Wednesday, March 05, 2008

Secret APIs not a conspiracy

This story on Slashdot claims that Apple has a conspiracy to slow down third-party web browsers like Firefox. This makes Apple's own Safari web-browser fast by comparison. Apple does this by forcing Firefox to use only the published APIs, while it's own Safari uses secret APIs that are faster.

The reality is much different. What we are seeing here is the yin-yang of operating system APIs. An API, or "Application Programming Interface", is a contract between the operating system and the application developer. APIs are designed to always work the same way, even though the operating-system changes underneath to work in different ways.

Since published APIs give a "cooked" rather than "raw" access to the underlying operating system, they aren't as fast or as feature rich as developers would like. Therefore, developers often bypass the published APIs in order to get that extra oomph out off their code. The problem is, minor changes in the operating system will break their code. You don't see it on the outside, but the insides of operating systems change frequently.

Firefox has reverse-engineered the secret APIs that Safari uses. The consequence of this is that when Apple makes a change to Mac OS X, it will break Firefox. This is most likely in the next major release of the OS, but it could happen in a minor patch. We are therefore likely to see another Slashdot post in the future about Apple's "conspiracy" to break Firefox.

I've been in this position before. When I created BlackICE (the first popular personal-firewall), I found that Windows did not provide APIs with the features and functionality that I wanted. Therefore, I bypassed Microsoft's published APIs and tapped directly into the raw operating-system kernel. As Microsoft changed the internals, we quickly created updates to our program to adapt to the changed.

However, we became popular enough that Microsoft added our software to their list of third-party software that "must work" when they release updates. When they created SP2 for WinXP, our software broke. This delayed SP2 by a month while Microsoft reverse-engineered our product to find out why BlackICE broke. They found that we had reverse-engineered Windows to make our product work in the first place. (Much gnashing of teeth and threats of lawsuits ensued.)

This forced Microsoft to leave the part we were accessing unchanged, and to make the rest of their code work around it. It was an ugly hack on their part to deal with the uglier hack on our part.

This in turn created two things in Windows Vista. The first is reasonable firewalling APIs that third-parties can use. The second is a feature in the kernel that scans for applications messing around in places they shouldn't. They position that kernel checking as rootkit control, but I'm pretty sure it's really BlackICE control.

Looking back out how I jerked around Microsoft, it's hard for me to take them seriously as the Evil Corporation That Runs The World. They are at the mercy of the market, not controlling it. To this day, when I visit the Microsoft campus, I meet employees still angry with me over the SP2-vs-BlackICE incident.

Thus, it's perfectly natural and expected that Safari should be faster than Firefox, but there is no conspiracy. Apple keeps the internal APIs secret from the outside world so when get blamed when their operating-system updates break outside software.


Filippo Sironi said...

Pretty interesting post, thanks for the info. ;)

mokum von Amsterdam said...

WOW. Nice write up, good to see you're open and frank about it.
Gotta love how a little thing turns into 'they against us' when people start guessing based on half cooked information.

Jeff said...

Heh. Yeah, those were some "interesting" times (ie. BlackIce).
When I mentioned in passing that we hacked Windows a little, I got the violent reaction that it was more like using a chainsaw.
I can get behind that. It's sometimes needful to use a chainsaw. Using a Tree's API to make it fall over takes too long.
Besides, what's the difference between overwriting a jump table and patching the jump instruction if you do both safely (atomically)?
Yeah, I know.
/start chainsaw/