand a very few of the references!

No one has forced me to accept that this was not C.S. Lewis’ intention. It’s not, in fact, clear to me what his intention was! But nonetheless, it’s cited so often that I tend to feel like the idea of enjoying it by itself is lost in the noise, and I find this disappointing. I think there’s great value in both ways of seeing the story, and I only hope that the people who speak so much about its likening to Christianity feel the same. I prefer – and remember, this is my own opinion, with which no one else has to agree – to see Edmund’s betrayal and redemption stand on their own, to see the coming of Father Christmas as simply a manifest of the joyful spirits that come with such a world. For Susan’s absence to be simply a matter of luck (good or bad), and not say anything about who she was or what she did (am I the only one who spared a thought for the pain she’d end up living through, back in the so-called “real” world?). And for Aslan’s description of the relation between him and the vulture-like Tash to be significant only of a particular way of working magic.

That’s not to say I want to set aside the meaning of the story, or sidestep the issues it raises. It just means I want to be able to appreciate it for itself in addition, and I hope that there are others who agree.

This has been my rant about Narnia. I hope you will find it not entirely foolish.

Addendum: I always adored the Wood Between The Worlds. I’ve yet to ever encounter a more appealing representation of the concept of a De Sitter Space.

Simple bugs, difficult explanations

I was reading this excellent post from Mark Dalrymple, which links to an older post of his about a bug.

I know these trials of debugging quite well, and his posts reminded me of a particular bug I tracked down a few days ago; it was what Mark would call a “Five-Minute Bug”, but only because at the last moment, I had an epiphany that required so many obscure bits of knowledge that I was shocked I’d seen it at all.

Find the bug:

Pygmentize not found.

This made no sense at all. The function clearly returned 1.0, yet the thing variable equally clearly contained 240000.0. Here’s a hint: It’s not a compiler bug, a need for a clean build, anything wrong with the executing CPU, or related to Objective-C in any way.

Figured it out yet?

The key was a compiler warning that fired in the header file. It said “Warning: No previous declaration for DoSomethingInteresting...“, and was truncated there by Xcode. As with so many other warnings, the eye tends to slide right by it. But this was the problem.

Understanding why requires knowing one of C’s odder quirks, a throwback to the K&R days before there were such things as function prototypes. A function without a prototype or explicit declaration is assumed to return int.

With that in mind, the impossible return value suddenly makes sense. The compiler was effectively doing this:

Pygmentize not found.

But to know that, you’d have to know about details of how compilers pass and return function results, quirks of the C language itself, and what happens when you pretend a float is a int. These aren’t casual things that every programmer just knows, although they probably should be.

For those of you who know the ABI and are wondering, yes, on various architectures a floating-point return value should’ve been coming from a different register than an integer one. It doesn’t matter; the value is either converted wrong or coming from the wrong place, and either way it’s wrong.

And the moral of the story is, this is why I use -Weverything -Werror when I can.

Twitter just said “stalking is okay by us”

UPDATE: Twitter reverted the change to blocking after the immediate backlash. I’m not the least bit impressed – their post shows no awareness of the problems with their approach, and continues to make the case for letting harassers harass. It’s clear they reverted purely for PR reasons, and I have no respect for that attitude.

My Twitter feed has been abuzz with the comments of people (including friends) unhappy and even terrified by Twitter’s new changes to the “block” function.

A lot of people have replied, claiming that the changes are for the better and don’t change anything. They couldn’t be more wrong.

By changing “block” to “ignore”, Twitter is effectively saying, “if someone’s bothering you, we prefer that you just ignore what they’re saying, rather than making even a minimal effort to make them stop.” As any victim of sexual harassment of any severity, not to mention any child who was ever told “just don’t react to the teasing and they’ll stop”, could tell them, this doesn’t work. It makes the abusers, the stalkers, and the harassers more bold.

Yes, they could still sign out or make secondary accounts to get around the block, but there was at least a first line of defense before. A lot (I won’t say a majority, but in my experience many) of these people will not go to any great effort if you block them, out of laziness or lack of caring. Those who do can be blocked on secondary accounts, and their mischief is limited when they’re not signed in. But now, they’re free to just stare at what you’re doing all the time, and your only recourse is to not be aware that they’re doing it.

Twitter, this is dangerous. It is victim blaming. It encourages abuse, and it apologizes for the abusers. Revert these changes before there’s a story about some poor soul who was successfully assaulted because they thought “block” meant what it said and couldn’t see the warning signs.

For more information and thoughts on this subject, please check Ashe Dryden‘s blog and Twitter feed. No one has said it better than she has, certainly not me.

Full disclosure: I have never been a victim of harassment on Twitter, before or after these changes. But now, if I ever am, there’s less I can do about it.

The OCDepend saga continuums

No, the title isn’t a typo. Kudos to those who get the reference.

I received yet another response from the people at CPPDepend, and this one was both detailed and featured consideration of each of the objections I outlined in my previous posts. I am again impressed with their communication.

While I still can’t recommend the product, I’d like my readers to consider that my lack of recommendation is purely a personal choice on my part not to make use of this kind of tool, and I have no complaints left about their presentation that they haven’t addressed. I haven’t looked at the tool and I’m not qualified to say whether it’s good or bad. In short, I encourage people to look at it for themselves and make their own decision.

Come to think of it, I always encouraged that, I just had a stronger opinion of my own before. I don’t have it anymore, so just in case anyone was crazy enough to listen to me, stop it! :) I’m actually gratified to see a company out there that pays attention to and answers complaints like mine.

Obligatory disclaimer: I have received no compensation, monetary or otherwise, for posting this article, blah blah blah blah blah something something something.

More about OCDepend

A few hours after I posted about the email I got from CPPDepend, I received this response:

I read your interesting feedback about our product posted in your blog, and what can I confirm is:

- It's not a spam, this mail was sent to only 3 people, that we consider they have a good Objective-C skill to have their valluable feedbacks.
- You are right some effort must be done for OCDepend in our website.
- Maybe I'm wrong but I dont think that OCDepend features exist in XCode, for example CQLinq is a powerful tool to request code base and enforce its quality.

If you have time to test the product it will help us a lot to improve the product,

Best Regards.


Here is my response:

Hi Dane,

Please note, in the interest of full disclosure, that I have also posted this response on my blog for my readers to see.

First, I’d like to say that I’m impressed. Not everyone would bother to take the time to respond to comments like the ones I made, and considering how “form letter” the first email was, I’m doubly gratified to see a personally addressed response the second time around.

I’m still somewhat troubled that the original email read very much like marketing spam. Thank you for contacting me and for considering my opinion valuable, but in my opinion, sending a generic email that doesn’t say anything about why I’m receiving it or give me any sense that it was even intended for me is a very poor way to ask me to review your product. Since you did take the time to respond to me, however, I will offer these additional thoughts:

The value of the pro license you offered in your first email, USD $500, is by itself something I would not recommend to any Objective-C developer in the first place. Mac developers, particularly the smaller ones like myself, are not as used to such high-cost licensing schemes as you’ve probably come to expect from your Windows customers. I certainly wouldn’t consider buying something that expensive unless I had very certain and solid proof that it was going to save me a significant amount of time over the tools Xcode already provides.

Without actually looking at the product itself (and I’ll emphasize to other readers, I have not looked at OCDepend itself and can offer no direct judgements about it), I have browsed your website considerably, and I have to say again: It is entirely lacking. As a developer, I read the phrase “CppDepend and OCDepend are based on Clang for more reliability.” and immediately dismiss it as nonsense. It turns me off, severely so. Basing something on Clang does not intrinsically make it reliable; it only means you have access to the exact same system upon which modern versions of Xcode are built! And Xcode itself shows that it’s extremely possible to be based on Clang and still be horribly unreliable.

Your cited feature that makes OCDepend so much better than Xcode is this “CQLinq” language that allows for querying of my code. To what end, exactly? To “request code base”? Assuming I understand your intended meaning, this means I can get information about my code in query-language form. I presume “enforce its quality” refers to something like putting this query language in a Git commit hook or other such script to check that conventions are being followed. Your website cites CQLinq as being “for maximum flexibility”, which is meaningless if it’s actually your flagship feature; that phrase makes it sound more like an add-on for advanced users. I don’t mean to make light of your English, and if I’m doing so, I apologize, but I can’t see what this feature is meant to do for me. Your website gives the following example:

from m in Application.Methods  
where m.NbLinesOfCode >  30  && m.IsPublic
select m

Which returns all public methods longer than 30 lines of code. So, I have to learn a new domain-specific language applicable solely to your product in order to do something that’s ill-defined at best to begin with. What is a line of code? Do blank lines count? Lines consisting only of an opening or closing brace? Comments? Preprocessor macros? Macros that delete code under certain conditions? To say nothing of the fact that Objective-C doesn’t have the concept of non-public methods.

CppDepend also advertises its ability to compare builds. Any developer who needs to do this is almost certainly already using Git or Mercurial (or some other VCS) to do so for free. For tracking builds in the wild there are such tools as HockeyApp, Crashlytics, and TestFlight. CppDepend’s dependency graphing already exists in Xcode, and quite frankly, most of its other features for code quality look like something of interest purely to managers more concerned with metrics than functionality. No developers with whom I’ve ever personally worked in Objective-C (my personal experience only, that of others will almost certainly differ) have worried about metrics like these. They’re more the subject of The Daily WTF articles!

In summation, from what I can see without downloading your product, I can’t imagine I’d ever give it a second glance. It is obviously true that my experience may be atypical, that there may be much more useful features in your product that are not listed on your website, that I’m simply in a bad mood today, or any number of other explanations for my disinterest. I remain very much open to being proven wrong, and I look forward to that possibility, but as it stands I could not recommend this product to anybody (again, for those others reading, I haven’t in fact downloaded it at all, so take it with a grain of salt). I would see the price tag and immediately veer towards the tools I already have unless yours could quickly and convincingly show me that it was better for the job.

— Gwynne Raskind

A short note on CPPDepend/OCDepend

This morning, I got an email from someone purporting to be from something called “OCDepend”, which turns out to be some kind of tool for using Clang to analyze Objective-C code.

Basically, the static analyzer with a bit of GUI and a LINQ language for looking at your code, from what I can tell.

There’s not a single screenshot of the Objective-C version on their website, and I’m not about to download a tool which:

  1. Is so desperate that they’re sending out free pro license offers to random people with an email form letter in hope of a good blog review.
  2. Has absolutely no documentation on the website, which is purely about the C++ version of the tool for Windows.
  3. Sends the aforementioned email from an address which appears nowhere on their website but at the same time isn’t a personal name; it came from just “developer”@.
  4. From what I can tell, duplicates functionality that’s been built into Xcode for some time now, and provides nothing else beyond a query language for information that Xcode also shows.

I would strongly suggest to these people that they look over their marketing and consider carefully what they’re really providing to their supposed Mac customers before sending out unsolicited emails with bad grammar and poorly qualified From addresses.

P.S.: I looked over the email carefully and it doesn’t appear to just be random spam, but if it is, my apologies to CPPDepend.

P.P.S.: The full text of the email I received, in case someone can tell me I’ve lost my mind and/or am overreacting:

Return-Path: <cppdepend AT gmail DOT com>
Sender: cppdepend AT gmail DOT com
Date: Thu, 7 Mar 2013 14:06:27 +0000
Subject: Managing Objective-C code quality using OCDepend
From: developer <developer AT cppdepend DOT com>
Content-Type: multipart/alternative; boundary=f46d0444ee1f73edc604d7563650

Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable


I'm Dane the Community Manager for OCDepend Tool.

*OCDepend* is a static analysis tool that simplifies managing Objective-C
code quality and provides a highly flexible code query language. Please
find more detailed features here : *http://www.cppdepend.com/Features.aspx*

I=92ll be pleased to offer you a pro licence, so that you can try OCDepend
and blog about it if you find it useful.

I=92ll send you a pro licence as soon as I receive your confirmation.

Some of OCDepend=92s key functionalities :

   - Code Query language(CQLinq), with visual tools/editors
   - Compare Builds
   - More than 80 Code Metrics
   - Display analysis results in different types of Diagrams
   - Easy integration to Build process
   - Detailed and highly customized reports
   - Facilitate Code Reviews by using Code Change Metrics
   - Visual Editor that gives many views (Code Query Builder, Dependency
   Graph, Matrix and Metrics views ++)

Best Regards!
OCDepend Developer & Community Manager.

Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div style=3D"color:rgb(34,34,34);font-size:13px;backgroun=
d-color:rgb(255,255,255)"><font face=3D"verdana, sans-serif">Hi,</font></di=
v><div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255=
<font face=3D"verdana, sans-serif"><br></font></div><div style=3D"color:rgb=
(34,34,34);font-size:13px;background-color:rgb(255,255,255)"><font face=3D"=
verdana, sans-serif">I&#39;m Dane the Community Manager for OCDepend Tool.<=
<div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,2=
55,255)"><font face=3D"verdana, sans-serif"><br></font></div><div style=3D"=
background-color:rgb(255,255,255)"><font face=3D"verdana, sans-serif"><font=
 color=3D"#222222"><b>OCDepend</b> is a static analysis tool that simplifie=
s managing Objective-C code quality and provides a highly flexible code que=
ry language. Please find more detailed features here :=A0</font><span style=
=3D"background-color:transparent"><font color=3D"#1155cc"><u><a href=3D"htt=
<div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,2=
55,255)"><font face=3D"verdana, sans-serif">=A0</font></div><div style=3D"c=
olor:rgb(34,34,34);font-size:13px;background-color:rgb(255,255,255)"><font =
face=3D"verdana, sans-serif">I=92ll be pleased to offer you a pro licence, =
so that you can try OCDepend and blog about it if you find it useful.</font=
<div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,2=
55,255)"><font face=3D"verdana, sans-serif">=A0</font></div><div style=3D"c=
olor:rgb(34,34,34);font-size:13px;background-color:rgb(255,255,255)"><font =
face=3D"verdana, sans-serif">I=92ll send you a pro licence as soon as I rec=
eive your confirmation.</font></div>
<div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,2=
55,255)"><font face=3D"verdana, sans-serif">=A0</font></div><div style=3D"c=
olor:rgb(34,34,34);font-size:13px;background-color:rgb(255,255,255)"><font =
face=3D"verdana, sans-serif">Some of OCDepend=92s key functionalities :</fo=
<div style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,2=
55,255)"><font face=3D"verdana, sans-serif">=A0</font></div><div style=3D"c=
olor:rgb(34,34,34);font-size:13px;background-color:rgb(255,255,255)"><ul st=
<li style><font face=3D"verdana, sans-serif">Code Query language(CQLinq), w=
ith visual tools/editors</font></li><li style><font face=3D"verdana, sans-s=
erif">Compare Builds</font></li><li style><font face=3D"verdana, sans-serif=
">More than 80 Code Metrics</font></li>
<li style><font face=3D"verdana, sans-serif">Display analysis results in di=
fferent types of Diagrams</font></li><li style><font face=3D"verdana, sans-=
serif">Easy integration to Build process</font></li><li style><font face=3D=
"verdana, sans-serif">Detailed and highly customized reports</font></li>
<li style><font face=3D"verdana, sans-serif">Facilitate Code Reviews by usi=
ng Code Change Metrics</font></li><li style><font face=3D"verdana, sans-ser=
if">Visual Editor that gives many views (Code Query Builder, Dependency Gra=
ph, Matrix and Metrics views ++)</font></li>
</ul></div><div style=3D"color:rgb(34,34,34);font-size:13px;background-colo=
r:rgb(255,255,255)"><font face=3D"verdana, sans-serif"><br></font></div><di=
v style=3D"color:rgb(34,34,34);font-size:13px;background-color:rgb(255,255,=
<font face=3D"verdana, sans-serif">Best Regards!</font></div><div style=3D"=
 face=3D"verdana, sans-serif">Dane,</font></div><div style=3D"color:rgb(34,=
<font face=3D"verdana, sans-serif">OCDepend Developer &amp; Community Manag=


Getting rid of old certificates in Xcode

Xcode 4.x’s Organizer window has an annoying habit of not only keeping old certificates (whether expired, revoked, duplicated, or otherwise redundant) around, but also restoring them every time you try to delete them. There’s no interface in Xcode for removing these extraneous identities and nothing sees to work for getting rid of them. Here’s what I originally tried, more or less in order and starting from the beginning with another step added every time:

  1. Deleting certs and keys from Keychain Access
  2. Deleting certs and keys with the security command
  3. Restarting Xcode
  4. Restarting computer
  5. Ditching ~/Library/Caches/*{Xcode,Developer}*
  6. Ditching ~/Library/Preferences/*{Xcode,Developer}*
  7. Ditching ~/Library/Developer (while saving only my keybindings and font/color settings)
  8. Removing all archives from the Organizer
  9. Grepping my entire home directory for the certificate name (four hours taken)
  10. Grepping my entire computer for the certificate name (2.5 days taken as I couldn’t figure out a command that excluded sending it down several recursive directories that led back to / – I could’ve, but I was lazy).

I finally ferreted out the final hiding place of Xcode’s ridiculous cache of certificates in /var/folders/<some random alphanumeric characters here>/com.apple.{dt.Xcode,Xcode.501,Developer} (or something very similar). When I deleted that and all of the other things mentioned above, the offending/offensive identities finally vanished.

tl;dr: To make sure you’ve really killed Xcode’s cache, make sure you clear out the area Apple deliberately made hard to find and set as $TMPDIR as a so-called security measure.

OS X Internals

It’s been pointed out to me recently that my blog has nothing at all on it about my work on the book Mac OS X Internals: A Systems Approach, by Amit Singh. So, here’s all the info I have that I can give right now, in the form of a FAQ:

Is it true you’re updating the book?

Yes. As of November 2012, I was contracted by Pearson to author a second edition of Mac OS X Internals, which in keeping with Apple’s change in naming, will now be titled “OS X Internals: A Systems Approach”. A big shout-out and thanks to Michael Ash for letting me guest-write on his blog and to Kirby Turner for putting me in touch with Pearson!

What is the release date?

Update: It’s taking quite a while to get this book into its proper shape. I’m sorry to everyone for the delays, but it’s important to make it the best reference it can be in an era when the material can change faster than it can be written down. My current target for release is late 2014 – as always, this is not a promise; only a guess.

At this time, I have no solid release date to offer. My best guess for a release is late in 2013.

Are you working with Amit Singh on the second edition?

No. To the best of my knowledge, Amit is not involved in the second edition in any way as of this writing. Should he change his mind about having a role, I will be nothing but grateful for his help!

Are you working with anyone else?

Update: Yes! As of September 2013, Sam Marshall has signed on to co-author the book with me. Their enthusiasm for the project is as great as mine, and I hope to bring you an even better book with their help!

Not at this time.

Will the second edition contain information about iOS as well?

Yes, I am planning to include information on iOS. Some details of iOS’ implementation are, of course, internal to Apple and unavailable, but I will be adding as much public information as I can.

Will the second edition cover the latest OS releases?

Update 2: As time moves forward and more possible OS releases come forward, a more generic answer is needed to the original question; see the (edited) original answer below.

Update: Yes!

I will do my best to include any changed information from any OS versions which are publicly released before the final manuscript delivery date. I can’t make any guarantees, and due to NDA restrictions, I can not include information on versions which are still in beta at the time of delivery.

If I’ve left out anything, don’t hesitate to shoot me an email and ask!

Rant: Security Questions Are Stupid

We’ve all heard this bit before, especially the avid readers of Bruce Schneier’s security blog, but after seeing the security questions available on a new account I created today, I just had to do my own rant.

Security questions are considered by some to be a form of “two-factor authentication”. They’re no such thing. If used to further secure login, they’re just an extra password which is almost guaranteed to be much more guessable than your usual password. If used to recover a lost password, they function to replace your password with something almost certainly less secure.

Some suggest giving nonsense answers to security questions for this reason. Of course, then you’re back where you started: You’ll never remember your answers. That’s when you could’ve remembered your answers if you answered them honestly, which is often just as impossible. And now we’re back to writing it down on paper, which negates the entire point.

Yet these stupid things are required on a majority of secure sites now. Can security auditors please stop trying to please their clients and tell them the truth about how security questions just make things worse?

The questions which prompted this rant:

  • “What was your favorite color in elementary school?” – Now, let’s assume I remember that time of my life in the first place. At which point in elementary school? Let’s say I just pick one, and let’s even more fantastically say I somehow stick to remembering which one. Most children will have said one of the colors of the rainbow. Say it with me now… “Dictionary attack”!
  • “What is the nickname of your youngest sibling?” – Suppose I don’t have any siblings. Suppose I am the youngest sibling. Suppose my youngest sibling doesn’t have a nickname. And even aside from all this, names suffer from relatively low entropy, though admittedly not as low as colors.
  • “What was your first job?” – Have I ever had a job? Am I young enough that I remember exactly which thing I did first? Do I count doing chores as a child? Do I count shoveling snow for my neighbors? Do I count internships? How do you define a “job”?
  • “What breed of dog was your first pet?” – I’ve never had a dog as a pet in my life. And that’s even after the assumption that I have a pet at all. If I did, was the first one a dog, and did I only get one dog at that time? By the way, the entropy of dog breeds is even lower than that of colors when you include all colors.
  • “What is the nickname of your oldest sibling?” – See youngest sibling.
  • “What is the name of your first pet?” – Again, suppose I have no pets. Suppose my “first” pet was one of a group. Suppose I picked an arbitrary one out of a group. Also, low entropy again.
  • “Who was your childhood hero?” – What constitutes a hero? Suppose there wasn’t someone I looked up to in childhood? Suppose there was more than one? Suppose I just don’t remember? And the entropy of a hero’s name is likely to be rather lower, on average, than that of a regular name.
  • “What was the model of your first car?” – Where do I even begin here? Did I ever own a car? Am I even old enough to drive? Do I remember its model? Do car models have any kind of entropy at all?
  • “What was the name of your earliest childhood friend?” – I had lots of friends as a child. Didn’t everyone? Suppose, more morosely, that I had none. Am I going to know which one was the earliest? And yet again, the low entropy of names.

Now, I grant, most of these are pretty silly nits. They don’t have to be accurate answers, just ones to which I can remember the answers consistently. Unfortunately, the more likely I am to remember the answers, the less likely they are to be remotely secure passwords.

Password strength doesn’t count when the answers are only one word long and chosen from a limited pool, people.

Objective-C and the Web

Earlier today, courtesy of @GlennChiuDev, I was reading Kevin Lawler’s informal tech note about using Objective-C to power the Web. I found myself agreeing with quite a lot of it.

I then had the chance to read @heathbordersresponse to the original post, which I realized I was also agreeing with in considerable measure.

So here’s my response to both. I’ve assumed that readers have at least skimmed both the original post and the response so that I don’t have to do what Heath did and duplicate everything they said here :).

Kevin makes the point that Apple has hugely improved Objective-C in recent times, especially with the most recent releases of OS X and iOS. Heath objects that while Objective-C has certainly improved, it’s still a strict superset of C and comes with all of C’s well-known and discussed-to-death problems.
While I agree with every one of Heath’s list of issues with Objective-C, my thought is that everyone works best in whatever works best for them. Some people (myself included) are going to be more comfortable in a bare-metal-with-extensions language like Objective-C, while others are never going to enjoy it in comparison to Java. It’s a personal thing, and I’d argue that a programmer who doesn’t like Java, for whatever reason, will never save time in it no matter how many conveniences it provides over Objective-C. Heck, I get plenty of scripting done in PHP even though I agree that Python and even Ruby have enormous language advantages and that PHP has severe community and design issues, because I’m extremely familiar with it.

Kevin goes on to say that Java was meant to be a write-once run-anywhere language but failed at it, and Heath counters by pointing out that Java does indeed do this.
This isn’t really a simple argument in either direction. Java was indeed intended as write-once run-anywhere, but while Java CLIs and servers do fulfill this promise for the most part, I think Kevin was thinking (as I did at first) of Java GUIs. To a one, I have never met a Java GUI I like, on any platform. Java apps look and act horribly non-native on OS X, are slow (and odd-looking, if less so) on Windows, are just as clunky as everything else on X11 (my personal opinion of all the X windowing toolkits is that they all stink), and as for Android… well, I don’t like Droid, and even that aside, Java working “right” on one platform is the exact opposite of the promise. In that respect it might as well not be any different from Objective-C in its platform dependence.

I do have to agree with Heath and disagree with Kevin regarding writing portable C/C++ being easy. Even if you use only POSIX APIs exclusively, which will severely limit your functionality in the general case, this is a nightmarish undertaking. Even if you restrict yourself only to Linux variants, nevermind trying to work with all the other UNIXen, OS X, and Windows, it’s all but impossible without a complex system like autoconf (which is another entire rant about horrible garbage in the making).

With regards to the JVM, I have to agree with Heath again: The JVM is absolutely a useful UNIX system layer, and JIT does make it a lot less slow than Java used to be. Similarly with garbage collection; GC is an abomination in C and Objective-C, but that’s because the design of those languages precludes the collector having full knowledge of what is and isn’t a live object without very restrictive constraints. In a fully virtualized language like Java or C#, properly implemented garbage collection is absolutely a useful technology.

I can’t say much about Java re: Oracle, since I don’t know much of what really happened there, but just from reading the respective posts, I have to say Heath makes a more persuasive argument than Kevin’s declarative statements.

Kevin then goes on to say that object-oriented programming is a win over functional programming, and Heath objects, saying that there are a great many people who disagree. In this case, while I personally agree with Kevin in my own work, this is another area where personal preference and training will trump blanket statements every time.

Kevin also talks quite a bit about Automatic Reference Counting (ARC); Heath didn’t respond to this section. I find ARC an absolute divine gift in Objective-C, but all ARC does is bring the syntax of GC to a non-GC environment, and in an incomplete fashion: The developer must still be careful to avoid retain cycles with weak references and explicit nil-ing of strong references.

Kevin goes on to talk about Apple’s failed WebObjects project. He gives some reasons and thoughts about Apple moving Objective-C to cross-platform deployment. He seems to be unaware of GNUStep, ObjFW, and other similar projects, but setting that aside, I absolutely agree that Apple bringing the full Objective-C runtime, including most if not all of Foundation, to a wider UNIX base would be spectacular. Reviving and expanding the former OpenDarwin project would also be awesome, in my opinion. In this, I’m completely on Kevin’s side; this should happen and he lists several good reasons for Apple to do it.

Now Kevin goes on to say what is no doubt the most controversial thing in his entire post: “Xcode is an excellent IDE, with tolerably good git support.”

Like Heath, I must say: This. Is. Patently. False.

Xcode 3 was a tolerably good IDE, absolutely. Not modern or fully-featured by any measure, but fairly decent. Xcode 4, however, is a crock of <censored>. I’ll let Heath’s response speak for me on this for the most part, but I’d like to add that Xcode’s git support is also absolutely abysmal. Worst of all, there’s no way to shut it off, even if you never told Xcode that the project had a git repo.

So to summarize, what Kevin seems to have posted is a rant about his issues with functional languages and Java, and his love for Objective-C, without a lot of facts to back it up. I’m strongly in agreement with his feelings on most points, and I totally agree that Objective-C would be an awesome language for Web programming, but I suspect Apple hasn’t gotten into the field exactly because Java isn’t the terrible beast he made it out to be. This is a shame, to be sure.

As a footnote to those who still follow this blog hoping for a post on this subject: Missions of the Reliant isn’t dead! I’ve been pretty busy for a long time, but I will find time to work on it!

A potential direction for Objective-C

As with my Xcode rant, this is a modified version of a mail I sent to an Apple mailing list, in this case objc-language:

I agree that adding an === operator to Objective-C would be, at the very best, questionable at this late date, if indeed it was ever anything else. My experience in PHP has been that the two are very often confused and misused, and I can’t see that being any different in Objective-C.

I do strongly support the concept of @== and @!= operators that equate to [object isEqual:] and its negation, as well as the associated @<, @> etc. operators. If one of the objects in question can be determined not to implement compare:, throw a compile error. If either operand is typed id, throw a runtime exception, exactly as [(id)[[NSObject alloc] init] compare:] would do now. In short, make the operators mere syntactic sugar, just like dot-syntax and the collection literals, rather than trying to toy with the runtime as @"" does.

This is not “arbitrary” operator overloading, as with C++. That would be an absolutely abhorrent idea, IMO. Define new, unambiguous operators and make it very clear exactly what happens when they’re used. Don’t make it possible to change that behavior from affected code. Add a compiler option or ten so you can do -fobjc-compare-selector='myCompare:' or what have you (as with the one for the class of constant strings), but that’s all.

I understand people who complain that Objective-C is getting “too big”, but the fact that the collection literals were implemented (yay!) makes it clear, as far as I’m concerned, that it’s understood that the language is just too verbose (and difficult to read) as it stands. Adding a new set of clear, intuitive operators would not detract from its usability. People who don’t know enough to write @== instead of == were already going to write == instead of isEqual: anyway, as a rule.

My Xcode rant

It seems everyone who develops for OS X or iOS these days has their own rant about the problems with Apple’s development environment, Xcode. Well, here’s mine, excerpted from a message I sent to the xcode-users mailing list.

Xcode 3 was getting pretty good for awhile, but then Xcode 4 was released, a massive backwards step in functionality which has only been getting worse with its point releases. I have suffered, shockingly, very few of the crashes and data loss bugs which other people have been plagued with, but I have plenty of gripes just the same.

Xcode 4’s integrated layout may look good on paper, and even work better for some people, but for others it’s a hopeless struggle to manage screen space and get a consistent workflow going. Xcode 3’s ability to pop open and then close the build progress window was delightful; with Xcode 4 I just get the build log in my editor pane without being able to see the code I’m working on. Ditto that the IB integration into Xcode; with a windowed layout that would have been tolerable, but as it is I spend considerable time just going back and forth between interface and code views to see what the heck I’m doing – and no, tearing off Xcode 4’s tabs doesn’t make it better, because that has a near-100% tendency to completely destroy my window position and layout settings. Xcode 4 took away the class hierarchy view. It took away the ability to compile one file at a time. The integrated debugger console is painful and takes away from code editor screen space. Workspaces are just plain broken and do not work as advertised. The configuration editor is a step up, but unfortunately the “scheme” concept is a two steps down. Switching between Debug and Release should not require chugging through three settings panels to find the right switch. And don’t talk to me about the inability to shut off Git integration on a per-project basis (or, for that matter, at all). Why can’t I enable Guard Malloc or change the debugger used for unit tests? Why am I sacrificing valuable screen space (and I say that having a 27″ screen, fully aware that people are doing dev with Xcode 4 on 11″ Macbook Airs) for an iTunes-like status display when Xcode 3’s status bar was just as useful?

And Xcode 4 itself is, as a whole, sluggish in every respect. Operations of all kinds, from editing text to creating connections in IB to switching between code files, which were perceptually instantaneous in Xcode 3 take visible time in 4. Even those 200 milliseconds here and there add up to an overall feeling that I’m spending more time waiting for my development environment to catch up with my thinking than I am actually writing code. Yes, it’s very nice that the debugger console and utility panels slide neatly in and out with smooth animation, but I’m a developer; Apple doesn’t have to market eyecandy to me. I’d strongly prefer instant response. And all I get for all this trouble is ridiculously bloated memory usage forcing a restart of the program every several hours of serious work.

Before anyone asks, yes, I’ve filed several Radars. All have been closed as duplicates (which means I’ll never hear anything about them again) or ignored (same result). The impression I get from Apple is that they think that they have enough people who build their livelihoods on the iOS ecosystem that they don’t have to put any effort into improving the tools for those who give a darn about a time when writing code wasn’t an exercise in stockpiling $20,000 for a tripped out Mac Pro whose stats can compensate for Xcode’s flaws.

Some other good examples of the problems people have with Xcode:

Missions of the Reliant: Back on the Radar!

It’s been a long time since I made any meaningful posts about Missions of the Reliant, but here I am at last to tell you all that I haven’t abandoned it! First before anything else, thanks to everyone for your exemplary patience with me over the last year or so with no word.

Coming back to the code after all this time and with the experience hard-won in other code, I can see that in the past I was both absolutely brilliant and somewhat stunted :). However, most of the issues that I see have more to do with the code having been originally designed when Leopard was the latest and greatest OS; the technically inclined among you will remember with horror the days of no libdispatch, libcache, libclosure, ARC, or ZWRs. I say without shame that a lot of problems I’ve had (and a few that still exist) would never have happened if I’d had ARC to work with from the beginning.

This brings me to the secondary point of this post – Missions will be the better (and the more quickly completed) for an ARC migration. ARC is supported on Snow Leopard, but one of its most powerful features, Zeroing Weak References, works only on Lion. I had this same debate when SL itself came out, and I’m faced with it again: Am I comfortable with limiting Missions to working only on Lion?

So here I am, asking for the opinion of the loyal followers of this project again, with it kept in mind that I’m working on the code either way: How many of you would be left out by a Lion requirement? (And, more amusingly, how many of you would upgrade to Lion at last just to play!? :)

I’d like to say thanks again to everyone who’s bothered themselves keeping up with my near-silence over the time since I started working on this port. I’ll post again as soon as I have the project building in Xcode 4 (yes, it’s been so long since I touched it that I have to retool it for a whole new Xcode version!). Until then, happy space flights to you all!