January 24, 2008
Apple messes with DTrace
Posted Jan. 24, ’08, 7:52 AM PT by Derik DeLong
Category | Security
Developers, administrators, and all around geeks like to have insights into their computers and their operation that would make psychologists’ heads spin. DTrace helps with that. It even has a Mac OS X port. Sounds great until you find out that it was modified to ignore processes with a specific flag.
The expensive DTrace invocation clearly caused iTunes to do a lot more work, but DTrace was giving me no output. Which started me thinking… did they? Surely not. They wouldn’t disable DTrace for certain applications.
But that’s exactly what Apple’s done with their DTrace implementation.
The working conclusion is that Apple has done this in an attempt to slow DRM cracking, but no real explanation has been given other than the code comment:
If the thread on which this probe has fired belongs to a process marked P_LNOATTACH then this enabling is not permitted to observe it. Move along, nothing to see here.
Conspiracy theorists are rubbing their hands in glee. Thankfully, Landon Fuller is back yet again with a hack to re-enable DTrace. Hopefully now that it’s been exposed, Apple will have a change of heart about this dubious flag.
2 Comments
Leave a comment
Recent Entries
Ch-ch-ch-ch-changes afoot at MacUser
The Macalope Weekly: Leopards and monopolies and DRM! Oh, my!
Apple levels DMCA on iPodhash project
iPod touch users get second classed again with the omission of new Maps features
Apple Pro Applications Update 2008-004 makes your day
iTunes v8.0.2 comes riding on the coattails of iPhone firmware v2.2
About MacUser
MacUser is your source for news, info, and opinion about Apple, the Mac, and the iPod. Our dedicated team of bloggers covers everything that is relevant to Mac users — and, okay, some stuff that’s not quite relevant, but is still a lot of fun.
Subscribe/RSS
- Blog Posts
- Blog Comments
- Podcast (RSS) (iTunes)
Tip us off!
- Email: macuser [at] macuser [dot] com
Recent Comments 
- Dave Barnes on Ch-ch-ch-ch-changes afoot at MacUser
- Dan Moren on iPod touch users get second classed again with the omission of new Maps features
- johnnydfred on iPod touch users get second classed again with the omission of new Maps features
- on iPod touch users get second classed again with the omission of new Maps features
- Neurotic Nomad on Apple levels DMCA on iPodhash project
- Dan Moren on iPod touch users get second classed again with the omission of new Maps features
Categories
- Apple (234)
- Advertising (162)
- Events (235)
- Huh? (182)
- Humor (259)
- News (148)
- People (258)
- Rivals (405)
- Speculation (167)
- Steve Jobs (172)
- Stores (206)
- Apple TV (58)
- Business (451)
- Games (143)
- Geekery (460)
- Hardware (935)
- Accessories (79)
- Intel Macs (162)
- Ihnatko (18)
- Internet (463)
- Legal (244)
- MacUser (94)
- Macalope (8)
- Money (177)
- Music (344)
- Podcasting (100)
- Photography (74)
- Security (246)
- Software (1544)
- Updates (538)
- Tips (352)
- Troubleshooting (189)
- Video (403)
- Windows (219)
- iPhone (199)
- iPod (602)
- iPod Accessories (96)
- iPod Software (61)
- iTunes (128)
- iTunes Store (443)
Archives
- November 2008 (91)
- October 2008 (138)
- September 2008 (151)
- August 2008 (177)
- July 2008 (175)
- June 2008 (171)
- May 2008 (185)
- April 2008 (234)
- March 2008 (217)
- February 2008 (215)
- January 2008 (239)
- December 2007 (169)
- November 2007 (164)
- October 2007 (187)
- September 2007 (167)
- August 2007 (195)
- July 2007 (152)
- June 2007 (223)
- May 2007 (243)
- April 2007 (286)
- March 2007 (288)
- February 2007 (250)
- January 2007 (266)
- December 2006 (244)
- November 2006 (293)
- October 2006 (307)
- September 2006 (250)
- August 2006 (268)
- July 2006 (288)
- June 2006 (293)
- May 2006 (297)
- April 2006 (351)
- March 2006 (366)
- February 2006 (110)
- January 2006 (107)
- December 2005 (23)
Mac Publishing Sites
Links
I find it hard to know why I should care. As I understand it DTrace is a valuable tool for a developer to use on their own products. I'm not particularly concerned if Apple has made it harder for crackers to work through their code.
@fletcher: if you read the article, you'll understand why you should care. It doesn't just undermine DTrace for iTunes but for other uses which have nothing to do with examining iTunes or other sensitive applications.