Waze, a google owned app for the past 4 years, crashes because of the FB app.<p>WhatsApp, a Facebook owned app, will not give you read access to your own chat database - it’s encrypted. But they have an arrangement with Google where it’s will back up unencrypted to your Google account (though, Google won’t let you retrieve it ... only the WhatsApp app can)<p>Everything about this duopoly, their cooperation and lack of competition stinks to high heaven.
That’s twice in as many months. They may need some better QA here although to be fair it does seem mostly people with an older SDK version based on the comments. But still. I guess they need to cotton onto whatever server side change happened and roll it back.<p>At least this time you can disable the SDK (at least one app developer has a kill switch for the SDK) unlike the last issue that happened during code initialisation you couldn’t skip.
Workaround for users: Enable airplane mode and disable WiFi, or block facebook domains<p>Workaround for developers: Go to Facebook Developer page > Analytics and disable automatic Events.[0] Apparently this doesn't solve the issue for everyone.<p>Issue in Facebook's tracker: <a href="https://developers.facebook.com/status/issues/1739188102911114/" rel="nofollow">https://developers.facebook.com/status/issues/17391881029111...</a><p>[0] <a href="https://github.com/facebook/facebook-ios-sdk/issues/1427#issuecomment-656635461" rel="nofollow">https://github.com/facebook/facebook-ios-sdk/issues/1427#iss...</a>
My personal anecdote: I’m parked over on the side of the road because my carplay habits of Spotify and Waze both kept crashing to the dashboard.<p>I couldn’t help but notice neither app worked even after a reboot, yet google maps did. I was thinking there was a carplay bug and then thought: “oh boy here we go, what are the odds, let’s check hackernews” and bam, of course it’s the Facebook sdk again<p>I’m thankful that googles iOS-chrome and google maps doesn’t use the Facebook sdk for something...
They never responded to my request for a postmortem on the previous blunder: <a href="https://github.com/facebook/facebook-ios-sdk/issues/1385" rel="nofollow">https://github.com/facebook/facebook-ios-sdk/issues/1385</a>.
Stop using facebook's garbage!<p>Or if you must, use their oauth flow and API but _don't_ include code of theirs you don't control directly in your binary. It's just asking for trouble.<p><a href="https://news.ycombinator.com/item?id=23099788" rel="nofollow">https://news.ycombinator.com/item?id=23099788</a>
How is it that a third party SDK is consistently causing apps to completely crash rather than, for example, displaying an error message? Is this a failure that cannot be caught? Sorry, just trying to understand. The dependency relationship just seems to be extreme.
Given how protective Apple is about the experience of apps on the App Store and this happening the second time, I'm surprised they have not come up with a way to prevent this from happening. Also, a monolithic SDK should not exist in this day and age.
The most popular apps on one of the most popular operating systems just plainly don't even open.<p>What has this industry become? How are we so goddamn inept at writing software? This is an industry where we can automate testing - not many other industries have this capability - and we still don't have a simple test regime of "check if the app opens" for any of those apps. Somehow, at the most valuable software companies of the world, nobody has set up a system that makes sure that you can't introduce a change that renders these apps unusable?<p>WHAT THE FUCK.<p>I have always been afraid of software engineering becoming a trade similar to medicine or law or (regular) engineering where significant barriers will be put up before you can enter the industry, but this sort of shit makes me feel like it could be for the better. I will have to go and get a degree, but that's the price I have to pay I guess.
Issue seems to be resolved, but the the comment on their bug tracker is almost infuriating.<p>“ Earlier today, a code change triggered crashes for some iOS apps using the Facebook SDK. We identified the issue quickly and resolved it. We apologize for any inconvenience.” (1)<p>At the scale of Spotify and other massive blue chip apps, this bug could have very well cost companies hundreds of thousands to millions of dollars in damages. This apology on the bug tracker seems so insincere. With this type of issue occurring twice in a couple months, I’ll be ensuring that no clients of mine ever install or rely on Facebook services within their mobile apps. Facebook has a responsibility to developers to ensure that their SDKs and integrated components are stable, and they have failed.<p>[1] <a href="https://developers.facebook.com/status/issues/1739188102911114/" rel="nofollow">https://developers.facebook.com/status/issues/17391881029111...</a>
While Spotify crashing on launch may be a nuisance, this also affects life-critical apps crashing on launch. Our forensic analysis [1] found that half of the top 21 iOS safety apps send data to Facebook, and last time this happened back in May we spot-checked some of these safety apps and they were all crashing on launch. The SDK is typically included for ad attribution/tracking, not Facebook login, so it wouldn’t even be visible to the end user, and there’s no way to disable it.<p>[1] <a href="https://parachute.live/blog/forensic-investigation-the-shocking-state-of-privacy-in-safety-apps" rel="nofollow">https://parachute.live/blog/forensic-investigation-the-shock...</a>
Can confirm that blocking Facebook on my iPhone makes these crashes go away. All in all I might leave that block up permanently as nothing going to those addresses does me any good
For end users who need affected apps right now:<p>1) Download NextDNS from App Store<p>2) Open app. Hit (...)<p>3) Enable Custom Configuration, Config ID 22776a<p>It’ll DNS block some ads and Facebook domains. Turn off after you’re done.
Also assume any DNS server offered by random dude as poisoned.<p>Edit: Issue resolved! People, turn it off or switch to your own configuration.
I've been fighting with this for an hour. what the heck Facebook guys, you have a responsibility to not break the apps that use your SDK... You can move fast and break you own things.
Not to sound as old or anachronistic but I kind of watch this stuff happening and wonder when all those useless bubbly conveniences are going to burst. Never had any account on facebook, twitter, instagram, viber, whatsapp etc. Last similar stuff i used was IRC and ICQ. Some Messenger and skype but i abandoned those long ago.
Now I only use discord when I am gaming or wanna talk to a friend and I am sitting in my desk.<p>Mobile phones were a big step forward from plain old landline ones. But in terms of ease of communication this change was the last one with non-deminishing returns. Maybe smart phones also just for browsing HN when I wait in a queue or in the bus etc.<p>All those social networking and communication apps? Fcuk them.<p>I can perfectly communicate by calling or texting or video calling someone. What exactly is the added value of those apps?
I cannot take anything Facebook does (at least on iOS) seriously since the day they were bragging (with straight faces) about having so many classes that Xcode could not cope with them. And IIRC, lots of them were auto-generated and never pruned.
It's fantastic news in that it forces the companies who will undoubtedly lose millions of dollars in revenue from this to evaluate their inclusion of the tracking spyware in their apps.
I installed iOS 14 beta today and got mad at Apple because I thought the update broke so many apps on my phone. Turns out it was FB sdk coincidentally. One more reason to be mad at FB.
I recently learned that you need the FB SDK in your iOS app if you want to promote it on FB or Insta. So I guess most apps doing social marketing have the SDK.
Seems like FB way of forcing devs to use the latest SDK, unless FB shares technical details on what happened.<p>This is what FB for dev says:<p>"To make your app compatible with the latest iOS, be sure to use the latest Facebook SDKs for iOS."<p><a href="https://developers.facebook.com/docs/ios" rel="nofollow">https://developers.facebook.com/docs/ios</a>
What iOS desperately needs is a client side firewall like little snitch. It would be an easy workaround for this nonsense - with additional privacy benefits. Plus, if every time Facebook fucked up a portion of users started blocking facebook URLs they might QA a little bit more thoroughly.
Feels fair that it's happening to companies that hand over our data to third parties.<p>Anything that can open the general public's eyes to how much data is leaked through these kind of practices is a good thing. Hope it amounts to some non-negligible loss for Facebook, Spotify and the others.
How is Apple not addressing this? This seems like a pretty glaring hole in their tightly controlled environment. If the SDK is injecting code, shouldn’t that be an explicit permission?
I actually went to the post office today (couple of hours ago) and tried to use the national postal carrier's app to get my pickup code. The application just kept crashing. I showed it to the man at the counter and he said that others had had the same issue, although he didn't specify if it was earlier the same day or way back. I wonder if it was the same issue.
The same kind of thing happened today with Spotify's application on iOS and this also happened about a month ago too. I am surprised that regression testing tools aren't picking up these issues before they push these updates out to user's devices
I'm looking forward to these future HN posts:
"Increase iOS app reliability with this simple trick",
"How I Increased retention 10x by canceling Facebook", and
"Most popular app in world yanked for privacy violations"
None of the apps on my phone are crashing because of this. I also don't have a Facebook account, nor do I have the Facebook app installed. So it looks like there's an easy fix, delete your account, delete Facebook.
Of course FB SDK could work only <i>after</i> a user requests its functionality by tapping or logging in. But no... they need to harvest analytics and track users as they do ad-business primarily... :(
It is evident that Facebook does not QA the way they should. It would be nice if Apple added mechanisms that allow a dependency in an app to crash but allow the host app to continue to run regardless.
Is this a Deja Vu <a href="https://news.ycombinator.com/item?id=23097459" rel="nofollow">https://news.ycombinator.com/item?id=23097459</a> ?
You can disable the Facebook SDK phoning home: <a href="https://developers.facebook.com/docs/app-events/gdpr-compliance" rel="nofollow">https://developers.facebook.com/docs/app-events/gdpr-complia...</a><p>Any idea why seemingly no one of the big apps does this?
The removal of FB and Google from my digital life are my goals for the next year/. Where I need FB (groups) it’ll be a fake account through a vpn/etc
I have switched to FB web version and uninstalled the app, this has worked very well for me. Its less engaging and I get to keep in touch with my family.
That is now the how manyth time this happened?<p>Like wtf. they have so many resources how is it possible that even with that they can't make their sdk error resilient.
Oh is this why I couldn't play anything on Spotify during my morning run as it kept crashing! Had to play Apple Music's Beats 1 radio instead.
Apple's refusal to support XPC and the ability for apps to launch secondary processes is the real underlying issue here. Being able to separate out execution and process permissions from the main app solves a ton of third-party SDK issues as well as just normal "why is my app crashing because of decoding?"-style issues.
Apple should ban these SDKs, period. If a third-party entity fucking up their backend can bring down the whole ecosystem then they've lost control over iOS.