Recent Apple phone and laptop SoCs include hardware support for nested virtualization, including the M4 iPad Pro where an exclave is used for the camera LED. Hopefully the next revision of the Apple Platform Security guide will cover SK exclaves and baseband mitigations for Wi-Fi radar sensing, https://help.apple.com/pdf/security/en_US/apple-platform-sec...

> Apple specific additions to SPTM

SPTM reverse engineering, https://www.df-f.com/blog/sptm3

  XNU is being refactored into a micro-kernel inspired architecture, aiming to reduce its code base, and move security sensitive operations out of it. The memory space isolation is performed with the help of a Secure Page Table Monitor - SPTM. The code signing, entitlement verification, Developer Mode, Restricted Execution Mode, and other security sensitive operations are handled by the Trusted eXecution Monitor - TXM.

150+ TrustZone CVEs, https://www.cve.org/CVERecord/SearchResults?query=trustzone

> it’s a defensive effort on a larger scale than any other end user device manufacturer is currently attempting

Google implemented pKVM on Pixels with hardware nested virtualization a few years ago, and upstreamed the code to Linux mainline, including cooperative de-privileging of TrustZone relative to pKVM L0. But they have not announced defensive features using pKVM/AVF, outside of Debian "Linux Terminal" VM.

It’s important to note that most of those CVEs are to do with vulnerable software that manufacturers put in the TrustZone protected environment (many of which are garbage). There are very few vulnerabilities reported about the hardware itself.

If you're a phone designer, and you're going to put unlock PIN validation into a trusted execution environment? Sure, makes sense. If you're going to put your widevine DRM code into a trusted execution environment? I guess.

But why did they make a design that means a vulnerability in the DRM code allows an attack on the PIN validation code? That means the attack surface is huge.

You gotta keep these clowns separated if you don't want them spraying each other with water and throwing pies down each other's trousers.

> While I speculated that TrustZone was being used, exclaves may well use the existing SPTM and GXF (Guarded Execution) privilege levels after all. One implication may be that there is no hard reason they couldn't be supported on iPhone 13 and higher, aside from RAM requirements and development effort. Make no mistake these are huge undertakings even for Apple.

I don't think Tim would be CEO if he didn't believe what Steve did. It's so weird, but I really miss Steve.

https://www.youtube.com/watch?v=Ij-jlF98SzA

However, despite being an actual software engineer, I'm no security researcher. I don't understand kernels or privilege elevation or anything deeper than the UNIX shell I work in. So it's nice to have a system that's 99% safe by default, but still allows me to run crons, or programmatically open/modify things, and generally script my machine to look and behave the way I want.

Apple is the perfect middle-ground for people like me. Just because you can't fiddle with a kernel hardly makes this a "hood-welded-shut" machine. There are processes on my Windows machine that I'm not allowed to kill even as an administrator. I can `kill -9` whatever the hell I want on my Mac.

There's a very large group of people who operate like me, and are even less technical than I am, but love things like Keyboard Maestro or Apple scripts which allow them to tweak little things. Windows has no comparison and as far as I've witnessed it's one of the most frustrating operating systems in existence. Most people do not have the time or desire to run Linux. So, you are left with Apple which nails several of selling points that no other ecosystem nails.

That's why people, including "hackers", are enthusiastic about this "hood-welded-shut" system.

Note that the Mac is way more open than the iPhone (or iPad, which is funny considering how some chips are shared between Mac & iPad), specifically to preserve (some) of the kind of control people expect from their Mac.

That's why you can run Asahi Linux on Macs, but not iPads.

So you & GP may be talking past each other, them grousing over the locked-down nature of the iPhone, while you celebrate the control of your Mac.

There are some security features that (for good reason) get in the way of e.g. dtrace, but I'm not aware of any of those that you can't turn off.

> I'm also not a fan of how Apple controls devices and the market of software after the device has changed owner.

What's this about?

Such scenarios are trivially recoverable on better-designed machines with removable storage and consumer-friendly software FDE. BitLocker does this reasonably well - yes, there are privacy concerns w.r.t. key backups, but one must strike a balance between convenience and security.

ETA: To be clear, this setup would be entirely tolerable to me, but I (and everyone else in here) is hardly an average consumer when it comes to technology.

Many hackers think that about Apple computers. Many others have no choice because they develop iOS apps.

Shit. Works.

This is critical. I can focus on my actual task at hand, rather than fiddling with the system.

Some perspective: I've been on Debian for 15 years, and I still hold it in very high regard for servers. I'm also an occasional Alpine & OpenBSD user; and Windows for games. I've tried Ubuntu, couldn't stop it from getting in my way. Before you suggest Fedora, Arch, NixOS, whatever: I'm done distro-hopping. The experience is about equal everywhere. No amount of "choice" beats thoughtful design, accessibility, and vertical integration.

Hmm...

    $ last | grep reboot       
    reboot time                                Sun Feb 16 14:10
    reboot time                                Fri Feb 14 19:40
    reboot time                                Thu Jan 30 09:52
    reboot time                                Fri Dec 13 16:20
    reboot time                                Tue Oct 29 15:32
    reboot time                                Tue Sep 17 12:19
    [...]

> it absolutely refuses to play nice with my KVM (that my desktop has no issues with)

Honestly I'm with you here, but I'm pretty sure KVMs are just pure lottery. I plug the mini via USB-C/DP to a screen that has a simple built-in USB hub (which in turn handles mouse/KB/audio interface); this also works perfectly fine with my Thinkpad T495. However an expensive TB3 dock with a dozen ports doesn't work with either, but it's just fine with a 2017 MBP. TBH I wouldn't blame any of the involved parties; USB-C/TB always came off as a finicky mess to me.

> I'm a software engineer at a company that does all macbooks.

I can't say anything but extend my sympathy. In an ideal world, companies prioritise employee satisfaction and productivity. There's an argument that this is a trade-off vs increased IT support cost/workload, but I guess SWEs don't need much support to begin with?

You could at least appeal on the basis that the HW you've been provided with is clearly unreliable. Come up with some numbers about lost productivity. Bosses love numbers.

IME, it's also about being able to ensure that everyone has access to the same software. I worked at a company that used macOS-specific software for development (I think it was Sketch?) so I had to have a MacBook around, even though I primarily used a Linux desktop for work. Anecdotally, I don't think this is uncommon.

NixOS in its unofficial "endgame" is more like a container where you can strictly define what files to keep between reboots and everything else gets thrown away. Except unlike a container it covers your entire filesystem (not just a single application) and it's actually usable for things like a laptop since you don't have to reboot between making changes. There's a popular blog post titled "Erase your darlings" that explains it in more detail[1]. And, like with a container image (but different in how it's done), NixOS forces you to write any and all changes to your system's programs or config as code that can be introspected and delivers repeatable results.

This is definitely not to everyone's taste but for me this is now the only way to keep computers "clean" in the long term (sans specialized distros like Talos Linux). I can just look at the source code to know exactly what I'm running and I can delete stuff I no longer want without having to think about leftover files or anything like that. Backups also get a lot simpler when you only have to think about the persistent volume of your system and your config and full restores are just a matter of reinstalling with your config in place.

macOS is gorgeous and I love how everything just works pretty much (except defining global keyboard shortcuts). But I've been so spoiled by NixOS catering to my config management obsession that everything else feels kind of primitive in that regard. My dream would be the macOS userland and kernel on top of Apple hardware but built and assembled with the Nix module system. And then some APFS magic to make an ephemeral root filesystem work.

(Also yes I've tried nix-darwin. Love it and I'm infinitely grateful it exists because I'm also using a MacBook at work but it's not the same kind of "complete" experience that NixOS provides.)

[1] https://grahamc.com/blog/erase-your-darlings/

But I think they're regressed. I think sj was good at getting apple to interface with the rest of the world, and make course corrections. But now they've forgotten how.

Everything apple does is more apple ecosystem, ignore everyone else.

Sort of like the 7-habits dependent, independent, interdependent. Now they're back to independent.

so... they ignore the rest of the world. their own hardware, their own languages, everything else comes from their store. admittedly macos still allows people to run their own software, but ios doesn't let you run software or even access your own filesystem.

Do I, a highly technical person, want a machine that has been made in to an appliance, where I have very little control over what's going on in the background, where I have to trust one of the largest companies on the planet to Do The Right Thing™?

Well, I know I don't want to run an OS like Windows where the end user is treated with contempt and distain, where the price of the license means nothing because I'm still treated as someone who doesn't know enough to even choose my own browser, where third party programs have more control over my own machine than I do, unless I happen to have a lot of specialized knowledge and plenty of time to circumvent these biases.

But let's compare the Apple appliance to an open source OS running on an Intel CPU. Now I have an OS that gives me more freedom to do what I want and need, that has only documentation and technical issues as roadblocks, not intentional design. Better, yes? But now I'm also required to trust a company that has a literal hardware back door built in to it, that comes from a company that acts like they have no real understanding of security but might just be playing dumb, that has lied to users many times over years, that has knowingly chosen speed and marketing numbers over security time and time again.

Now add the fact that we need to trust binary blobs for wifi chipsets, some ethernet chips, GPUs, et cetera. Not great, if we want to both control our machine and trust it.

So, really, would I want to run an open OS on top of a janky CPU with lowest common denominator hardware, where each part might have issues, possibly security issues, or would I want an appliance?

I wish there were more options... AMD is better than Intel, but not sufficiently. They have less of a history of lying, of manipulation of marketing information, et cetera, but they still have that hardware back door. People are working on open source firmware for wifi chips, et cetera. ARM is nice, but ARM laptops and desktops still come at a premium.

So do I see the appeal of an appliance that has incredible performance, battery life, the best exploitation of the hardware on the planet, excellent quality and security? I do, particularly when all aspects of that appliance are in the hands of a company that makes their insane profits from being "premium". So long as their profits depend on being premium, I will trust them, because my trust needs align with their profit desires. When that stops, my trust stops.

Would it be nice if I could run my own choice of OS on it? It would. But sometimes we need a device that gets things done, and in many instances, an appliance is better than the alternatives.

Can I still run pretty much what I want on this appliance, aside from my OS of choice? Yes, I can. So unless I'm interfacing directly with hardware, these appliances mean less work for me.

That's not to say your case isn't valid, but it's easy to see a case for most people having appliances.

That being said, I love iOS on my phone and tablet. I used to prefer android, because of how much I could customize it, but it slowly became less reliable and more centered around selling me products and services sponsored by Google or my carrier. I switched to an iPhone and iPad about 7 years ago and am much happier with a reliable set of mobile devices that I know are relatively secure and wont get in the way of what I want to do.

Point being, the OS you want on, and ecosystem you want around your devices absolutely depends entirely on what you want your devices to do (or not do against your will).

Most times, this doesn’t mean anything, but there’s very few demographics that understand the need for privacy and data protection, better than gay folks.

Of course, he’s still at the whim of the Board, and he’s no spring chicken, so there’s no guarantee that his successor would feel the same, but I do believe that he, himself, is legitimately serious about privacy.

At the risk of sounding like Richard Stallman, that exactly is the problem with buying into such walled-prison ecosystem of devices. You're at the mercy of Apple pushing an update that can unilaterally take away your privacy and rights.

They already do that with sending hashes of your photos on your iPhone and implement dark patterns to trick you to upload your data to iCloud. Just 1 CEO change away from having them from being a privacy advocate to a privacy nightmare.

This is mainly a concern if you are a high value target likely to be the first person poisoned. For most of us, that’s not true, and a formerly good actor turning evil would be noticed long before it came our turn.

So there’s the idealist “I can’t be sure my favorite restaurant won’t poison me today, so I’m never eating there again”, and the pragmatic “the benefits I get outweigh the slim chance that today is the day they decide to attack boring people like me” outlook.

I’ll never fault someone for being the idealist; the concerns are unfalsifiable. But to me it looks like a rough way to live. Maybe just because I really am that boring so it’s hard to relate to having any super secret stuff that would put me among the first to be attacked.

If Apple adds a backdoor to their E2EE (by sending their servers the key) via a software update, and they don't do anything with the secrets exposed, they can compromise a large proportion of users over just a few weeks and there is a big chance you'll be among the "first", because the "first" is now a large set.

It's just another principal-agent problem, and I agree that a fully self-sovereign life, with no dependence on trust or agents, is an unrealizable ideal; and, that a decent solution (while not perfect) is reputation stake and aligned incentives, check and check in Apple's case. I too think Cook is sincere, and I trust them as far as I can throw their products, which is to say, a little. (The Apple Tax is so they don't have to rely on a sketchy big-data business model.)

That said, computing and InfoSec have some unique contours, in a way that trusting a mechanic or a lawyer does not. Those can have catastrophic failure modes as well (crashing from a shoddy repair, getting sued based on bad legal advice), but they aren't systemic to society, and have lower switching costs.

And I ultimately think it's a false choice. When it comes to meatspace security, it's possible to have trusted and accountable public institutions, and allow citizens to have some means for self-sovereignty (2A, locked doors). It would be foolish to rely only on one or the other, either as a society or an individual.

So I'm deeply grateful for the Stallman types, pushing forward the capacity for self-sovereignty. Even if it doesn't currently meet my needs from a risk/benefit tradeoff, I still benefit from the ecosystem, and its BATNA, and I look forward to the day I sever my dependence on Apple's ecosystem, whether or not they betray my trust.

I agree with this part, but relying Apple is quite far from self-sovereignty compared to many other practical alternatives: not relying on external clouds, GrapheneOS, Linux. By relying on Apple, you not only pay a tax to essentially bribe them to not attack you (perhaps a viable strategy, not too different from taxes to governments), but more importantly you give up the ability to resist without serious compromises (can't have E2EE backups on your own cloud if they said so). This is akin to trying to be paying taxes to the government to get better police coverage, and they decide to ban locks, security cameras, and leaving the walled garden.

The problem with the current computing security paradigm is that it puts too much trust in entities that do not deserve it, because the entities are simply too powerful and do not suffer consequences when they break that trust.

He's one end of the spectrum, and NSO is at the other end. The best place is somewhere in the middle.

Most times, this doesn’t mean anything, but there’s very few demographics that understand the need for privacy and data protection, better than gay folks.

I used to think this, too. His recent ring-kissing antics have changed my mind. He, too, can be bought for a price.

You don't write a check for a million dollars to a person who is actively trying to decimate the gay community and still get to wear the rainbow flag.

Collective action, even in corporate America, is required to beat these people. The failure here is that like-minded execs didn’t preemptively gather to prevent this outcome in the first place. If you want to be unhappy with Tim Cook, be unhappy that he was too politically naive for too long.

If a few more of us would have stood up at the time, the world could look very differently today.

He's a leader. He should lead.

Jobs also said a lot of things that still resonate with me. Recently Apple introduced a "classic Mac" screensaver that shows how carefully designed the original Mac GUI was. I'm sure nobody misses the days when app bugs could crash the OS, but I wish Apple were as obsessive now about detail now as they were back then.

(the article is good but giving you the hn for comments too: https://news.ycombinator.com/item?id=2131299)

The biography is really awful though. It constantly misquotes people - Bill Gates is directly quoted as saying something so technically inaccurate he can't possibly have said it.

I also remember that every time his son is quoted it's because he was telling a dick joke. At one point the book claims this is why Apple Park is a circle. Why the author did this is not clear to me.

(Btw, I have an unreported Jobs story about this myself. Actually two. I'm not going to tell them, so feel free to just imagine.)

I feel like the official Isaacson biography was trying to tell a story, and would twist facts and reality to fit that story. This certainly makes for entertaining reading, but is not a great way to study history.

Meanwhile "Becoming Steve Jobs" gives the reader glimpses into Jobs's life, often very contradictory glimpses, ones that don't really tell you what to think. It shows you how complex of a person he really was.

It was my first Isaacson biography, and didn’t leave me excited for another one.

It definitely was, but at least parts of that must have been warranted given Jobs refused to read it, saying something along the lines of "I know I wouldn’t like what it says"

> Very well then I contradict myself,

> (I am large, I contain multitudes.)

When you speak ill of Jobs you are speaking on his moral character. When others (incl. myself) speak positively on Jobs, they are speaking on his design, business, and life philosophies, which are quite profound. [0]

How you want to weigh the two is up to you, but it is not a contradiction to say someone contains both good and bad.

[0]: https://youtu.be/cHuqhQmc4ok

Worst of all is the false good person / bad person dichotomy that leads to great offense at any slight praise for someone the reader has decided is a bad person, or any slight criticism of someone the reader has decided is a good person.

I can’t think of anything less fruitful than arguing over whether a public figure’s personal plus professional life makes them a 100% good person or 100% bad person. It’s strange the conversation ever happens, and yet it’s so incredibly common.

I personally view that as more of a failing in the system itself (why are there multiple lines to begin with when organ transport is a solved problem?), but it's not unreasonable to look at somebody exploiting that broken system and question their character.

I was at a talk with Martine Rothblatt several years back, who created a startup for 3D printed organs. They ended up also building electric helicopters to transport those organs, because the transportation bottleneck was a huge issue.

I try not to judges peoples character when they’re looking death in the face. No one really knows what they’ll do in that scenario. Most people who can save their own life will. This was the premise of the movie SAW… how far are you willing to go to save your own life? How strong is your survival instinct? Most people are never tested, and it’s easy to sit back and judge, but would you just sit back and die? How do we even know there was someone else in line behind Jobs? It could be that he got an organ that would have otherwise been wasted.

For some other actions on some sort of badness scale, we have:

- Murdering people for your spare organs. Parts of China do this (somebody survived and escaped recently, so it's stirred things up a bit). Most people think this is very bad.

- Paying for somebody's organs (similar to prostitution at some level, though banned much more frequently than sex work -- if society is structurally so unequal that sacrificing part of your life for a pittance is actually attractive, that reflects poorly on that society, and we try to ban.the rich and powerful from using that power to create scenarios more like my first point).

- What Jobs did. It's technically legal, but he necessarily got an organ before somebody else for no other reason than that he had money. Did that somebody else survive? Who knows. If you factor in that it was actually many people who were displaced, did all of them survive? Unlikely. Organ donations are already fraught with ethical issues and strongly held convictions, and I'm not at all surprised that a number of people would be upset at this.

You didn’t pose the question to me. And yet.

Very many people don’t. We know there are constructs that would enable us to pay less, yet we choose to not pursue them. We are part of a society that enables us to be what we are, why should we strive to give as little as possible in return?

(And yes, we also don’t send extra money. This is not a contradiction.)

Only because you don't want to put the effort in to pursuing it. If I told you you could reduce your tax bill by 20% by spinning round in your chair one time I doubt you (or anyone else) would decline.

Every entity generally seeks to take as much as they can and give back as little as they can. Individuals are generally a little less extreme, in my experience, with corporations being the worst.

My taxes are not a burden on me. While on the other hand, the local politicians have sought tax cut after tax cut, causing the library to limit services, the schools to cut down on teaching staff, infrastructure maintenance delays, less funding for local social services and city events, and more.

My paying an extra 20% wouldn't fix things, as adding to the general budget would end up simply reducing taxes further, instead of everyone sharing the load.

I hate that I've starting getting involved with local politics. I would rather code.

Or, following your self-centric analysis, I would put the effort into raising my taxes by 20% since the collective benefits give me much more than what I can do individually.

While he could have funded a new hospital and not even change his tax bracket.

Though SJ "He was diagnosed with insulinoma, which unlike other pancreatic cancers, is curable and can be treated with surgery."

see: https://www.bbc.com/news/technology-16157142#:~:text=He%20wa...

And the outcome was a computing company that was waaaay less mediocre than 99% of these other memetic, mediocre gradient-descent chasing privacy-abusing, ad-supported companies.

Apple has raised the bar so high. And the DNA of what is manifesting is Steve’s insistence and vision followed by Tim’s clarity of execution.

Look at the Apple Architecture moves. They got Intel’s hot, slow CPUs out of the device. And replaced them with excellent, quiet, fast, efficient CPUs, with UMA and great features.

It’s hard to nail every detail when you have the surface area of Apple 2025. A huge huge company with billions of users and dozens of device families and services. But the bar is high for most of what they do.

Because we miss new instances of the great products they created to earn all that money.

He became a billionaire because Disney bought Pixar.

When I see the sincere sentiment sometimes expressed towards Jobs, I wonder if something similar is being tapped into when people - often tech people - use and experience LLMs.

To put it a bit bluntly, it almost feels like there's a mystical or religious element to it. As if we desperately want there to be miracles, and oracles, and god-like, caring men who can provide us with beautiful products, and rituals, and a future where everything is sleek and bountiful and timeless. As if some spiritual "hole" were being filled.

I don't mean to disparage anyone who feels fondly towards Jobs or LLMs, I'm merely sharing an observation of mine.

RIP

Source: people who were at Apple during that time period.

Example: https://www.nbcnews.com/news/world/government-officials-want...

I think people underestimate how traumatic it was culturally to Apple and how Apple generally experiences comparatively little turnover vs their other major tech peers, so the responses to those traumas linger. Same with the brouhaha over the CSAM tech that they attempted to bundle into the iPhone that ostensibly was trying to preserve your privacy and they instantly got smacked down over it.

I have two thoughts about this.

One, if you tell yourself a story strongly enough, it becomes real. Especially when you can structure the company to force it to become real.

Two, "marketing" is usually used disparagingly to mean something like "advertising that brainwashes customers into wanting something", but it's more like "knowing what people are going to want by the time it's ready to ship". It doesn't necessarily even include advertising. So in this case people do want privacy.

Isn't that Product rather than Marketing?

IIRC the advertising people are called Marcom or "marketing communications".

The iPhone had to add an app store because there were some apps that users couldn't build on the web at the time. They since allowed apps, but those apps are restricted to a proper subset of the APIs that first party apps get.

https://folklore.org/Diagnostic_Port.html

> Expandability, or the lack thereof, was far and away the most controversial aspect of the original Macintosh hardware design. Apple co-founder Steve Wozniak was a strong believer in hardware expandability, and he endowed the Apple II with luxurious expandability in the form of seven built-in slots for peripheral cards ... >This flexibility allowed the Apple II to be adapted to a wider range of applications, and quickly spawned a thriving third-party hardware industry.

...

> Apple's other co-founder, Steve Jobs, didn't agree with Jef about many things, but they both felt the same way about hardware expandability: it was a bug instead of a feature. Steve was reportedly against having slots in the Apple II back in the days of yore, and felt even stronger about slots for the Mac. He decreed that the Macintosh would remain perpetually bereft of slots, enclosed in a tightly sealed case, with only the limited expandability of the two serial ports.

> Mac hardware designer Burrell Smith and his assistant Brian Howard understood Steve's rationale, but they felt differently about the proper course of action. Burrell had already watched the Macintosh's hopelessly optimistic schedule start to slip indefinitely, and he was unable to predict when the Mac's pioneering software would be finished, if ever. He was afraid that Moore's Law would make his delayed hardware obsolete before it ever came to market. He thought it was prudent to build in as much flexibility as possible, as long as it didn't cost too much.

> Burrell decided to add a single, simple slot to his Macintosh design, which made the processor's bus accessible to peripherals, that wouldn't cost very much, especially if it wasn't used. He worked out the details and proposed it at the weekly staff meeting, but Steve immediately nixed his proposal, stating that there was no way that the Mac would even have a single slot.

> But Burrell was not that easily thwarted. He realized that the Mac was never going to have something called a slot, but perhaps the same functionality could be called something else. After talking it over with Brian, they decided to start calling it the "diagnostic port" instead of a slot, arguing that it would save money during manufacturing if testing devices could access the processor bus to diagnose manufacturing errors. They didn't mention that the same port would also provide the functionality of a slot.

>This was received positively at first, but after a couple weeks, engineering manager Rod Holt caught on to what was happening, probably aided by occasional giggles when the diagnostic port was mentioned. "That things really a slot, right? You're trying to sneak in a slot!", Rod finally accused us at the next engineering meeting. "Well, that's not going to happen!"

> Even though the diagnostic port was scuttled, it wasn't the last attempt at surreptitious hardware expandability. When the Mac digital board was redesigned for the last time in August 1982, the next generation of RAM chips was already on the horizon. The Mac used 16 64Kbit RAM chips, giving it 128K of memory. The next generation chip was 256Kbits, giving us 512K bytes instead, which made a huge difference.

> Burrell was afraid the 128Kbyte Mac would seem inadequate soon after launch, and there were no slots for the user to add RAM. He realized that he could support 256Kbit RAM chips simply by routing a few extra lines on the PC board, allowing adventurous people who knew how to wield a soldering gun to replace their RAM chips with the newer generation. The extra lines would only cost pennies to add.

> But once again, Steve Jobs objected, because he didn't like the idea of customers mucking with the innards of their computer. He would also rather have them buy a new 512K Mac instead of them buying more RAM from a third-party. But this time Burrell prevailed, because the change was so minimal. He just left it in there and no one bothered to mention it to Steve, much to the eventual benefit of customers, who didn't have to buy a whole new Mac to expand their memory.

But at the same time he was also very proud of the PowerMac G3/G4 case which could be opened at any time (even when it was on) with the side being hinged with a prominent, friendly finger loop.

Aug 2023, https://www.df-f.com/blog/ios17

Nov 2023, https://www.df-f.com/blog/ios-17round2

Feb 2025, https://www.df-f.com/blog/sptm3

  I would particularly like to highlight the work of Dataflow Forensics and their much more advanced work dissecting SPTM without the benefit of source code. I enthusiastically await their promised blog post about exclaves and hope they will answer many of the remaining questions, provide gory disassembly explanations, and correct all my mistakes and assumptions!

Are they? The article's closing paragraph advertises a _future_ Dataflow blog post to the reader. Their follow-up March correction is consistent with the Dataflow Feb summary, https://randomaugustine.medium.com/more-speculation-on-excla...

The discussion has been underwhelming:

I read TFA and wasn't sure what to even make of it.

A gentle suggestion for a more interesting / entertaining article currently on the front page with a glance: https://news.ycombinator.com/item?id=43311696

Hatching a Conspiracy: A BIG Investigation into Egg Prices

https://www.thebignewsletter.com/p/hatching-a-conspiracy-a-b...

P.s. @gnabgib thanks for all your excellent dupe postings! I used to do a lot but life got busier. You are appreciated.

Edit: @thrdbndndn: My bad, yes this submitted article is the one that sucks. Thank you! If you delete your reply it will make things less confusing, but no worries and best wishes.

> exclaves refer to specific resources that are separated from the main kernel (XNU) and cannot be accessed by it, even if the kernel is compromise

Also interesting:

> It’s not uncommon for mid-cycle releases of macOS to gain new features in preparation for the next major version. Perhaps the most fundamental and significant added to Sonoma 14.4, together with iOS 17.4, iPadOS 17.4 and watchOS 10.4, are exclaves.

https://eclecticlight.co/2024/08/20/sonomas-unfinished-busin...

This is not correct

A tiny bit of hardwired dedicated logic integrated into the camera module would be more than adequate to do this - just gating of either the digital I/O or the power to the camera, and a pulse-stretcher so the LED goes on for at least a few seconds each time to prevent an attack by rapidly flicking the camera logic on and off.

A similar circuit for the microphone with a different-coloured physical LED - not just a software-controlled dot on the screen - would be a good idea too.

And then your LED driver would need to know screen brightness (or connect to the ambient light sensor) because you want to be bright enough to see in direct sunlight, but that level of brightness would be unpleasant (and maybe screw up legit camera use) in low light.

So if you believe your SK is secure, you can do a better job more simply by using it. And if you don’t think SK is secure, all bets are off anyway.

Apple generally isn’t out to make things willfully overcomplicated without good reason.

https://news.ycombinator.com/item?id=42260379

They'd be unable to roll out the feature to older iPhones if they did this.

I guess for newer iPhones this is not as big of a deal since they have a big-ass notch anyway, however Apple also has a large customer base that only buys their older products (like me), and saying that their older products have worse security than their newer ones is probably not the kind of message they want to send, even if it might potentially get them some new sales.

It’s (for example) similar to the Kinect. It projects a pattern of structured light in IR then looks at that with an IR camera to be able to determine depth.

If I had to bet, exclaves will be a bridge to something bigger, either a more modular OS (like Fuchsia) or a CHERI-inspired security model where memory safety is enforced at the hardware level.

Apple is leading the pack in consumer OS security, but exclaves are a patchwork improvement rather than a total rethinking of system design. That said, this is probably the biggest security shift in mainstream OS design in the last decade, and it will take years before we see its full impact.

From the page[1] with the video: a security feature that can a) harden the kernel and b) ensure that critical kernel resources remain untampered, even if the kernel gets compromised. VBS uses hardware virtualization and the hypervisor (Hyper-V) to create an isolated virtual environment that runs as a higher trust level, called Virtual Trust Level 1 (VTL1). VTL1 has its own kernel, separate from the Guest kernel, referred to as the Secure Kernel.

[1] https://lssna24.sched.com/event/1aIeD/linux-virtualization-b...

> To allow for execution of exclave Services while isolated from XNU, Apple has introduced a new kernel called the Secure Kernel (SK).

Or do exclaves run on a separate chip, like Secure Enclaves-with-a-N do? (The article said not to confuse the two.)

- Exclave exposes a small set of functions that kernel may call for sensitive operations - One of those is “update exclave”. The input to this is a blob signed with Apple’s private key. - Exclave verifies signature, so a compromised kernel and push a malicious update

How the exclave gets Apple’s public key is a little opaque to me. One way would be to have the exclave have its own (per device or per global version) private key, but client side private keys are very high risk.

Alternatively, perhaps some elaborate set of baked-in public keys for Apple and a way to validate a CRL?

That said I’m not sure what you or GP mean by “update exclave”. It’s just part of the kernel binary loaded up at system start. Wouldn’t it be updated the same way the rest of the kernel is, probably requiring a restart?

For now, I think existing exclaves such as the one that displays the camera indicator do not really apply to macOS (since MacBooks have dedicated hardware for that), but in the future there might be exclaves that do.

Try reading that footnote again:

> Note 2: Page Protection Layer (PPL) and Secure Page Table Monitor (SPTM) enforce the execution of signed and trusted code on all platforms with the exception of macOS (because macOS is designed to run any code). All of the other security properties, including the protection of page tables, are present across all supported platforms.

It doesn't say macOS doesn't use SPTM. It says macOS doesn't use SPTM to prevent running unsigned code, since macOS is supposed to allow unsigned code (after the user jumps through some hoops).

https://en.wikipedia.org/wiki/Mach_(kernel)

This, because they don’t have TrustZone

One simple example: recent versions of macOS run all apps inside a sandbox, even those that don't opt in. One thing the sandbox blocks is apps modifying each others files, which up until then had been a major weakness of the security system (signatures of a bundle were checked at first-run, but not on every execution).

They are also kernel-to-kernel currently, so third party support would likely be limited to implementing things like secure device drivers. However, Apple has been trying to push third party drivers to user space, not to the hypervisor. Based on that migration happening in parallel with this development, I do not suspect they plan to pivot and have third party driver developers use exclaves.

It is pretty common for Apple to do significantly more stabilization of kernel-imposed platform features like this internally before exposing to third parties (see also pointer authentication a la arm64e).

TL;DR: we are doing things in hardware that ought to be done in software, and we're giving software too close to metal access.

User mode should be something like the JVM, but more language-neutral, something based around WASM for example. The runtime for this should ideally be written in a memory safe language and very extensively tested. User mode code should not have access to raw pointers, raw CPU, etc.

If we'd done this we also could have elevated things like the common API beyond the lowest common denominator of C. We used to have a ton of research and some fielded systems like this: Smalltalk, LISP machines, the JVM, the CLR, etc. The JVM and the CLR are still quite alive and well but the HN world seems to hate them for some reason. Smalltalk and efforts like the LISP machines died out.

One of the great things about it (in my opinion) was the lack of context switching. It broke a fundamental assumption about how an OS should work. It could also do global optimizations.

I wonder how much of a boost you'd get for that? I'm sure it would depend on the work load.

Could you explain what you mean more please?

The privacy features for messaging and cloud storage, plus not having to worry (as much) about security as I might with Linux, are the only reason I still use Apple. Every year I get more and more disappointed though. More and more nostalgic for the Apple software I used to enjoy using.

https://xkcd.com/1200/

I tried to read the article, and know what all the words mean (sel4, enclaves, virtualization primitives, etc.).

It all seems very complicated and error prone, but I couldn’t figure out what the attack model is, or what the security objectives are.

Eg, what sorts of things run in exclaves, and under what circumstances will a persistent kernel level compromise on my laptop protect those things?

I could imagine a passkey implementation with some extensions that allow securely presenting what the user is consenting to and how ("enter your payments PIN or password now to confirm a payment of $x to merchant y").

It's of course even better to do that in tamper-proof security coprocessors such as Apple's secure enclave, but TEEs have the big advantage of having access to much more memory and faster processing, which allows doing more complicated things there more easily.

They can also always lean on the secure hardware for actual key management, but handle more complex user interface operations in an environment that's still more secure than the main OS.

Android has supported something just like that years ago with "protected confirmation" [1], but unfortunately it's only available on Pixel phones and hasn't really been picked up by app developers as a result; the situation for Apple is of course very different, so I have some hopes that if they launch something comparable it could actually see some adoption.

[1] https://android-developers.googleblog.com/2018/10/android-pr...

Apple is already using the secure enclave for key derivation, PIN/password rate limiting etc. (that’s what it’s for), but my point is that there’s currently a gap in that you can often not really know if you are actually talking to the secure enclave or OS-level malware.

(Though I’m not convinced that will actually work on modern apple devices, where the led is pixels that run through the compositor — I guess the video driver stack and window managers are also exclaves in this world?)

Once you have that, you can take the idea further: Displaying an indicator that confirms that all your keystrokes are going to an exclave validating your password, for example.

The much-hated touch bar actually enabled just that, for Apple Pay payments, as far as I remember: It could display something like "touch to confirm payment of $x" on its own screen in a way that was impossible to manipulate from macOS – now here's an opportunity to bring that level of security back without requiring a dedicated display or taking away people's beloved function keys.

I would expect that to mean they're not included in screenshots so I'm curious now whether that's true for the iPhone 16.

In order to do those things I have to actually steal his laptop. Which would be obvious to him. It also implicates me.

If I could just remotely install a driver I don't need to worry about any of that and I can steal remotely and anonymously.