Swift instead of Java: Apple has rewritten its password monitoring service
New password monitoring service: The Apple team praises Swift for its high performance and better handling when switching from Java.
(Image: TMvectorart/Shutterstock.com)
Apple has switched its password monitoring service from Java to Swift and Vapor and is now announcing a performance gain of forty percent. According to Apple, scalability, security, and availability have also increased, while the number of lines of code has been reduced by 85 percent. Swift, which is licensed under Apache, was invented by Apple itself in 2014 and has been further developed since then.
The monitoring service is part of Apple's password manager app and checks whether passwords have been leaked, for example if they appear somewhere on the dark net (similar to Have I been Pwnd). To protect the security of the passwords entrusted to it, the monitoring service uses a high level of encryption, but should also react quickly.
Java no longer met these requirements for the Apple team: “Java's approach to memory management no longer meets our growing requirements and goals for efficiency.” Even the improved G1 garbage collector of the JVM did not provide the team with the desired performance. Problems were caused in particular by long pauses of the collectors under high load and the difficulties of fine-tuning for different workloads. Garbage collectors are repeatedly criticized for bottlenecks.
The Apple team also saw shortcomings in Java when it came to scaling the service quickly under changing, regionally dependent loads.
Videos by heise
Much praise and little criticism
The new architecture uses Vapor as the web framework, which offers router, controller and content modules. The Apple team praises Swift in particular for the concept of protocols, which avoid the strict inheritance hierarchies of Java and create better modularity. Swift's security mechanisms also make the null checks required by Java superfluous. Swift does not allow null pointers. The async-await concept also facilitates asynchronous coding. The blog post also refers to the Swift ecosystem with logging, Cassandra client and crypto libraries.
The fact that the article contains no criticism of the Apple language Swift is just as unsurprising as the fact that the team did not consider other languages without the overhead of a virtual machine such as Rust or Go.
(who)
