Every now and then "memory cleaner" apps bubble to the top of the download charts on the iOS AppStore, yet I am always puzzled: How can these apps figure out how much memory is used when they are sandboxed and can't access any memory outside of their process?
I'm not an expert in memory allocation on C, so maybe the solution is obvious and I just don't know it but I am curious as to how this works/could work.
Obviously the second question is how do they clean the memory once they have the count, I assume they just allocate a ton of heavy objects (eg. images) and thus force the OS to shut down other processes. Yet maybe there is a smarter way?
Note, I am not talking about Cydia here, these apps are available on the regular AppStore and work on non-cracked devices with the official consent from Apple. As an example, here is the current top seller: http://iputzfrau.professional-apps.at/
The Mach/BSD host_statistics and sysctl functions are available on iOS, and they provide access to system statistics such as the amount of physical RAM, processor speed and, indeed, the amount of free RAM available. To get the latter, you'll want to call host_statistics with HOST_VM_INFO, and look at free_count in the structure it fills out for you. Note that this value isn't necessarily useful for any real purpose. You probably don't need it unless you want to write yet another one of these scammy apps.
Low-level functions in the C/UNIX/Mach/BSD layer are generally available for use in iOS apps, although these APIs typically aren't described in the SDK documentation. Look at the headers in /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/usr/include/ and refer to the Mac OS man pages, C/UNIX standard documents or the Mac SDKs for more details about them.
These apps, as with the "track any cell phone" apps that have "for entertainment purposes only" buried in line 30,239 of the description, are scams. It's exceedingly frustrating that Apple lets them through the review process.
You're right -- there's no public API that would enable an app like the one you linked to do what it claims to do.
This would be an excellent question to pose to Apple, or at least post in the Apple developer forums. You could also report a bug, probably the most effective way to register a complaint without knocking yourself out.
Related
I am a member of a gliding club with 150 members, and we want to have our own iPhone app. Requiring a member login, the app would be usable only by members of the club, and it would be used by an estimated 20-30 people.
Is it even possible to disribute such an app to non-jailbroken iPhones? According to my research:
It wouldn't be accepted on the App Store due to "limited audience".
Even if we were able and willing to pay $300 for the enterprise distribution model, Apple would likely not accept us as a company.
Ad hoc distribution would be fine for us except for the expiration time associated with apps distributed in the manner.
Are we at a dead end?
Thanks.
Edit: In case anyone is wondering why I didn't just ask Apple directly: I did, and their answer was, "We are unable to advise you with respect to the Apple Developer Program that best fits your needs."
I'm not 100% on your question.
But depending on your requirement, pretty much everything you need can be achieved as a web app, with the correct coding behind it i.e. CACHE MANIFEST you could make the app function similar to the a native app, available offline and can be saved to any iOS device through the browser.
Give me a shout if you need more information.
Hope it helps
Gary
You could always try to make the app a little more "global"? Perhaps offer some free stuff for Joe Bloggs to use, but tucked away you have your real motive... that way you can get it released legitimately.
I've seen some real disasters in the app store that shouldn't have made it, and I'm sure Apples screening isn't as intense as we might think. (example: that flash light application, when pressing a sequence of buttons it would enable free tethering).
Best of luck!
Yup. You seem to have all the options laid out pretty clearly, and there's no other way to do it. Except developing for android, and just distributing the application freely and without arbitrary restrictions.
Sorry.
Ad-hoc distribution would give you about 90 days expiration time, i think, whereas enterprise would give you a year. Though gaining enterprise status in the eyes of apple is easier said than done.
Even if we were able and willing to pay $300 for the enterprise distribution model, Apple would likely not accept us as a company.
You don't have to be a company to apply for the enterprise account, you just need to be an organisation with a DUNS number.
I am learning to use Manifest files and had this question. What if some website created a manifest file that will make me cache files for, say, 3MB. 3MB is a lot for my IPhone when I run on 3G. So some vicious website can create such manifest file and make me use up all my data allowance?
Another question is that, as a responsible developer, is there anyway to detect if a user is using 3G or not so I can serve a smaller manifest file in the former case?
Thank you
Your question is tagged 'iPhone' so I am going to give an iOS-specific answer.
The offline storage, which holds the files linked to in your manifest, seems to be limited to 5MB. Evidence for this is all circumstantial, as the limit is not mentioned in Apple docs. However, some Apple engineers have conceded that there is a limit. The newest versions of Mobile Safari, in some circumstances, offer to allow the user to expand the storage, but you, as a developer, cannot force them to do so.
5MB is not really that much, and many users will certainly notice that something is going on, and if they don't want it to happen, simply close the tab. I understand that not every country has the same limits, but most users in the US are limited to 2GB/month. At this rate, an unsuspecting user would have to accidentally re-download your manifest, and the files it lists 100 times to use up just 25% of their bandwidth allotment. It's a fairly low limit, and the possibility of maliciously using up someone's data allotment is fairly remote.
As far as how to tell if a user is on 3G or WiFi, check out the Reachability example in the Apple Developer Center. It does exactly that. There is no way to do it in a web app (as opposed to a native app) that I am aware of.
Is there a size limit for HTML5 Manifest? No.
No, iOS does not implement W3C network information API as oppose to Andorid Webkit.
I'm not sure how you're getting this manifest file, but if you're using NSURLConnection, it's simply a matter of keeping a running total of how much data you've downloaded (best place would be connection:didReceiveData:) and cancelling the connection if it gets above 3MB. Remember to zero that number each connection though.
As for finding the device, the specifics seem trickier than they should be, but I've found a pretty simple example of how to do it (source code n' all): Determine If iPod is First or Second Generation
How exactly does apple approve apps? Is the actual source code viewed?
While none of us have access to the internal review process (which appears to be continuously changing), there are a few things that can be said based on the responses that people have received.
First, Apple has no access to your source code, so they do not review that. You submit a binary as part of an application bundle, along with your other application resources.
They do, however, appear to scan your application's binary for certain symbols that indicate the use of private APIs. A number of applications started crashing after iPhone OS updates because they used these private APIs, so Apple has been cracking down on this.
There are plenty of applications on the store that have memory leaks or other performance issues. I know that I've submitted versions of my applications that had subtle leaks (since fixed) and had no problems with review. Therefore, it does not appear that they do any sort of performance testing or profiling.
The only place where a memory leak causes a problem doing review is when that memory leak gets so bad that the application crashes when the reviewer is testing it. If your application crashes at any point during the review process, it will be rejected.
Beyond that, they have a checklist of user interface elements that they check for proper usage of (no persistent selections on table view rows, etc.). If your application deviates significantly from the Human Interface Guidelines when using these standard UI elements, you may get rejected.
Apple is very careful about copyright, particularly with their own images and artwork, so you may run into trouble if you use copyrighted material improperly.
Most of the rejection reasons you will face are preventable by making your application stable and by following platform guidelines, but some are not. Certain classes of applications have been rejected due to their intended use, and again the classes of applications that are allowed on the store change on a regular basis. This can add frustration and uncertainty when dealing with the App Store, but the vast majority of application types will never run into problems (as can be seen in the diversity of applications currently available).
try to use otool -L binary yourself and you can see immediately if a private API framework got used...
No, they only have access to the binary code that you send them.
They can run this through profilers checking for memory leaks and the like.
They do not have access to your source; it is not part of what you send to them. They test the binary you send them for leaks and such. I think they also check what data your app sends out to make sure it isn't doing anything egregiously bad (sending passwords or the like).
Apple does not care about leaks and profiling information for your App. The Operating system is able to kill your app if that gets out of hand. What they actually do is manually run your App and check if it follows some of Apples guidelines. In an automated process they extract symbols, selectors and strings from your binary and check those for usage of private APIs.
You might want to try nm -u on your (simulator) binary.
They only receive your binray file of ipa only. They can get some of your resource file while extract ipa. They can able to find what all urls you used in web service or url request. Nothing else other than this.
Some of our application is already in AppStore...
But suddenly one thing comes into my mind, that I want to clear before submitting my next application.
The thing is : As a programmer's point of view, should we require to handle if iPhone Device is jailbreaked ? If yes, then how we can tackle with this ?
Thanks in advance....
On a general note, jail-breaking the device is an issue between the user, Apple and potentially the carrier. You are not a side in this relationship, and the user has no contractual obligations to you with regards to their device.
You could choose to attempt detecting jail-broken devices in an attempt to prevent piracy of your app. However:
If the device is jail-broken, there's nothing you can do to reliably verify it's not jail-broken, since none of the OS APIs (including networking) is guaranteed to function as you expect. Your code could be running in a non-jail-broken simulation on top of jail-broken device.
Of course, you could check by attempting to do one of the things you currently know Apple actively prevents apps from doing. However, there's no guarantee that Apple is not going to allow that particular action in future. And, there's the chance that your app might get rejected because you are attempting to do something prohibited by Apple.
There is no official criteria from Apple on what constitutes a jail-broken device and what does not. And even if there was, you are not guaranteed to be notified in a timely manner (or at all) by Apple if they decide to change any such criteria. But even assuming you do get notified somehow, you can't update your app quick enough to avoid falsely detected jail-broken devices, thus potentially denying access to your app to legitimate users.
If you would like to cut off a large group of users, then sure, go ahead and require it.
Unless your application specifically requires it, there should be no reason to force users to have a jailbroken iPhone or a non-jailbroken iPhone.
If you program is legitimate (no private API calls etc), then you should not concern yourself with JB. You don't need to handle anything differently if the users phone has been JB'd. If it has, and your software doesn't run (say memory issues because they are using backgrounder to run 2 other things) then that's their problem not yours. Make your code well behaved, not leak memory, dump cache's etc with memory warnings, and you should be fine.
As you asked for the "programmer's point of view", I'd say: make sure your app runs on as many devices as possible.
Meaning: as long as you app is safe to run on an iPhone whether it's JB or not, I wouldn't care.
One thing I have found, at least early on (not seen it for a while) is that most reports I got of strange behaviour with my app (vConqr) turned out to be from people with jailbroken phones.
That's not to say I think that's good reason to block them. But if you do any sort of custom crash reporting, or other diagnostics it could be useful to log the fact to save time on troubleshooting.
Do a search on the Internet. You'll find several articles that shows some ways you can detect a pirated app. I make no claim on their effectiveness, but I do use some of these in my own apps. These techniques do not try to detect if a phone is jailbroken; they focus on detecting if your app has been tampered with.
We're days away from submitting our first app to the appstore and
last night I was horrified to hear that it does not work on
jailbroken devices. I got a few seconds with the device and saw the OS version, and free memory available (36MB, I guess that's low).
Should I care?
Presumably jailbreak users can buy the app and write scathing reviews.
If so and jailbroken iPhones are common, then the iPhoneJB becomes a de facto shadow-platform that I'm obliged to support.
EDIT
I got some ball park figures, sounds like I should care about the new de facto shadow platform. So either I can try reducing memory requirements and cross my fingers, or get out the credit card and go get me another iPhone to jailbreak.
With around 2.3 million jailbroken iPhones, it is a significant portion of the market. I have a jailbroken iPhone, but most of my apps are from the App Store. I vote yes.
This is a similar issue to what many web developers run into: should they support Internet Explorer 6? While as of this writing 14.9% of the market still uses IE6, many web developers choose not to support it because it is difficult and takes too much time. My own experience was that supporting IE6 caused 50% of my work; that's obviously not a good trade-off.
As Jergason mentioned, there are 2.3 million jailbroken iPhones. Obviously that's a large market. But compare that with the 30 million iPhones total sold as of March 2009. You could probably find better numbers to compare, but assuming those numbers are roughly accurate, less than 10% of the market is jailbroken. Look at how much work, money, etc. it's going to take to support jailbroken phones. I don't know how much work it would take, but when it comes to money, my guess is that simply the cost of getting a jailbroken iPhone to test on will be more than 10% of your revenue (iPhone dev tends to be a small-scale operation, but I don't know the nature of your product so I could be way off-base here).
So my vote is neither yes nor no: do the research and get more detailed stats than I've provided here. When you have your information, don't spend a larger percentage of your revenue supporting a segment of the market than that segment is as a percentage of the whole.
Of course you don't have to support anyone you don't want to! Ultimately, as others have noted, it's a business decision.
In my experience, you'll spend a disproportionate amount of time supporting users with jailbroken handsets. I spent more than twenty hours tracking down one problem that only affected jailbroken phones and even then only found the solution entirely by accident.
Having said that, some of my most enthusiastic (or at least vocal!) users have jailbroken handsets.
At the time of writing, about 25% of users of my free version have a jailbroken handset and 10% for the paid version.
In the end I try to support all users but I do put a higher priority on users with vanilla handsets. I'd draw the line at users of cracked versions, but I have no reason to suspect that's the case.
Incidenally, technically you'd be in breach of your iPhone Developer Program agreement if you used a jailbroken handset. And 36Mb sounds like a lot of available memory for anything other than a 3GS.
The accepted answer to this question seems fine, but I thought I'd add one more (technical) issue to consider.
If you don't at least test your app on jailbroken devices, you may not be aware of some security vulnerabilities. If your app contains any kind of sensitive information, you might want to make sure it can't be easily accessed on a jailbroken device. This might include protecting users' data, or protecting the corporate data on the back end.
Jailbroken phones allow a user to ssh into the phone, and browse any file on the filesystem. The sandbox is nullified (App Store apps will still be limited to their own sandboxes, but non App Store apps will be able to read and write the sandboxes of other apps, including App Store apps).
NSUserDefaults used to store sensitive information, for example, are easily exploited on a jailbroken device.
Even the keychain can be subverted on jailbroken phones.
It would be nice if you didn't have to worry about this, but at least through iOS 6, you really do need to worry about it. So far, Apple has not been able to (or maybe doesn't want to) completely prevent jailbreaking, so it's a real-world vulnerability. Ignoring it is probably not doing your clients or users any favors.
Do your market research. Do you expect to sell to alot of users with jail broken iPhones? Then you need to decide how important that revenue is to you...