Blog Post

Cut the Drama: Private APIs, the App Store & You

I’ve had a rant building up for a few weeks. A rant about developer’s treatment at the hands of the App Store submission procedure. However unlike many rants on the topic, mine is not directed towards Apple (s aapl). It is directed towards the iPhone developers who complain about the poor, unfair treatment they get, carrying their bleeding hearts in their palms while claiming Apple is bludgeoning the life out of them.

Two recent news headlines, seemingly separate, are intrinsically tied together and the synergy of them have made my eyes dislocated from the continued rolling they involuntarily perform.

The first headline, Facebook Developer Turns Back on iPhone relates how another high-profile developer has thrown their hands up in disgust over how Apple’s closed system runs against their principles. A direct quote from Joe Hewitt, developer of the popular Facebook application can be found on TechCrunch, and is most relevant. I will come back to this later:

I respect their right to manage their platform however they want, however I am philosophically opposed to the existence of their review process.

The second headline is Apple’s App Store Approval Process Now Includes an Automated Layer. The quick version is that Apple is now using an automated tool to determine if the Apps that developers submit to the App Store are using any Private API calls.

These two headlines are actually the same story, a fact that was made quite apparent by a popular direct iPhone-to-iPhone messaging App called Ping!. On Ping!’s Facebook Page, the developer announced that the much-anticipated version 1.2 of Ping! has been rejected by Apple:

Bad news is Ping! 1.2 has been rejected by Apple on Nov 14 due to a software library we used, developed by the Facebook company. This library is used by many apps including Ping! and the iPhone Facebook app itself. Unfortunately the most recent version of this library has violated some of Apple’s guidelines and  has caused hundreds of apps to get rejected including Ping! 1.2.

So let’s get this straight. Ping! and hundreds of apps have been rejected because they used a popular development framework, a framework which used Private APIs. A framework, which was created by Joe Hewitt initially for use with the Facebook application and then made available to third-party developers.

Lets be clear about this; Joe Hewitt used Private APIs in his public framework, well-known to be against the rules of the App Store, and then acts all indigent when Apple slaps his framework down. Rather than disclosing his error, rather than saying “oops sorry about that,” he would rather ride the trendy wave of ‘blame Apple control policy’ and cite ‘philosophical differences.’ I rather wonder if these philosophical differences would still be present if his framework hadn’t been caught in this automated tool. If it were just other people’s frameworks that were caught, would he still have quit for ideological reasons?

Now I don’t mean to pick solely on Mr Hewitt, and maybe I’m being too harsh. But he is just the latest example in a blogosphere that increasingly seems to love taking the loud minority and say “Look! Here’s proof that the end is nigh!” Come on, the end isn’t nigh, it’s not even on the horizon. Out of the thousands of App Developers that exist, we’ve had a dozen, maybe two dozen make a public fuss and quit. Big deal! This is the real world; businesses start, some succeed and some can’t hack the brutal reality. Those just make excuses and quit. Just like everywhere else in the business world.

To summarize the full story that I see, it goes something like this:

  • Apple publishes the rules for making iPhone Apps, including publishing and documenting the specific APIs which developers are allowed to use.
  • Some developers ignore these rules and make use of Private APIs. Some Apps get through the cracks in the newly functioning App Store review procedures.
  • Apple starts to crack down on private API usage. Developers who get rejected due to Private API use cry foul “Why are WE rejected but THOSE apps are allowed?” This was a fair question.
  • In response Apple says “They shouldn’t have been allowed, we are working on a way to fill up the cracks in the system”
  • Apple then goes ahead and fill the cracks with an automated (and thus unbiased) system to test of private API usage.
  • Developers then cry foul, “It’s not fair, you’re a bully, it’s too hard.”

Cry me a river….

Before I get off my soap box, I’d like to add that there are times and places for Private API use. As a professional software developer working on proprietary custom embedded solutions on Windows Mobile devices for specific customers, I freely admit to using Private API calls at times. Sometimes its necessary to get a specific job done. The difference is scope and control. Our clients deploy the software under our care and guidance, with specific OS and hardware requirements. If they change devices or operating systems, we know about it well in advance and can prepare for it accordingly. Our clients don’t just upgrade the OS and expect everything to work.

The consumer market is a completely different kettle of fish, customers upgrade willy-nilly  and expect things to just work, especially things related to Apple products. Private APIs are private for a reason, because they can not be relied upon to behave from one OS release to the next. This means that applications will break and the consumers, you and me, lose out.

In the brutal competition of any market place, and indeed the world in general, the strong will survive and the weak will perish. The App Store is no different and I’m constantly dumb-founded as to why some people expect it to be so.

38 Responses to “Cut the Drama: Private APIs, the App Store & You”

  1. If you believe that by strictly using only the documented APIs is going to ensure compatibility with future versions of the device, then you obviously haven’t been developing software for a long time. Every major software and hardware developer out there has a history of not having a 100% upward compatibility. Even more true is when a company who develops an OS platform introduces “light-weight” versions with certain APIs stripped out entirely. This is true of Microsoft’s .NET Compact Framework. To think that Apple’s OS and APIs are engraved in stone and that your app will run on any future iPhone OS-enabled device is really being naive.

  2. Joe Hewitt

    People keep saying that I decided to leave iPhone development over the Three20 rejections. It had nothing to do with that, and I had decided to leave before the rejections began. I actually have no problem with Apple rejecting apps over the use of private APIs. It was my mistake to leave that code in and I take responsibility for it.

    Perhaps you could email me to ask what my reasoning was before making a guess and then taking shots at me based on your guess.

    • Joe, I am developing an app store (codenamed “Jericho”) that addresses a huge number of problems faced by both developers and consumers. I would be interested in knowing the reason why you decided to leave iPhone development. Every developers complaint needs to be heard and a course of action needs to be taken when providing a great app store. Please e-mail me at [email protected]. Thank you.

  3. Well said. Play by the rules (admittedly some are a little fuzzy), get approved, break the rules that you agreed to (you did read them didn’t you?), then you have no course for complaint.

    Rather than whining, release it on Cydia.

    • Without any intention of offending, I think the problem is not that they are driving quality developers away, because you have EA, CNN, and a few other Major software labels who have paid programmers to program in whatever they need, in what ever coding language they want to and they aren’t complaining, the problem is with a few, independant programmers who want to get rich quick and easy. And it all started out with google bitching about not getting their software accepted because what harm could it do to change the whole UI of the Iphone. If its too hard to develop software for the iPhone the “correct” (apple) way then maybe you should try making software for any other platform that doesn’t put your skills to the test as much. When it’s your ball and your court you CAN decide who is in and who isn’t.

  4. I agree. Now, for those detractors even in these comments who say it should be improved. Please feel free to suggest a general improvement, not one that is specifically beneficial to you and your friend. I hate the whiners who say things are wrong, but have no vision of how things should be right. Ofcourse there is a name for them Critics. They have no place other than shaking their head, or waving their finger after the fact!

    • Well, if Apple has an automated approach to discovering issues with apps (such as private API use) why don’t they release it to the developer community? I’d love to check this myself first and fix it, rather than waiting for 1-2 weeks before I find out that something might be wrong.

      Also, another approach (if the tool can’t be released publicly for some reason) would be to run the automated tool automatically on submission, so the feedback is near-real time, rather than delayed for weeks. Having simple stuff like this “pre-flighted” before the app goes through the formal QA process would make a lot of sense.

    • As Maton Reece recently explained, Apple isn’t actually doing much serious Q&A. There are plenty of apps that make it into the store that are pretty crappy or worthless by most standards.

      What if Apple let users install whatever app they liked, à la webOS, but offered an alternative in the App Store. You’d go to the App Store to buy apps that have been fully vetted by Apple—for quality, UI, bugs, malware issues, etc. Otherwise, you can buy apps online like you can for your Mac.

      Wouldn’t this offer the best of both worlds?

    • @foresmac – such do-whatever-you-wish-to-the-OS-and-expect-it-to-keep-working is a big fail. No platform, except the iPhone (in most cases), is invulnerable to clumsy 3rd party code, and the approval process is what keeps the platform stable. If you install some “OMG lookie what dis h4CK can do!!~!1!”, or “My First App, hello world!”, or “Still alpha stage, please don’t use” soft, you can’t expect your iPhone to keep running any App Store bought software correctly. The App Store “jail” is actually some kind of “fortress”, there to protect you, not to limit you. Letting people install from other sources renders the protection obso1337.

  5. Well put, and enough said. I am an iPhone Developer. I have had 7 apps released to the app store. I have not been rejected because I follow the rules. I wait 2 weeks like everyone else.

    Developers need to stop bitching and moaning about Apple’s review process. If they don’t like it, then they should change platforms. No one says you have to be an iPhone developer. Most people get into iPhone development because they want to make a quick buck. Well, those days are over. There’s 100,000 apps in the store now. You’re going to have to actually put together a quality product to make a buck, just like in the good ‘ol days.

    • “If they don’t like it, then they should change platforms.”

      That’s right along the lines of “Don’t like America, well, just leave!”

      How about trying to work with Apple to make their process better….you know, trying to improve things?

  6. Pierre-Luc

    Good article…

    Developers had almost no platform at all for the mobile industry before the launch of the iPhone. Apple brought sometihng new and never seen before and it still a baby at 3 years old. Give it some times to grow up. We’ve seen apps like snapture having success in the jailbroken world before being accepted in the AppStore after an evolution of the API’s

    • I agree that the App Store is better than nothing, and is still better than RIM/Android/webOS et al’s me-too stores. That doesn’t mean it couldn’t—or shouldn’t—be better.

  7. Nate Smith

    Apple does control the app store and I have no problem with the fact that they limit which apps are available through it. The real problem is that third party distribution is effectively impossible because all apps have to be cryptographically signed to run on a non-jailbroken device. Once someone has paid for an iPhone or and iPod Touch, they own it. Apple shouldn’t be restricting what they can or cannot run on it. If apple were to stop forcing apps to be signed and distributed through the store, I don’t think there would be any problem with restricting what is available there.

    • The Skeptic

      Apple restricts the iPhone to signed software only to minimise (almost eliminate) the threat of malware to the platform. Given that the iPhone runs in Single User (root) mode the whole time, this is a Very Good Idea, that protects their brand and reputation (not to mention, their customers).

      Sometimes…restrictions are beneficial! Part of your purchase is the confidence that applications purchased through the App Store are not malware…

  8. Developer frustration with the App Store and Apple’s approval policies have exactly ZERO to do with use of private APIs.

    It has to do with complete lack of consistency in the approval process, the inability of developers to foster relationships with customers, inexcusable delays to approve bug fixes (which magically got past Apple’s review process in the first place), and more.

    I think Mr. Bednarz has indeed had his eyes dislocated from his presumptuous eye-rolling, which apparently prevented him from doing some basic research to truly understand the problem. I can only assume he has little to no development experience of his own.

  9. I think you might be applying some revisionist history to the order of events to make Joe Hewitt appear to be the whiney developer that he isn’t.

    First, he simply had a one single tweet saying he was moving on to a non-iPhone project. The press then picked this up and interviewed him for more details and the press made the big deal about the issue. He wasn’t riding a trendy wave.

    Second, Joe openly disclosed there was a private API problem with the Three20 library back in late October ( The only private API usage was used for debugging, not for production releases, so it wasn’t like he was even trying to sneak something past Apple and then cry foul.

    Your statements that Joe did not disclose the error and then tried to ride a trendy wave of publicity are completely false.

  10. I agree Hewitt’s issue is personal and not philosophical as he states.

    It’s a clear violation of the rules, but that doesn’t mean the rules are right. Maybe rather than rejecting the apps that use the framework, why not adopt the framework? Or provide an alternative framework and assist developers in using it?

    • Andrew makes it clear enough why private APIs are private. Apple may make them public in some future release, but until they have sufficiently tested and approved them, it’s entirely up to them how to handle them.

    • rules are rules weather they are right or not. you decide if you play or not. If you have a party you set the rules in your house what bathroom to use etc. if some guy pees in your back yard you can kick him out you don’t tell everyone forget the rules just pee where you want.