About | Buy the Software | Forum | Industry Watch | Learning Curve | Newsletters | Products
Home » Learning Curve » Red Hat Diaries

20060218,00


Buy It

Try It

Hyde Park Corner I.

I think we've been sold a pig in a poke. I think we have to speak up.

In December 2001 Apple issued a now nefarious technical note admonishing developers to stop their fetish for creator codes and file types.

A creator code is a four byte blob; a file type is the same. They're both ordinarily alphabetical, and Apple reserve all completely lowercase combinations. Both are impregnated right into the volume control block (catalog file) of their file system HFS (along with other juicy stuff).

The technical note was picked up by John Siracusa of Ars Technica who organised a Jonestown stampede over at Protests Online. Reading the comments on this list must have been great fun for graduate students of abnormal psychology. One commenter claimed to have worked at Apple to help write the creator code and file type logic and threatened to migrate to Windows if they were ever removed [sic].

Another protest was then organised against Siracusa's protest. It too garnered lots of signatures, but in contrast to the first garnered 'heavy' names like Anguish, Buck, Gehrman, and Yacktman. Their point was that Apple's HFS was creating issues for users by closing off the Unix interoperability they felt they should be able to enjoy.

Unfortunately this second protest did not get as much media attention.

One of the big advantages (Eric Raymond would say 'the' big advantage) of open source is the 'bazaar' method of development and maintenance as opposed to the closed or 'cathedral' method. (These are terms Raymond coined himself.) Because open source is a wide collaboration, its code is going to be better. In fact the 'Halloween Documents' someone at Microsoft slipped to Raymond prove this: MS's own internal study concluded that their commercial closed-in 'cathedral' approach is doomed to failure.

Yet 'close it in' is precisely what Apple have done with their much touted 'open source' platform.

When issues with 'Unix' arise, they can be dealt with by a broad spectrum of developers across the globe and across all platforms; when someone uncovers a hole in OS X, it is only Apple who can take care of it.

Were Apple to truly run a 'Unix', then any holes discovered could be fixed by developers of the Linux kernel, of FreeBSD, OpenBSD, NetBSD, Red Hat, SuSE, Novell, IBM, Gentoo, Linspire, Mandrake, Debian, Fedora, Slackware, Ubuntu, Kubuntu, and so forth ad nauseam. But Apple are not running a true 'Unix', and when the issues arise they can get no help from this formidable community.

Aside from some beige box savants who'd rather go back twenty years in time and have one program and one folder to put it in, there is no reason to support anything that is not 100% cross platform compatible 'real' Unix today. In fact, the Oompa Loompa worm shows us just how dangerous Apple's position is.

Oompa Loompa relies directly on HFS and its weaknesses to work. It has to set an HFS bit for the customised icon to have a chance to lure users. It has to use the resource forks of HFS (which no Unix file system has) to hide executables from the applications it corrupts. While it's possible someone will in the future create a crafty worm that works on all Unix platforms, we can for the moment unequivocally state that whereas OS X like all Unix platforms was completely virus free yesterday, it's only those other Unix platforms which remain so today - and we have only HFS, Apple, and the 'hybrid' (what AnandTech called the 'hodgepodge') nature of OS X to blame.

Apple make a big thing about being secure, but they're not as secure as the other Unix platforms. The 'custom icon' ruse has been long known. Apple dumb down the protection afforded by sudo to heighten what they see as 'user friendliness'. They directly override other system level privilege escalation authorisation settings to do the same. They wasted seven years wiring Carbon toolbox stuff into what was once a very clean design (NeXTSTEP) and a paragon of software engineering excellence. They've even gone so far today that they're corrupting FreeBSD open source code to support their silly and totally irrelevant file system.

Clearly Apple neither understand Unix nor respect it. And in the world I belong in, that's one thing you never try: messing with Unix. That's like selling Mohammed cartoons on the street in Ra's al Khafji: you just don't do it. You're likely to get a posse coming after you.

In December 2001 John Siracusa organised a protest to keep the beige box in OS X. I think we can all see - at least now - what the effect of that has been. We who don't really care (anymore) about what transpired twenty years ago but care today for our security should make our opinions known. A platform with only one exploit is still a platform no one can trust in.

I think we should tell Apple to:

  1. Scrap Classic altogether. This represents a serious security risk.
  2. Scrap Carbon completely. Cocoa's been out for nine years. Get with it.
  3. Once Carbon is scrapped, adopt a 'Unix' file system eg Reiser.
  4. No 'cheats' as they use in their UFS today: a REAL Unix file system.
With a Unix file system, rogues won't be able to hide in resource forks, 'that notorious file browser' won't have special data fields in volume control blocks [sic] and exploits like Oompa Loompa will no longer be possible.

We want - we demand - security. Apple told us OS X was secure and even if we perhaps should have known better, we believed them anyway - even as we saw them destroy the remnants of the once stellar NeXTSTEP.

But OS X is not secure, and Oompa Loompa is only the tip of the iceberg. At the very least, Oompa Loompa would not have been possible without a file system none of us care about anyway and would rather were gone. And were that file system gone, Oompa Loompa would not have happened.

About | Buy | Forum | Industry Watch | Learning Curve | Products | Search | Twitter | Xnews
Copyright © Rixstep. All rights reserved.