What happens when iOS 20 comes out and the A11 can’t run it? Is it suddenly okay then to ask Apple’s permission? I don’t think the court would hold up a bootrom exploit in an older chip as good enough for research purposes (what if an exploit only affected the A12 and A13 for some reason?)
If you require the user to hook into iTunes/Xcode, flip the device into recovery mode, click a few buttons, and agree to a "You're hecked if you break it now" policy, it'll be enough to scare off 99.9% of people from getting owned. After that, just have it work like the current profiles/supervision system where Settings makes it clear that non-verified code is running and has a big "make it go away!" button (sideloaded IPAs show up in profiles with a delete app button, and that works well enough except for the time limit).
I don’t really agree to this, the end result is going to be a large number of YouTube tutorials instructing people on how to do this with captions like: watch free movies on iPhone, “popular mobile game” money hack, and Snapchat take screenshots without notifying hack.
Half of these developer / root mode required secrets are going to be occasionally working mods and tweaks except with tons of baked in spyware and ads that can no longer easily be removed.
Perhaps some sort of per device profile which requires a paid developer account could work, but I’ve gotten a number of odd calls about YouTube videos involving Kodi from family before, so I’m not sure trusting in the give users freedom front.
This proves exactly the point made above of Apple not trusting the user.
However if someone wants to be an idiot, how far do you go to stop them? Apple's approach stops too many great possibilities for knowledgeable users. It should be in the same category as those "will it blend" types. Screw it up? No warranty.
For me there's several things I need it that are impossible because Apple won't allow them, so I have to use Android. But that's comes infected with Google spyware out of the box :(
I think Apple point is that users that need being protected from themselves without even realizing it are far more than those who might get a benefit from root without getting burnt. Since the two things can’t exist at the same time, they’re going for the road that makes the majority happy.
I wonder how much people are able to publish about the device. I'd expect not much, but it'd be nice to be able to compare a iPhone that was completely unlocked (at least, to whatever that means for Apple) with whatever security they put on the ARM Macs which are supposed to be "open for hobbyists". I'd expect that the ARM Macs have much of the same security stack (by default) that iOS devices have given what they said in the WWDC talks, but maybe that's not the case.
Also, if you found an exploit on a research iPhone because you made use of entitlements that were Apple-only, I wonder if that'd be worth anything bounty wise. Nobody can/should be able to write an that'll get through App Store checks if they asked for PLZ_NO_SANDBOX_ILL_BE_GOOD or something (at least, that's what I thought before the whole Snapchat system call thing happened). But hypothetically the App Store review process is vulnerable to a bad actor inside Apple pushing an update to a big app that included malware, so I'd think that private entitlements shouldn't be available at all to binaries that didn't ship with the device/in a system update (unless some kind of hobbyist flag was flipped by the consumer). So I'd say that would be worth something, even if smaller than a more interesting exploit.
We’ll see how the shipping ARM Macs are “fused” when they come out, but my guess is that they will be more locked down than these devices: their OS will be more permissive but you will not have meaningful kernel debugging.
> Nobody can/should be able to write an that'll get through App Store checks if they asked for PLZ_NO_SANDBOX_ILL_BE_GOOD or something (at least, that's what I thought before the whole Snapchat system call thing happened).
Snapchat (on iOS at least) is still subject to the app sandbox, no app has on iOS has been granted an exception there to my knowledge. On macOS there are apps that are “grandfathered in” to not require the sandbox on the App Store, but new apps are supposed to have it. Due to the way the dynamic linker works, until recently it was possible to upload an app that could bypass the sandbox, but Apple has said they have fixed this. Some apps do have an exception to this as well, as the broad way they fixed one of the issues broke legitimate functionality in library loading. You can find those hardcoded in AMFI.kext, theoretically they could turn off the sandbox for themselves if they wanted.
The KDK has instructions for loading your own kernel extensions on Apple Silicon. This includes making a new writable root snapshot, modifying it, then blessing it for boot. It also includes kernel debugging.
Booting custom kernels is not supported at the moment but as has been noted "the Mac remains the Mac" and booting a custom kernel is allowed on the Mac.
And of course you can disable SIP.
Developer and hobbyist scenarios are an explicitly supported workflow on the Mac. Default security policies need to be the right thing for the vast majority of users but that doesn't mean anyone wants to take away your ability to do all kinds of interesting things to the system.
Yeah, I know, I read those instructions in full ;) I do have to admit that I am pleasantly surprised at how much is made accessible, I was fully prepared for this to be an opportunity to enforce mandatory codesigning, removing the ability to disable SIP or load code into the kernel, turn off secure boot, etc. but so far pretty much everything seems to be technically possible, which is nice.
However, I do still stand by my complaint; neither of us can go into too much detail of course but I think you understand that taking chips that were made to run iOS and with hardware-backed guarantees of certain properties for integrity on consumer systems makes for a poor experience when trying to do things like debug and patch the kernel. I mean, is it theoretically possible to debug the kernel? Yes, because they have been enabled superficially, but the experience of using them is much worse than you’d get on Intel (and not to mention developer-fused hardware). Personally I was only able to get it to work partially, and suspect it is even more broken/limited than how the KDK says it is; here is what I’m talking about: https://developer.apple.com/forums/thread/653319. If you aren’t aware, it took almost three weeks before someone could get a “hello world” up, so there is a real drag associated with this.
Again, I’m happy and pleasantly surprised to have these things, at least on macOS; it’s completely possible that these are just unintentional bugs or transitional issues or whatever, if they end up fixed I promise I will stop complaining about this particular thing. But I would like to emphasize that I do not consider the current state of affairs as laid out by the KDK to really count, regardless of the effort being put into this to make it work, which I fully understand helps back up the claim that “the Mac remains the Mac”.
Given that kext development is still supported (although highly discouraged), won’t they have to support the same level of kernel debugging as usual?
> On macOS there are apps that are “grandfathered in” to not require the sandbox on the App Store
Can you name any of these apps? Apple’s own apps don’t have to be sandboxed (like Xcode or macOS installers), but I don’t know of anything else that gets an exception. Some apps like Office get special “holes” out of the sandbox (in the form of additional SBPL), but fundamentally they’re still sandboxed.
> Given that kext development is still supported (although highly discouraged), won’t they have to support the same level of kernel debugging as usual?
They just need to support loading kernel extensions. As watchOS has shown, developers will figure out a way to get their thing working on your device even if your make debugging extremely painful. (Apple's current silicon prevents debugging entirely because the kernel is prevented from being patched in hardware.)
They're two separate groups. Group one, the grandfathered one, is "legitimate" software that was simply published to the store prior to the mandatory sandboxing requirement–those can still get updates and remain unsandboxed. The second group is the list that I posted here, that have special status in the dynamic linker (can interpose functions) and through that can (probably don't, but "can" on a technical level by exploiting flaws in how Apple does sandboxing) bypass the sandbox.
> We’ll see how the shipping ARM Macs are “fused” when they come out, but my guess is that they will be more locked down than these devices: their OS will be more permissive but you will not have meaningful kernel debugging.
My big worry is them dropping terminal access altogether like on iOS. That would really make the platform useless to me.
However I don't think they would do this at this point. There's many user groups (like cloud developers) specifically favouring Mac because of the strong terminal access.
Craig specifically said that this wasn't going to happen, in one of the podcasts he said people came up to him internally and said "Wait. There's still Terminal, right?" and he said "Yeah, it's a Mac.". The Platforms State of the Union host also said that they had made contact with a bunch of open-source projects with assistance (and in some cases, iirc the OpenJDK and CPython, pull requests) on moving to ARM.
Well, we don't know entirely yet. But based on the videos and what we know about DTK, patching the kernel is no longer something you can do for example. That's enforced in the silicon itself almost immediately after the computer comes out of reset, so even with arbitrary code injection into the kernel (extensions) you're not getting around it.
What's the annoyance? It's an MSI. Use msiexec /x to remove it (probably via PDQ Deploy or SCCM or a PowerShell Script), and then block the installer from running again during an Office install with GPO [0]. It's definitely easier than cleaning up some of the other garbageware in Pro.
Blocking it's removal? How? Teams was installed with Office on my current system, and it pops up in Add/Remove Programs. IT Admins can prevent it from being installed with Office (and remove it from all of their machines if it has already been installed)[0]. It's not included with Windows either (just as Office isn't). And Slack isn't blocked from being installed either.
What's the anti-competitive angle here, other than the OS is created by Microsoft, the IM system is created by Microsoft, the Office suite is created by Microsoft, and the licenses are often bundled? Apple would be guilty of a similar thing by shipping Messages.app and iWork with macOS, no?
As a person that sets direction for IT in an organization that uses Office 365, I can say that I didn't appreciate that MS forced Teams on us. And the controls that you mentioned were not available from day 1.
I don't support Slack here but MS really forced Teams on us like it or not.
Not being an office 365 user, how is it any different than other software? For instance, I believe the LibreOffice installer defaults to install all the modules. But I can change it to just install writer and calc.
When it first rolled out the office install actually adds a teams installer rather than teams itself (and no choice to avoid it). So then teams would reinstall with every restart after being uninstalled and pop up front and center asking you to sign in every time windows started.
You then needed to sign in before it would give you the option not to start with windows or to only start in the background.
Obviously you could avoid this by uninstalling teams and ALSO it's auto installer. I'll add the caveat this may have only been the behaviour for those with skype for businesses installed or those in NZ(I've heard NZ is occasionally used as an early roll out/testing zone for some microsoft products) rather than more generally.
I'm not familiar with Office licensing. Do you have to pay more because they bundled Teams (maybe) or do you have to use it? (that would be surprising)
Anyway, at least you can self host Exchange. Slack is centralized.
We had an O365 plan that included Skype for Business. Skype was replaced by Teams. MS force 'upgraded' our O365 tenant to Teams - I was given notification but no option to completely avoid Teams. We don't pay extra specifically for Teams, we do pay extra for PSTN dial-in to Teams meetings.
No, we don't have to use Teams. But we were using Skype, so we were going to move to something. No one was already using Slack and paying for just chat wasn't going to be in the budget. We can certainly uninstall it. But you have to be sure to uninstall the machine-wide installer they stick on there or it comes back.
After covid, we hold most meetings in Teams now and its been fine. Wish I had more control at the beginning and it didn't just show up where we already had Skype.
Right we were using Skype. Then one day I got an email about Microsoft moving us to Teams. I was able to delay the Teams roll out by 1 month but I could not prevent us being moved to Teams. Skype was part of the Office 365 level that we subscribe to and we were using it. MS replaced it with Teams.
Honestly, Teams is better than Skype. But it wasn't until covid forced everyone home that we really started using Teams, that first week was painful.
I was fortunate in that I moved my team to Teams (I still find the name terrible) well before MS put a mandate out.
So our folks were comfortable once the MS EOL statement came out and the company started moving everyone over. Everyone else had quite a bit of a struggle for a week or so though.
On the plus side, I think there were very few complaints after a couple of weeks. Which probably had a lot more to do with how bad Skype for Business was (much worse than Lync) than how good Teams was (it was still fairly unpolished at the time...it's much better now...MS has been adding features and fixing issues rapidly).
What do you mean MS forced Teams on you? IT has always been able to control what apps install with the office suite, including Teams. Teams being freely offered as a bundled service certainly incentivizes its use, but there has never been any penalty for using an alternative service other than, of course, the cost of layering on another service.
When we installed O365 desktop apps Teams wasn't a thing. I used an administrative install. We installed Skype because about half the company was already using it.
Then one day in June 2019 Microsoft informed me that Skype for Business was going to be upgraded to Teams. I had the option to request a one month delay but I could not stop the roll out of Teams. At some point Click-To-Run (the installer for O365) put Teams on every computer that already had Office. In addition to the Teams app it installed the Teams-machine-wide-installer, which installs Teams to every profile that logs onto the computer, making it run at logon.
Its that part where I didn't get to choose because I already had Skype for Business that bothers me. The machine-wide installer is annoying too. Yes one can uninstall those things but that takes admin rights (some action by IT).
That’s just because SfB was being killed and replaced with Teams. So if you used SfB, it stands to reason that you would want to keep using its direct replacement. It would have been silly to just tell you “SfB is dead” and then not give you a replacement.
If I was informed that Skype was going to die I missed that notification. I was given 30 days notice and no choice. We didn't have to use Teams and could uninstall it but its not clear I could have blocked the install.
For me, Microsoft Teams installed itself one day, unprompted. In order to remove it, I uninstalled it.
The following day, it came back. It turns out you have to remove both Microsoft Teams and something I think was called "Teams Machine-Wide Installer." Only then would it stay removed.
There are so many more choices than there were 20 years ago. Microsoft makes a kick ass office suite. There's nothing monopolistic about it. They've been in this game longer than anyone and that's reflected in the feature set.
Their products and licensing provide more value now than they have in a very long time. There's also G Suite which is pretty cool. Or you could use Libre Office.
Anyone complaining about monopolies today has no idea how bad things actually were in the late 90's to early 00,s. We have more high quality products from more vendors and better interoperability than probably any other time in the history of computing.
> Anyone complaining about monopolies today has no idea how bad things actually were in the late 90's to early 00,s. We have more high quality products from more vendors and better interoperability than probably any other time in the history of computing.
In what areas? I see an industry with more and more consolidation. There is no longer the serious competition there once was in the field of office suites or certain kinds of creative software, which is really sad.
When was there competition in the office suite space? In the early 90's? Or the law firms that continued to use a stagnating WordPerfect for way too long after everyone else standardized on MS Office?
I entered computing at a time when there was basically nothing else available. Mac was trash and way past its glory days. Linux was a toy that no one would use seriously. The hardware support was non-existent and if you wanted to get online you often had to go buy a new modem. The other players today didn't exist yet.
It's true there is consolidation, but there are also options which didn't exist at all not too long ago.
By definition, a monopoly is a majorly dominant market position, it says nothing about how it was achieved or the quality of the product.
>Anyone complaining about monopolies today has no idea how bad things actually were in the late 90's to early 00,s. We have more high quality products from more vendors and better interoperability than probably any other time in the history of computing.
Things being worse in the past is not a reason to not push for further improvement. By your argument we should stop all research and progress since things used to be worse so we should be happy enough with the status quo.
That's only looking at O365, the cloud-based version of Office. Not all companies have migrated to the cloud version yet. If you look at all versions of Office, some sources claim Microsoft has 90% of the Office Suite market. I'm not linking to any, because I don't know which, if any, are trustworthy.
Yeah you’re talking Office 365. Let’s bundle in all the companies using on premise Office (2012, 2016, 2019, etc) and I bet the numbers are flipped drastically.
Office 365 is a subscription service for both on-prem and cloud. It would be pointless to include the old Office seats since the conversation is about bundling Teams with Office, and that is only done with the Office 365 offering.
While it may not be included in the OS, it is certainly promoted in Windows. I saw a full-size pop-up ad in Windows telling me to install Teams. I did not have Office installed.
It's just annoyingly expensive for Windows boxes, with all of the licensing and stuff. Microsoft includes licenses for running VDI in Azure with Microsoft 365 now, but it still requires a full on-prem Active Directory setup (which you probably don't have if you are using Microsoft 365). And then on top of those licenses, you also have to get Citrix/VMWare licenses if you don't want to use Azure. It becomes more expensive than hiring a IT person to just manage all of the laptops you deploy everywhere (except in certain scenarios like healthcare).
I want to live in a world where we all have SunRays and I just plug in a card and show my session running in the cloud, but it's too darn expensive still (and everyone in enterprise is too scared to try and build one themselves since the big vendors have Microsoft's blessing when building their solutions). That one time I had a VDI at an internship, boy was it magical. Being able to walk into a conference room, type my password and show people something was extremely powerful.
I’m thinking that someone at Microsoft may have snuck the code for Windows into the archive after it was pulled from Github. Between Windows and OS X, a ton (most?) of the end user software would be unusable to a future generation in its original form since they didn’t have the desktop OS it was used on.
Ironically, 500 years from now, they may think that the year of the Linux desktop was 2008 :-D
Presumptively, the Tech Tree will have some way of bootstrapping a system capable of decoding the tapes. They say in the introduction that it’s nearly useless to access the tapes without a computer and that they expect whoever is reading this is to have a computer that is centuries more advanced than we have now.
Maybe they just zip tied a ThinkPad to the tape reader and pray that it can eat whatever happens to it in the vault.
I don't know, it'd probably take 18F like a month to add a page to whitehouse.gov called "Things the President said", add 2FA and whatever else it needs to be installed on his government phone, and a little bot that listens for whenever he writes something on there and tweets it on Twitter. Then you have a source of truth that we know wasn't modified between the government and the reader, and it doesn't break the social following.
But I guess its easier to just complain about Twitter.
In the other thread, this was phrased as Tesla not allowing those states to release the information of people who bought a car to third-parties because privacy. I'm sure if you wanted to take the survey in one of those states you can just reach out to JD Power yourself, they can't scrape your information though.
That's a privilege reserved for Tesla if you complain about them publicly, or if you do something they don't like, so they can tell the press that you "were warned about hands on the steering wheel", even if that happened 14 minutes before the accident that happened.
Or if you find references to new models or features, so they can lock you out of the car's firmware, after downgrading it, and disable diagnostic ports.
How does Tesla "not allowing those states to release the information of people who bought a car to third-parties"? That's purely between you, the state motor vehicle registration office, and the state's regulations, right?
