facebook sdk_Facebook的SDK如何在没有一行代码的情况下降低Apple的iOS生态系统

龙成仁
2023-12-01

facebook sdk

One fine morning, I opened my favorite music streaming app, Spotify, on an iOS device and it crashed.

一个美好的早晨,我在iOS设备上打开了我最喜欢的音乐流媒体应用Spotify,它崩溃了。

It could have been because I was using iOS 14 beta. Without pondering it too much, I went ahead and opened my favorite blogging app, Medium. And it crashed as well.

可能是因为我使用的是iOS 14 Beta。 无需过多考虑,我继续并打开了我最喜欢的博客应用程序Medium。 它也崩溃了。

Two of my favorite apps being down at the same time was a weird coincidence. I reinstalled the apps, rebooted my device, but still no luck. The issue persisted.

我最喜欢的两个应用程序同时关闭是一个奇怪的巧合。 我重新安装了应用程序,重新启动了设备,但仍然没有运气。 问题仍然存在。

Strangely, WhatsApp and Instagram were working just fine.

奇怪的是,WhatsApp和Instagram都运行良好。

I quickly jumped onto the Twitter web browser to check if there was anything. After all, any breaking news and outages are first reported on the microblogging social media platform.

我Swift跳上Twitter网络浏览器,检查是否有任何东西。 毕竟,任何重大新闻和停电首先都会在微博社交媒体平台上进行报道。

And it turns out the issue was neither with Apple’s ecosystem nor a lapse in those apps. It was actually a glitch on Facebook’s end.

事实证明,问题既与苹果的生态系统无关,也不与这些应用程序失灵有关。 实际上,这是Facebook的一个小故障。

Facebook’s iOS SDK is widely used across apps on the App Store and had a glaring bug on its server side. It brought down every popular app ranging from Pinterest, Tinder, and TikTok to Medium, Spotify, and PUBG.

Facebook的iOS SDK在App Store的各个应用程序中得到广泛使用,并且在服务器端存在明显的错误。 它关闭了从Pinterest,Tinder和TikTok到Medium,Spotify和PUBG的所有流行应用程序。

This was a strange 20-minute period that caused more than 500K crashes in the Apple ecosystem — one of the biggest in recent times.

这是一个奇怪的20分钟,导致Apple生态系统崩溃超过500K ,这是最近最大的崩溃之一。

Facebook的SDK是几乎每个应用程序中都存在的“关闭”按钮 (Facebook’s SDK Is a Kill Switch Button Present in Almost Every App)

Facebook might not have its own mobile operating system, but it’s smartly poised in almost every app on your phone.

Facebook可能没有自己的移动操作系统,但是几乎可以巧妙地将其安装在手机上的每个应用程序中。

Specifically, their open-source SDK is used for easy integration of the Login with Facebook button, analyzing rich metrics, and other utilities such as ad-tracking.

具体来说,他们的开源SDK可用于轻松集成“使用Facebook登录”按钮,分析丰富指标以及其他实用程序,例如广告跟踪。

This means if your application accepts permission for location or Bluetooth, Facebook’s SDK can access that data.

这意味着,如果您的应用程序接受位置或蓝牙的许可,则Facebook的SDK可以访问该数据。

Knowing Facebook’s history with data tracking and privacy breaches, not only is their SDK a spy camera, but it’s also highly unreliable. Realistically, Facebook’s SDK is a remote button that can bring apps down in a second.

通过数据跟踪和隐私泄露了解Facebook的历史,他们的SDK不仅是间谍相机,而且非常不可靠。 实际上,Facebook的SDK是一个远程按钮,可以在一秒钟内关闭应用程序。

iOS开发人员可以防止崩溃吗? 简短答案:否 (Could iOS Developers Have Prevented the Crash? Short Answer: No)

In times when we’re seeing advancements in the fields of artificial intelligence and augmented reality, seeing the most popular apps crash feels like traveling back to the Stone Age.

当我们看到人工智能和增强现实领域的进步时,看到最流行的应用程序崩溃就像回到了石器时代。

One could easily point fingers at the app developers, and why not? It’s their job to ensure edge cases and errors are handled appropriately.

可以轻易地将手指指向应用程序开发人员,为什么不呢? 确保适当处理极端情况和错误是他们的工作。

While it may seem that such app crashes could be prevented with robust error handling, with Facebook’s iOS SDK, this really wasn’t the case.

尽管似乎可以通过强大的错误处理来防止此类应用崩溃,但使用Facebook的iOS SDK确实可以,但事实并非如此。

The bug that caused the app crashes was essentially triggered in the Facebook SDK’s initialization code that runs at launch, as it's linked in the binary.

导致应用程序崩溃的bug本质上是在启动时运行的Facebook SDK初始化代码中触发的,因为它以二进制文件形式链接。

Essentially, the SDK code was making remote API calls to the Facebook server that eventually returned a JSON response with a null value that wasn’t being parsed or handled and hence triggered a fatalError.

本质上,SDK代码正在对Facebook服务器进行远程API调用,该API最终返回的JSON响应具有未被解析或处理的空值 ,因此触发了fatalError

The app developer might not have even imported the Facebook SDK or invoked a single line of its code, but just by including the framework in the bundle, it crashed applications.

应用程序开发人员可能甚至没有导入Facebook SDK或调用其代码的任何一行,但是仅通过将框架包括在捆绑软件中,它就崩溃了应用程序。

No developer could have prevented this.

没有开发人员可以阻止这种情况。

带走 (Takeaway)

The Facebook iOS SDK disrupted popular applications not once but twice this year. This only opens up the debate about the reliance on and reliability of third-party SDKs.

Facebook iOS SDK不仅破坏了流行的应用程序,而且今年还两次。 这只会引发有关第三方SDK的依赖性和可靠性的争论。

Is convenience greater than security? Currently, it’s the former that’s causing such lapses.

便利大于安全吗? 当前,是造成这种情况的原因是前者。

If there’s any takeaway, developers would only become more aware of it when using third-party frameworks in their applications knowing the cost that external dependencies bring.

如果有什么收获,开发人员只有在知道外部依赖项带来的成本的应用程序中使用第三方框架时,才更加意识到这一点。

Surprisingly, the whole Facebook family of apps were using the latest SDK version and the crashes were caused in the older SDK. This speaks volumes about the accountability of the Silicon Valley tech giant. Perhaps they’re not too keen to provide backward compatibility.

令人惊讶的是,整个Facebook应用程序家族都使用最新的SDK版本,而崩溃是由较旧的SDK引起的。 这充分说明了硅谷科技巨头的责任制。 也许他们不太热衷于提供向后兼容性。

It’ll be interesting to see if Apple looks to bump up its security measures to prevent such outages. Perhaps it’d look to enforce Sign in with Apple in third-party applications and slowly shift away from Login with Facebook.

看看苹果是否打算加强其安全措施以防止此类中断,将是很有趣的。 也许它会希望在第三方应用程序中强制使用Apple登录,然后逐渐退出使用Facebook登录。

Facebook, which is already embroiled in anti-trust concerns, wouldn’t be able to do much but adhere to the norms set by Apple.

Facebook已经陷入了反托拉斯的关注之中,它将无能为力,但要遵守苹果设定的规范。

翻译自: https://medium.com/better-programming/how-facebooks-sdk-can-bring-apple-s-ios-ecosystem-down-without-a-single-line-of-code-bc8eae774b37

facebook sdk

 类似资料: