Submitted by One of the three authors of Sun’s DTrace, Adam Leventhal, has discovered something very interesting using DTrace on Mac OS X. “As has been thoroughly recorded, Apple has included DTrace in Mac OS X. I’ve been using it as often as I have the opportunity, and it’s a joy to be able to use the fruits of our labor on another operating system. But I hit a rather surprising case recently which led me to discover a serious problem with Apple’s implementation.” So, what is this problem? “Wow. So Apple is explicitly preventing DTrace from examining or recording data for processes which don’t permit tracing. This is antithetical to the notion of systemic tracing, antithetical to the goals of DTrace, and antithetical to the spirit of open source. I’m sure this was inserted under pressure from ISVs, but that makes the pill no easier to swallow. To say that Apple has crippled DTrace on Mac OS X would be a bit alarmist, but they’ve certainly undermined its efficacy and, in doing do, unintentionally damaged some of its most basic functionality. To users of Mac OS X and of DTrace: Apple has done a service by porting DTrace, but let’s convince them to go one step further and port it properly.”
And I’m sure that Steve lost a lot of sleep during the period in which he was wrestling with that tough decision under pressure from those nasty ISVs.
I’m all in favor of friendly relations with our friends here who prefer MacOS. But Darwin, Webkit or no, it’s best not to forget that Apple is no FOSS company at heart. It has no problem with using FOSS opportunistically, and follows the letter of the license. And that’s OK. But never fall into the trap of thinking that Apple is anything at all like Red Hat.
You are TOTALLY right that Apple is not a FOSS company at heart, but the fact is, open source is meant to be (ab)used in this manner, and that is the reasoning behind things like the BSD license. The idea is that when this code is open, anyone can do anything with it. I, for one, would prefer a crippled port of trusted software than ground-up proprietary software.
Considering Red Hat 100% dedicated to the ideals of FOSS may be just as much of a mistake. Companies have their own interests at “heart” and it’s not a perfect world out there.
Of course, one can’t help but feel something is wrong when a company takes advantage of a FOSS piece of software on one hand, but stops short of giving it access to all its own secrets on the other.
What I’m trying to get to is that we’re not “there” yet. FOSS is making its way into the IT world more and more each day, but don’t expect things to change overnight. At least for another while such hybrid approaches are the best there is, and it may never go past this point.
I don’t know what ISVs he’s talking about, but this problem with iTunes seems to be related to iPhone hacking. It wouldn’t surprise me if that was the only reason for modifying dtrace to work that way.
And what’s wrong with iPhone hacking? Why are you even forced to use a media player to use your phone? You paid for the damn phone, this is means you can do with it whatever you like.
Right, and you have a license to use the Software/Operating System under the terms you signed with AT&T. To be more clear, you agreed to every part of the EULA that this entails. Since we are discussing Software, you either think it’s not enforceable by crippling it to prevent unauthorized code modification or you think they don’t have a right to do so, because you paid for the phone. You paid for the service which includes the phone.
I don’t have a problem with people hacking and violating their EULA and other legal agreements. I have a problem with people complaining that their warranties are voided and if they brick it they should get support from Apple to fix it.
Grow up.
Edited 2008-01-19 23:47 UTC
You didn’t pay for the phone, You paid for a license to use the phone. So you can only use the phone in the ways specified in the license that you agreed to.
I can’t believe regular people even back this bullshit.
Everyone who bought an iPhone bought a piece of hardware. Since then it’s his/her hardware and (s)he can do whatever pleased to.
If you want to cripple yourself with nasty licensing deals, do so. But let me tell you, there are also countries out there where users are protected from this kind of business. In Germany nobody can legally be held back from using the device in any thinkable way.
If you want to hack your iPhone, go ahead, hack your damn phone. But expecting Apple to support a phone that no longer works the way it was designed, both software and hardware wise, is irresponsible. Once you hack it, its your own games, which Apple doesn’t have to play. If the device fails as a consequence of your non-expected actions, its not the manufacturer’s fault anymore.
You’re missing the point. It’s not about the hardware. Yes, you can do whatever you want with an iPhone, but certain services, both from Apple and AT&T, are provided only as long as the iPhone is found in a certain condition. That’s their condition and people know it when they buy an iPhone so I really don’t see the point of complaining from those who alter it.
I don’t miss the point, I couldn’t care less about Apple’s update policy.
It was just this ridiculous comment I answered to ;-))
Apart from that I don’t like software that purposefully damages or limits anything. But it’s not my business here.
This is sarcasm. (right?)
That’s not universally true. In many (most?) countries you can use the phone in any way you like as long as you’re within the law. Apple have no say with regards to what you do with the device after you bought it. It’s like Ford could stipulate that you could only drive their cars on certain roads or use certain motor oils. You might void your warranty by hacking the iphone but it is in no way illegal or a breach of contract.
iTunes is just an example: a bunch of third party apps also set this flag (through ptrace(2)) to prevent users from examining them with DTrace or debugging tools. I imagine there are similar issues with stuff like iTunes and the DVD player which contain code which litigious parties might think should be hidden from prying eyes.
Microsoft implemented “protected processes” to avoid debuggers from looking into a DRM-decrypting process address space…maybe apple is doing the same? I would not be surprised if quicktime would be also protected from being analyzed by dtrace.
…but then what can you expect from Apple. They’ve NEVER liked people to hack around in their systems. I’m frankly puzzled as to why they would include something like dtrace in the first place, it seems so un-Apple. Still, given that it’s a key dtrace developer who’s doing the complaining and not just some random nerd, Apple might actually at least make up some excuse… It will be interesting to see what happens here.
steve jobs may never have liked it, but steve wozniak never had a issue with it iirc…
It sounds like either you’ve never had experience with the Apple 2 series at its lowest levels, or you’re simply too young to remember the Apple 2 and have used it and looked at all the technical documentation for it.
The Apple 2 series wasn’t merely hackable, it was very nicely documented by Apple and they sold that documentation in the form of very nicely copyedited technical reference manuals. They weren’t free, and you could argue they weren’t cheap, but these manuals provided the complete ASM listing of at least a good portion of the Apple 2 BIOS (my Dad bought the manual set for the Apple 2c) and also provided the complete circuit diagram complete with the chip identifications of the motherboard.
It’s the advent of the Mac and the large influence of Steve Jobs on the development of it that largely was the reason the Mac system was as closed off as it was, but note it didn’t stop people from selling hack expansions, and Apple didn’t stop them, either. Also, Apple learned a lot about how NOT to do things for long-term viability from the Apple 2 series firmware: Apple was largely hamstrung from fixing many of the bugs in the firmware of the Apple 2 because of all the documented bugs/features of the calls, etc. and thus had a heck of a time improving it without breaking a lot of software (the biggest reason the Apple 2 was so successful, despite it still being much more expensive than the Commodore 64 after it came out) if something even moved one byte off, or fixed mathematical bugs (integers come to mind). The Mac firmware was designed from the start to provide a defined programming interface that obscured all the gooey details from developers, so Apple would have the freedom to modify/extend it over time without breaking stuff. For the most part, they did quite well there.
The analogy doesn’t really hold. The state of the industry at the time of the Apple II was far different than now, or even during the appearance of the Mac. But it does mark the delineation point between Wozniak having influence.
If Apple was worried about people hooking into the OS using calls or functions that weren’t documented for ISV’s, then they should have marked those layers as unstable and subject to change. But it was a different time and a different market.
You can’t really believe that Jobs closed of the Mac for the sake of developers. Hell, I even had a card for our PC that contained a 6502 and knock-off Apple BIOS that allowed me to switch into true hardware Apple compatibility with the flick of an Alt-key sequence.
He did it because he saw how the availability of open information allowed the proliferation of Apple II clones, a market they were never able to stave off. You need only look at how quickly Apple closed off the short-lived “licensable” Mac system market to understand their priorities. Apple never again intended to allow third-party companies to leverage Apple’s own tech to produce a better product.
I’m a linux user, yet I’m not a lemming-type MS basher. I use WIndows when it makes sense to use Windows, preferring linux the rest of the time. I certainly have criticisms about the way MS conducts their business, but I give thanks every day that MS won the desktop war and not Apple, because I suspect the industry would be even more draconian than it is now.
“PL_NOATTACH’s main purpose is to prevent gdb from attaching to certain processes, which I think is done to hinder a few attack vectors trying to obtain an unencrypted version of DRM’d media by attaching to the iTunes process.
No other Apple-shipped application seems to make use of this flag.”
hopefully apple is taking notice of this
I know that a lot of people won’t agree but if it’s only about protecting the DRM, it’s a minor issue.
I’d rather that Apple would not restrict DTrace but better to have it available for everything else than to not have it available for anything.
It is about allowing an exception from DTrace that is a major issue. I’ve seen firsthand the desire to take this much further than DRM.
As a performance guy I’ve introduced DTrace to many companies. Most people love it, but some developers flinch when they realise what it can mean for them — that customers have visibility of everything: including bugs that are embarrassing, hard to fix, or that they deny exist.
I’ve been asked many times if DTrace can be disabled for an application. The answer has always been no. It’s been wonderful to see developers take this positively – and to escalate their bug fixing efforts knowing that customers now have this visibility.
Now developers have another option – avoid DTrace visibility on MacOS X. Depending on the developer and the situation, this could be bad for the customer.
If we have the source (which we apparently do if the source snippet from the original blog is correct), what can’t this be patched out? Why can’t we recompile the source and “Fix it”. Is it buried deep in the kernel?
“Antithetical to the spirit of open source?” Really?
Looks like someone needed something appropriately alarmist to get his rant heard.
What could be more antithetical to the spirit of open source than taking an open source project and modifying it not to improve it but in a ham-handed attempt to remove functionality to protect proprietary and closed source software? As an author of this particular open source project it seems antithetical both to the spirit by which we open sourced the code and by which we offered our help to the Apple porting team.
Is the DTrace license GPLv2 or GPLv3?
Neither; DTrace is licensed under the CDDL.
For open source software, the license is the spirit. If the authors of DTrace did not want their software used in this way, they could (and should) have used a license that does not allow this. It is stupid to release a software under a license that says “you can do this” and when someone actually does it say that “you are not supposed to do this”.
Alternatively, they may be able to use a combination of a liberal license and a trademark. That way, they may restrict the usage of the name “DTrace” to those uses that they consider “proper”, while still allowing derivative products under different names.
Nonsense. I’m an avid supporter of unconditional free speech – does this mean I cannot complain about the many people abusing this right to spread systematic hate against certain parts of the population?
Adam here is free to complain about this, whether Apple is technically allowed to do this or not.
I don’t think the free speech analogy is really meaningful in this case. Even though “free speech” and “free software” sound similar, they are very different concepts. (In fact, because of this reason, I am not very fond of the term “free software”. It is confusing because people associate different meanings with the word “free”.)
Free speech considered a basic universal human right and a constitutional right in most jurisdictions. Thus most people in the world are free to say whatever they want. The analogous issue for software would be whether most people are free to write and publish any software they want. (This brings up a whole lot of issues, mostly patents, but I don’t think it is directly relevant to this discussion.)
On the other hand, free software only refers to a limited section of software. In general, software is protected by copyright, and you are not allowed to redistribute software that you have bought or received.
In free/open source software, the authors voluntarily allow (thus encourage) other people to modify and redistribute their software product under specific terms. These terms are chosen by the original authors of the software at their will (i.e., the authors are free to choose whatever terms of use they consider suitable).
Of course, Adam (one of the original authors of DTrace, employed by Sun) is (technically) free to complain (free speech). However, by doing so, he is contradicting his own (or his employer’s) actions.
By releasing DTrace under the CDDL, they explicitly encouraged other parties (including Apple) to make use of their code in whatever way the license terms allow. Sun was/is free to distribute DTrace under different terms if they think the way Apple uses their code is undesirable.
Therefore, I think it would make more sense if they changed their actions rather than complaining about the outcome of their actions.
Just what I wanted to say. Actually that sums it all perfectly. There should be less whining about some imaginary ‘spirit of open source’ and more concious decisions in choosing software licenses. Adam’s abusing his position as one of the authors of dtrace but actually that gives him no more authority to speak up on the licensing issues than, say Thom has the authority to speak on the same.
Therefore it’s really a non-issue.
I agree, he’s certainly free to complain about this, as perhaps this isn’t what he (and others working on the project in question) had in mind. However, by virtue of the license they released it under, there really is nothing valid he or anyone else can do other than complain: nothing was technically violated legally speaking. Such is the reality of opening something up for modification and reuse: if a freedom exists to do something that’s within the legal frameworks, you can almost be certain someone/some entity somewhere will do what’s within the scope of legality, as has clearly happened here.
Apple may not win a popularity contest amongst the digerati by doing this, but it is fully within their legal and moral scope of what’s acceptable.
Unconditional Free Speech? You’d condone yelling fire in a crowded theater/arena and watch people trample over their peers? You’d then proclaim that you are protected under Free Speech or Unconditional Free Speech. Free Speech has conditions and they include Reason.
There is no such thing as a free lunch.
is tipical for apple work like this case.
and is wrong.
I’d never buy an iPhone – no iPod either. I have been contemplating buying a MacBook, but so far I haven’t.
I get a mild, foul taste in my mouth when I think of apple. They’re not Microsoft (ohhh, that foul taste hurts) – they’ll probably never be judged for anything close to what Microsoft has been judged for, if anything at all within the boundaries of what we’re talking of here. Any American company of some size will get sued for something and might get judged (ref: http://www.stellaawards.com/ ).
Even so, it’s less and less likely that I will ever own one of their products, but that’s me. Given a choice, I will always use a product that doesn’t give me any foul taste at all.
Apple sell both hardware and software in one unit. They use software that allows for what they want it to do, but stretches the licenses as far as it goes. It might considered unethical but not illegal in any way.
If the people behind DTrace didn’t want this to happen, they should have released it under another license. Choosing a license for your product requires a bit of thinking. I’m sure the maintainer/owner of the DTrace have done that thinking and was aware of the implications.
I myself, have released apps I’ve written to public domain. Then you can do whatever you want with it.
Lately I’ve used “GPLv2 or later” – I won’t re-license them in later versions. Now I’d drop the “or later” -part. GPLv3 is a tad strict for me.
So I like all others that create programs, we need to, and do, think of this from day one. We change our minds from time to time, but we accept that our applications are used under the license we have released them under.
So, even if Apple dances on the fine line of barely inside what the license allows, they’re not doing anything wrong if they don’t dance on the wrong side of that line.
Do I like that an application is crippled like this? No, but I accept that they can do that and that they haven’t done anything wrong, really.
Nalle Berg
./nalle.
Hang on, hang on, before we start swinging from the rafters – let me get this straight, Apple decided not to put Dtrace probes into every possible facet of their operating system. Is there something overtly evil about it?
Why is it that there are people out there who will dig up any old damn thing to bring attention to their blog? really, the way it was made, it sounded like Apple had done the most evil thing possible.
No, that’s not quite right.
DTrace is supposed to allow you to measure every part of the operating system, and every piece of software running on it. That’s kind of the point.
This isn’t a case of Apple not bothering to allow you to use it on iTunes. It’s a case of Apple deliberately modifying DTrace to allow certain processes to be hidden from it, presumably because they don’t want people attempting to get around their copy protection. The system won’t let you attach a debugger to it either.
It’s the same as the crap Microsoft have in Windows Vista to protect Media Player from any kind of tampering by other processes.
There are plenty of ways around it, from removing the limitation and recompiling the kernel, through hacking the application itself to remove the protection, or using a library shim to prevent the protection being enabled in the first place. So it’s kind of pointless – anyone able to use these tools to break into iTunes will also be able to disable the protection easily enough.
Edited 2008-01-20 14:09 UTC
Yes, but is there something evil about it? no. They don’t want the copy protection parts of their operating system ‘dtraced’ so what is bad able that? you’ve said that it restricts what it can monitor, but what you have failed to explain is why there is something wrong with that? if you hate DRM/content protection, then isn’t the issue with the big name vendors than Apple per-say? I mean, it is the media companies who demand that DRM to be used. I’ve yet to see a company say, “yeap, I’ll spend millions developing technology unnecessarily”.
Well, the part that you can’t monitor could be exactly that part that influences or affects the thing you are trying to monitor or debug. The purpose of a system-wide tracer is that it traces… System-wide. If something is wrong with your car, but you have no idea what it is, you’d like it if the garage had the ability to check every possibility, right?
By the way, what’s the point of dtracing iTunes or WMP? Give me some valid reason. It’s not “user-serviceable”.
And you’re free to debug your own app to your heart’s content.
After all, if you want control, you can have Linux. Why should Apple give access to parts of the system that they don’t want to?
Also in reply to Thomas’ comment above.
Err, do you know the intricacy of a modern computer system? Let me repeat my previous comment: “Well, the part that you can’t monitor could be exactly that part that influences or affects the thing you are trying to monitor or debug. The purpose of a system-wide tracer is that it traces… System-wide. If something is wrong with your car, but you have no idea what it is, you’d like it if the garage had the ability to check every possibility, right?”
I hate repeating myself over and over again, but it is not at all hard to imagine how issues with iTunes could (negatively) affect the performance of your application, and now, you cannot find that out properly using DTrace – and who knows what other apps or parts of OSX are excluded from DTrace?
So, again, what good is a system-wide tracer, which programmers expect to analyse all possible influences on their code, if it does not trace system-wide? And, you do not know what gets and what does not get traced?
I’m not even a programmer, and even I can see how this literally cripples the usefulness of DTrace on OSX.
Edited 2008-01-20 16:23 UTC
Uh. It’s certainly easy to ‘imagine’ how issues with iTunes affect your app, but it’s all theoretical. As far as I know iTunes is a standalone application that your apps can’t/shouldn’t depend upon. You use frameworks when programming stuff and that’s a totally different issue. iTunes or other Apple-supplied app don’t enter into that equation.
It’s like saying you need full access to Safari code to debug your Webkit-based app. It’s just plain wrong.
So let’s separate the “what’s going on inside the system in general” and “problems with tracing my own app”.
Give me a reason why you as a developer need to grab that info from iTunes *directly*. There may be a perfectly valid reason, I just don’t see any yet.
PS. Hey, even Adam himself has failed to provide any examples where this might be nessessary, the only thing we’ve learned is that it was “antithetical to the goals of dtrace”.
Edited 2008-01-20 16:53 UTC
By the way, what’s the point of dtracing iTunes or WMP?
Whether or not I can think of one now, it’s impossible to say there won’t be such a reason at some point down the road. Echoing Thom, what part of System Wide don’t you get?
The interactions between software can be weird. The other week I was called in to look at someone’s iMac that was misbehaving. They couldn’t open the control panel: every time they did it immediately crashed. Not being a Mac guy I did my best to follow the trail, and eventually found that removing a recently installed DivX plugin fixed things.
It was preventing anything with sound from working. Pressing tab on the terminal crashed the terminal. Pressing the volume keys on the keyboard crashed the desktop. Safari crashed when playing any flash. And somehow sound being borked was causing Control Panel to crash on launch.
Why on earth would a DivX codec, player and converter package crash any sound app, and why would sound being broken prevent Control Panel from working? I have no idea.
The point is, software can interact in unexpected ways, and when things are well integrated into the OS like Quicktime or iTunes it might be necessary for someone to include them in their system wide debugging efforts.
It’s easy for you to challenge someone to come up with an instance of when it might be necessary, but that’s not the same thing as proving that such a thing will never be necessary, it’s just showing that it isn’t necessary right now for anyone who might be bothered to reply.
*edit* spelling
Edited 2008-01-20 16:36 UTC
Your example shows that you’ve run into a problem with a codec. It’s certainly not iTunes-related, since iTunes and QuickTime are merely consumers of those codecs. They don’t act as codecs themselves.
And you don’t start debugging problems like that by firing off dtrace. There are many other better tools at your disposal. Some basic knowledge of the OS you’re trying to debug is the best tool as always.
isn’t DTrace there for developers to trace their applications, not someone else’s? Other than curiosity, what reason is there to trace other applications?
You know the point of DTrace vs the other frameworks is to be able to have a system view.
The system view helps you finding priority inversion, locking issue, etc.: all the applications share the CPU, memory, disk, etc so having opaque process will hinder this global view.
The article had an example: it isn’t possible (easily) to have an accurate view of the load with DTrace when there is an opaque process running..
He’s got the source, it’s quoted right there in the article. So why can’t someone release some sort of patch ?
And all the people who seem to think Apple is some kind of open source bogeyman should remember there are people running all kinds of modified OSX kernels (the fabled hackingtoshes) and they are able to do so precisely because of the fact the source code is open. it may not always be current, but it is out there.
Edit: toned down the rhetoric
Edited 2008-01-20 20:32 UTC
I’d like to thank the Sun guys for producing DTrace. It’s a really good idea, and I’d have loved to see it in Windows, but MSFT would have the same problem that Apple has. Even more so, in fact, because is has lots of ISVs.
I think the main problem here is that protecting iTunes also prevents certain probes that have nothing to do with iTunes from working properly.
by far the most entertaining though, is stupid ass completely moronic comments like this: “Hmm, did you realise that maybe this is due to the fact that they will be supporting BluRay soon, and allowing Dtrace to probe might allow someone to hack easier at the video?”
what the h*** is wrong with people who think that?!!?! all their drm crap doesent do them shit good, all the crap is broken anyway, and we can all go to a little certain place to get all our bluray “fixes” if we wanted to, them implementing a useless scheme, and try to “protect” it further, doesent protect shit.
oh well, he is probably some apple moron who likes to pay shitloads of money for a worse product