[HN Gopher] Temptation of the Apple: Dolphin on macOS M1 ___________________________________________________________________ Temptation of the Apple: Dolphin on macOS M1 Author : svenpeter Score : 473 points Date : 2021-05-24 10:58 UTC (12 hours ago) (HTM) web link (dolphin-emu.org) (TXT) w3m dump (dolphin-emu.org) | floatboth wrote: | > [mapping memory WX] hasn't been forbidden on any of the prior | platforms that Dolphin supports | | Well, rarely _completely_ forbidden, but e.g. I think OpenBSD has | been W^X by default for quite some time (though IIRC with a WX | allowed flag per... FS mount?). Now on FreeBSD it 's not default | but it's there, and if you turn it on, you have to mark WX- | mapping binaries by running `elfctl -e +wxneeded`. | | Firefox actually became W^X compliant all the way back in 2015: | https://jandemooij.nl/blog/wx-jit-code-enabled-in-firefox/ | jolux wrote: | I didn't realize SpiderMonkey was W^X compliant. Does that mean | Apple's arguments about third party browser security on iOS are | less well-founded than I had believed? My impression was that | performant JITs were incompatible with W^X. | voxic11 wrote: | No the issue on ios isn't that W^X is enforced, its that you | can't mark a page that _was_ writable as executable (whereas | W^X just implies that a page can 't be both writable and | executable at the _same time_ ). Firefox has been W^X | compliant by default since 2016 as its considered more secure | in general. | jolux wrote: | Ah I see. The iOS restriction makes sense, even though it's | more aggressive. | floatboth wrote: | This Dolphin article is literally about making a performant | JIT run on an OS that is, among other things, strictly W^X :) | | > arguments about third party browser security on iOS | | Well, W^X is just one mitigation technique. But also, the | "security" arguments have always been kinda dubious. I don't | think there's that much difference (at least philosophically) | between an interpreter bug causing arbitrary crap to happen | inside your app's sandbox and a JIT bug doing the same. | jolux wrote: | As the sibling comment mentions, apparently the iOS | restriction is that you cannot execute pages that have ever | been marked as writable, which is much stricter than W^X. | tdonovic wrote: | Incredible the perf they get out of it. Bit confused with the | graph towards the end, is perf better under Rosetta than | natively?! | Macha wrote: | The rosetta vs native vs 9900k vs 8559h graph? | | The only game rosetta is beating native on is rogue squadron 2. | Since Dolphin is a JIT, this seems to be a case of where | Rosetta's JIT is smarter than Dolphin's in terms of which ARM | instructions are chosen when converting from the Intel | instructions than Dolphin when converting from the emulated PPC | instructions. | | Unless you're comparison is the 8559h and not the "native" bar. | I mean, the 8559h is a mid range older Intel CPU and it's hard | to understate how much Intel stagnated since Sandy Bridge (and | especially since Skylake). | leoetlino wrote: | Rosetta is faster than native in that case because the | AArch64 JIT has to fall back to the interpreter for memchecks | (unlike the x86-64 JIT). | Aaargh20318 wrote: | > Since Dolphin is a JIT, this seems to be a case of where | Rosetta's JIT is smarter than Dolphin's in terms of which ARM | instructions are chosen when converting from the Intel | instructions than Dolphin | | According to the article, the AArch64 JIT isn't as complete | as the x86 one so some less common instructions are emulated, | not JITed. I imagine a game that uses a lot of these is | slower with the native ARM version. | G3rn0ti wrote: | The real challenge is running F-Zero GX. I'd love to see some | benchmarks for this game -- the hardest game to emulate. | bri3d wrote: | By what metric? AFAIK the Factor 5 games, especially Rogue | Squadron III, are considered the most challenging, both due to | their obscure tricks (iirc Rogue Squadron uploads an outdated | audio microcode to get a "loop counter" feature back which no | other games use, for example) and most complete use of the MMU | mechanisms (I believe they even use the ARAM as swap | transparently to the game engine, using some goofy allocator | trick) - which is why Rogue Squadron III was chosen for this | benchmark. | G3rn0ti wrote: | > Rogue Squadron III | | Ok, never played that game. I'll better try not to play that | on my ancient Intel powered laptop ... | | Different games run differently well on Dolphin if you got | older hardware. While Mario Kart Double Dash runs perfectly | fine in full screen, ,,F-Zero GX" suffers massive slowdown in | some levels on my 7 years old CPU/GPU combination. | Interestingly, both games employ the ,,heated air" effect on | similarly looking levels -- but still I got 40 FPS vs. 60 FPS | in that case. I wouldn't mind but the sound needs to be in | sync with the graphics subsystem on the Game Cube -- audio is | broken with even slightly slower frame rates, unfortunately. | umanwizard wrote: | Why's it hard to emulate that game in particular? | G3rn0ti wrote: | The heated air effect on the ,,Sand Ocean" course seems to | make the emulator sweat. My 2013 Intel Core i7 with HD | Graphics can't render that without massive slow down. | xrd wrote: | Where is the Linux ARM equivalent laptop? When I read about Pine | laptops, it never seems like they tout the amazing performance | like the M1. | djrogers wrote: | > Where is the Linux ARM equivalent laptop? | | There isn't one. Apple's silicon team is at least 1-2 years | ahead of all the other ARM vendors when looking at mobile | performance, and none of those vendors are even trying to do | anything in the desktop space (yet). | dstaley wrote: | Qualcomm has released several ARM-powered Windows laptops, | and just announced today a desktop-form-factor Windows Dev | Kit powered by the new Snapdragon 7c platform. | Wowfunhappy wrote: | This is why I'm actually expecting Apple's laptops to become | a fairly common choice for Linux users, once marcan's work | gets further along! | fulafel wrote: | https://arstechnica.com/gadgets/2021/04/apple-m1-hardware-su... | xrd wrote: | That's interesting, but I don't want to buy apple hardware. | When I buy an Apple product, I'm paying for the integration | the software and all the other stuff in addition to the | hardware. That's a steep tax. I just want an arm chip | performance and free software on top of it | djrogers wrote: | The M1 doesn't smoke Intel chips just because it's ARM - | the latest chips from Broadcom and Samsung don't even come | close. The M1 is good because it's good. | xrd wrote: | That's what I'm a little confused about. It isn't just | because it is RISC, it's Apple magic? It seems weird that | you can emulate other instruction sets with RISC | underneath and get the performance they do. I assumed if | you could recompile to the native instruction set you | would get a really optimized app, but it seems like the | interesting work always operates at a different layer. | Fascinating stuff. | NobodyNada wrote: | I am absolutely not an expert on microarchitecture, but | I've had the same questions and tried my best to figure | out answers. Here's my understanding of the situation: | | > It isn't just because it is RISC, it's Apple magic? | | It's both. We've known for decades that RISC was the | "right" design, but x86 was so far ahead of everyone else | that switching architectures was completely infeasible | (even Intel themselves tried and failed with Itanium). It | would have taken years to design a new CPU core that | could match existing x86 designs, and breaking backwards | compatibility is a non-starter in the Windows world. So | we ended up with a 20-year-long status quo where ARM | dominated the embedded world (due to its simplicity and | efficiency) and x86 dominated the desktop world due to | its market position. | | However, with Apple, all the stars lined up _perfectly_ | for them to be able to pull off this transition in a way | that no other company was able to accomplish. | | - Apple sells both PCs and smartphones, and the | smartphone market gave them a reason to justify spending | 10 years and billions of dollars on a high-performance | ARM core. The A series slowly evolved from a regular | smartphone processor, into a high-end smartphone | processor, and then into a desktop-class processor in a | smartphone. | | - Apple (co-)founded ARM, giving them a huge amount of | control over the architecture. IIRC they had a ton of | influence on the design of AArch64 and beat ARM's own | chips to market by a year. | | - Intel's troubles lately have given Apple a reason to | look for an alternative source of processors. | | - Apple's vertical integration of hardware and software | means they can transition the entire stack at once, and | they don't have to coordinate with OEMs. | | - Apple does not have to worry about backwards | compatibility very much compared to a Windows-based | manufacturer. Apple has a history of successfully pulling | off several architecture transitions, and all the | software infrastructure was still in place to support | another one. Mac users also tend to be less reliant on | legacy or enterprise software. | | > It seems weird that you can emulate other instruction | sets with RISC underneath and get the performance they | do. | | As far as I understand it, the only major distinction | between RISC and CISC is in the instruction decoder. CISC | processors do not typically have any more advanced | "hardware acceleration" or special-purpose instructions; | the distinction between CISC and RISC is whether you | support advanced addressing modes and prefix bytes that | let you cram multiple hardware operations into a single | software instruction. | | For instance, on x86 you can write an instruction like | 'ADD [rax + 0x1234 + 8*rbx], rcx'. In one instruction | you've performed a multi-step address calculation with | two registers, read from memory, added a third register, | and written the result back to memory. Whereas on a RISC, | you would have to express the individual steps as 4 or 5 | separate instructions. | | Crucially, _you don't have to do any more actual hardware | operations_ to execute the 4 or 5 RISC as compared to the | one CISC instruction. All modern processors convert the | incoming instruction stream into a RISCy microcode | anyway, so the only performance difference between the | two is how much work the processor has to spend decoding | instructions. x86 requires a very complex decoder that is | difficult to parallelize, whereas ARM uses a much more | modern instruction set (AArch64 was designed in 2012) | that is designed to maximize decoder throughput. | | So this helps us understand why Apple can emulate x86 | code so efficiently: the JIT/AOT translator is | essentially just running the expensive x86 decode stage | ahead of time and converting it to a RISC instruction | stream that is easier for a processor to digest. You're | right, though, that native code can always be more | tightly optimized since the compiler knows much more | about the program than the JIT does and can produce code | bettor tailored to the quirks and features of the target | processor. | YetAnotherNick wrote: | > We've known for decades that RISC was the "right" | design, but x86 was so far ahead of everyone else that | switching architectures was completely infeasible | | All the experts I listened or read to, they told that | instruction set doesn't matter and it is the | insignificant thing. The part that matters is branch and | data prediction, and caching. Also, even intel transforms | an instruction into RISC like microinstructions | internally. | | > Apple does not have to worry about backwards | compatibility very much compared to a Windows-based | manufacturer | | Windows is literal shit in backwards compatibility too. | Try to run any windows 7 or before program in windows 10 | and most of the time it won't work. Also, windows can | also run in ARM and unlike mac the ARM windows didn't had | emulation for years. | NobodyNada wrote: | > All the experts I listened or read to, they told that | instruction set doesn't matter and it is the | insignificant thing. The part that matters is branch and | data prediction, and caching. Also, even intel transforms | an instruction into RISC like microinstructions | internally. | | I've heard this before, but I've also seen sources which | indicate that x86 instruction decoding is definitely a | bottleneck [1-5]. The M1 has a significantly wider | pipeline/OoO window/reorder buffer than any other | processor, and most sources seem to agree that this is | because the simplicity of the ARM ISA allowed Apple to | build an 8-wide instruction decoder (as compared to | around 4-wide for x86 chips). [1] also mentions that | Apple's impressive branch-prediction capabilities are at | least partially because ARM's 4-byte-aligned instructions | greatly simplify the design of the branch predictor. | | So yes, it's true that an x86 processor really runs RISC- | like uops under the hood. However, the best out-of-order | execution pipeline in the world is limited by how far | ahead it can see, and that depends on how fast the | instruction decoder can feed it instructions. | | Once again though, I am _not_ a microarchitecture expert. | I just read bits of information from people who _do_ know | what they 're talking about and try to form it into a | coherent mental model. If you have knowledge or sources | that disagree with me, I would be happy to be proven | wrong :) | | [1]: https://news.ycombinator.com/item?id=25264384 [2]: | https://www.agner.org/optimize/blog/read.php?i=25 [3]: | https://news.ycombinator.com/item?id=26782213 [4]: | https://www.quora.com/Why-dont-intel-or-AMD-design- | an-x86-CP... [5]: | https://www.anandtech.com/show/16226/apple- | silicon-m1-a14-de... | YetAnotherNick wrote: | Are you sure about that? Mac mini price is $700. Let's take | ryzen 5600x for comparison which is worse on almost each | metric than m1: Processor: $300 | Motherboard: $200 good 256 gb SSD: $100(doesn't seem | to come close to apple's) 8 GB RAM: $40 | Case/cooling: $100 | | Even in the configuration which is worse in each of the | spec, you are hitting more than apple including apple tax. | | But yeah, I agree if you want an upgrade of RAM and SSD, it | is much expensive than the part. | nemothekid wrote: | As far as I can tell, Apple is the only company out here who | has a production chip with desktop class performance. I think | the Pinebook's chip isn't even very high end. I personally | wonder how long before we start seeing desktop SoCs from | Samsung or Qualcomm (probably running Windows?) | rvz wrote: | > There's undeniable excitement for the next generation of | AArch64 hardware to see how much further that this can go. | | This is what I am looking forward to. In the case for Apple | Silicon, the next generation will be even better and is not far | off from announcing the newer processors that will supersede M1 | in WWDC. | | The M1 only shows what's possible for Apple Silicon and the newer | generation of ARM-based Macs will impress further. So will skip | this one for now and wait what WWDC has to offer for the next | generation. | rationalData wrote: | In 5 years there will be 1nm transistors. If you skip this | generation, you might as well wait another year to get high end | stuff and you won't have to deal with Apple's less than | friendly practices. | dimitrios1 wrote: | I traded in my inferior Intel based 2020 13 inch macbook pro | for the M1 MBP and it only costed me 100 dollars, so I went | ahead and pulled the trigger. The battery life was abysmal on | the intel based and I was desperate. I love the form factor and | the size, I just never could get into any real programming | tasks without being strapped to a power source. | faitswulff wrote: | Your comment made me realize I'm waiting for the next | generation Apple Silicon SoC as a second data point. Even if I | don't buy it, it will tell us something about the expected | performance trajectory. | bombcar wrote: | I'm waiting for it too, I want to see how they're going to | scale (more processors? faster processors?) as some of the | design decisions could be arbitrary or actually inherent (can | they make an M2 with more PCI lanes?). | gjsman-1000 wrote: | For anyone shocked that ARM chips could get this far, and for the | Android users in the audience, remember that Apple cofounded ARM. | mengineer wrote: | I think android users are more aware that GPUs are where you'd | spend money. | | No one was competing for fastest single thread because no one | needs it. | | Well maybe marketers need it. | jeroenhd wrote: | It's clear AS is a great advancement in general computing, but | every piece like this reads as "the hardware is amazing, and it's | totally worth it to work around these arbitrary software | restrictions". | | This performance would've been available on iPads years ago if it | wasn't for Apple's blanket ban on JIT and the likes. | | Apple is one of those companies whose hardware I'd love to have | if it wasn't for their software and general corporate decisions. | Until I can run a proper version of Firefox on iPad, I'll have to | stick with the objectively inferior hardware for the coming | years. | Gorbzel wrote: | Guess what? No one does or should care about your opinion of | Apple's software restrictions or corporate philosophy here. | | As per the article, those visiting the comments were primarily | interested in discussion about JIT performance, comparisons | between ARM and x64 instruction sets, GameCube/Wii emulation, | etc. | | Instead, _every_ single post on HN even tangentially involving | Apple is taken over by these self-important haters and their | mindless takes, which are often full of false assertions | anyhow. | | You are a platform war spammer and nothing more. It's a shame | the admins won't put a stop to this, as it's turning Hacker | News into a vehement cesspool for discussion. | whoknowswhat11 wrote: | Totally agreed. It's kind of pathetic. | | The only reason apple was able to pull of the M1 transition | the way they were able to is BECAUSE they have such control | over their ecosystem. | | Windows / Microsoft tried with itanium and ARM with much less | success. | | The platform war folks always take the most negative view | possible, cannot even IMAGINE why apple might have chosen the | approach they chose. | | Well, M1 is what happens when you control your platform. | PowerPC / Intel / ARM -> this control has let apple evolve | dramatically. | jonathanstrange wrote: | Not to be contrary for being contrary, but for me it's pretty | much he opposite. I've never had complaints about the software | when I was an Apple customer (i.e. from 1992 to 2007) and don't | have reasons that there is any particular software problem. But | the hardware keeps me from buying macs. It doesn't matter how | fast Apple's laptops become, as long as they don't have | replaceable batteries, have insufficient RAM, and do not come | with glare-free screens, I'm not going to become an Apple | customer (or developer) ever again. | | The power cables are too short and the obsolescence is too | planned in modern Apple hardware. | jolux wrote: | I'm definitely a little annoyed they don't bundle the | extension cables with the MacBooks anymore. It feels like | nickel-and-diming. That being said, MacBook displays do have | antireflective coating, though it's been known to wear off | historically. They have been pretty good about replacing it | though. | | As for RAM, you can get 13" MacBook Pros with 32GB of RAM and | 16" MacBook Pros with 64GB of RAM, and if that's not enough | you're probably not going to have the easiest time finding | options with more from other manufacturers, especially in a | form factor that isn't a gigantic brick. | foldr wrote: | > do not come with glare-free screens | | Do you mean that you want a matte screen? If not, Mac screens | are generally among the brightest on the market and have very | good anti-reflective coatings. Almost any competing laptop in | the same price bracket is likely to have a lower quality | screen. | Wowfunhappy wrote: | I can't speak for the GP, and I don't consider it a deal- | breaker as they apparently do (my laptop is a Macbook Air), | but yes, I really would like a matte screen! For all of | Apple's engineering, matte screens are still far clearer in | sunlight. The colors aren't quite as good, which is a | shame, but I'll take the lack of reflections. | mcphage wrote: | > the obsolescence is too planned in modern Apple hardware | | I'm fairly confident Apple hardware has a much longer usable | lifespan than competing products--that's why the maintain so | much value in the second-hand market. | gjsman-1000 wrote: | And for the downvoters, is an iPhone, or an Android, the | one that gets more software updates and maintenance over | time? | klelatti wrote: | You can't separate the hardware from the software and corporate | decisions though. | | The problem you've got here is that the iOS model has worked | incredibly well for Apple. Without that you wouldn't have had | the investment that has delivered the M1. | | I'd love to be able to run Firefox on the iPad. I also disagree | strongly with some of Apple's decisions - especially on the App | Store. However, where we are now is a better outcome than a | hypothetical position where iOS is less successful and Apple is | using inferior CPU designs. After all I can always buy an | Android tablet if I want to run Firefox. | [deleted] | jtdev wrote: | I run Firefox on iPad with zero problems... | klelatti wrote: | I'm sure you know but Firefox on the iPad uses Apple's | rendering engine Webkit and not Mozilla's Gecko -so | arguably it's more like Safari than desktop Firefox. | jtdev wrote: | Why should I care? It works beautifully... I have zero | concern for what rendering engine Firefox on iPad uses. | klelatti wrote: | I didn't say you should care. | | If you used Firefox extensions - as many others do - then | you probably would. | ianai wrote: | We'd all be spared confusion if you called it "Firefox | sans WebKit". It probably is too much to expect everyone | reading a comment to know about the rendering bit. | klelatti wrote: | Sorry no idea at all what you're saying here. If you know | what WebKit is then you probably know what rendering | means. | intrasight wrote: | They have amazing hardware because of the deep pockets that | derive from their locked down hardware and software. I'm not | putting a value judgement on that - there is plenty of open | hardware and software. But here's my concern. What if Apple | continues to pull ahead? How far ahead might they eventually | be? | CPLNTN wrote: | This is interesting, often I've read the opposite point of | view, people that would love MacOS on an XPS or iOS on a one | plus. I guess that changed a lot in recent years, I remember in | 2016 when the new MacBooks came out that they were a straight | up bad deal. Nowadays, with the M1 is totally the opposite | philistine wrote: | It's undeniable that a whole class of ARM software was | prevented from even being conceived because it has to pass the | App Store's Byzantine set of rules. | | On the other hand, I see so many software developers vehemently | refuse to notarize their Mac versions. Notarization is far less | egregious and it pains me to see so many straight up refuse to | even consider it as an alternative to the iron grip of the App | Store. | collaborative wrote: | I tried notarizing, but gave up after 2 weeks of trying. I | used to offer an app that wrapped an entirely java-based | (shipped with its own JavaSE JRE) app within an Apple Script | launcher. I used to be able to sign it, but the notarization | tool simply won't accept my app's bundle. So had to drop it | jeroenhd wrote: | As a non-Mac developer, what does it mean to notarize a piece | of software? Is that something you need to do in order to be | able to run a piece of software these days? | my123 wrote: | It's used as part of Gatekeeper for software downloaded | from the internet. | | See https://developer.apple.com/documentation/security/nota | rizin... for the notarisation process and | https://support.apple.com/en-us/HT202491 for the customer- | facing documentation, which includes how to work around it | when needed. | | Gatekeeper can be totally disabled via sudo spctl --master- | disable. | jeroenhd wrote: | I see. That's a pretty developer-hostile measure. | Luckily, I don't intend to ever ship any software to | Macs, so it's not a problem to me. If I did want to ship | a Mac version of any tool I'd write, I'd pretty hesitant | to jump through Apple's hoops, so I can understand why | developers don't want to notarize their stuff. | my123 wrote: | For Windows, distribution without signing isn't exactly | painless either, and the signing certificates for that | are quite expensive. | | And there, it's not even deterministic, see | https://www.digicert.com/dc/blog/ms-smartscreen- | application-... | | The goal of the system is to authenticate which developer | made a given piece of software, to be able to track the | spread of malware. An option is always given for a user | to opt-out. | gjsman-1000 wrote: | Really? I find this hard to believe, because if this was | true, why doesn't Android have a bunch of unique apps that | couldn't exist on iPhone? | | Yes, Android does have some apps that can't exist on iPhone, | but I wouldn't say that most people find them compelling or | care about them. Those that do already have Android. | phh wrote: | Except emulators and actual web browsers you mean? | m4rtink wrote: | Not to mention various IDEs and a lot of specialized | tools basically compiled from a Linux distro. Still it's | far from ideal given that everything needs to be compiled | against the bastardized Bionic c library using the wonky | at best Android NDK. Not to mention issues the Termux | project uncovered where newly introduced "security" | features prevent you from running binaries that were not | installed from an APK (breaking many Linux distro chrome | usecases and IDEs). | | In short, a proper mobile Linux distro is needed, as | Android is already far from perfect and getting worse. | Hopefully some of the projects spawned around and related | to PinePhone can cover that over time. :) | saagarjha wrote: | Android hardware is not very compelling as of late. Nor are | the users, to be entirely honest. | myko wrote: | I assume this is meant as a joke but it is in very poor | taste | saagarjha wrote: | Not sure what's wrong about it, it's fairly well known | that Android users don't pay for software? | lern_too_spel wrote: | Most iOS users just don't know how much better it is on | Android. | | As a developer, I can make apps for my own device without | telling (or paying) anybody and use old devices like | somebody else might use a Raspberry Pi. | | I can use real Firefox with real uBlock Origin. | | I can get free apps from Amazon App Store. I can get | verified secure open source apps from F-Droid. | | I can use separate restricted accounts on my for kids and | guests. | | I can use a separate launcher experience for driving | without needing to purchase a head unit. | | I can watch videos (including the "GIFs with sound" that | proliferate on Reddit) with the sound off and on-device | generated captions. I can copy text from arbitrary screens, | even if that text is in a picture. | | I can route all my calls through Google Voice or any other | calling service. I can open map links in any mapping app I | like. | | I can use emulators and native apps for game streaming | services. | | I can have my photos automatically upload in the | background. | | I can update my browser engine and a lot of other "system | software" without a reboot. | | I can use headphones without ever charging them. I can | unlock my phone while wearing a mask. | | I can filter notifications the same way I filter my mail. | | Using iOS would be a massive productivity drain as well as | an entertainment drain and security loss. Most of the | people I have demonstrated these things to have found one | or more of these abilities compelling enough to have | switched. | VortexDream wrote: | I used Android for a few years. Then I used iOS for a few | years (iPhone and iPad). I switched back to Android two | years ago. | | I liked a lot of things about iOS. Apps for Android | tablets are still largely terrible and there is some | bizarre behavior around SPens and multi-touch that I | don't understand. But I could never go back. | | The biggest benefit is I have all my files automatically | synced between my phone, tablet and laptop. I never have | to manually push something to the right app, then figure | out how to get that on my Windows laptop. It's just | there. Whether it's emulator save files or ebooks or | documents or photos or anything else. | aptgetrekt wrote: | I make a free mac utility and would be fine with notarizing | it if it wasn't $100 a year. I don't want to pay $100 a year | to give away something for free. And the message that pops up | telling users to "contact the developer" because "the app | needs to be updated" is just infuriating. To me it feels like | Apple asking users of unnotarized apps to bug developers into | paying Apple that $100 a year. | fartcannon wrote: | It's even worse when you consider the cost to humanity. They | pay the brightest minds they can find to build walled gardens | around knowledge. | | This is the same reason I don't use Microsoft or Google's stuff | unless I have to. Knowledge wants to be free. | coldcode wrote: | Yes and people take advantage of that freedom to extract a | terrible toll on society in lost privacy, freedom, money, | terror and the like. There is no freedom for just the good | people without also allowing freedom for those who prey on | others. | | It's like arguing that we should have no laws whatsoever | because they impact your freedom to do whatever you want--but | no one wants to live in that society. If you don't like Apple | or Google or Microsoft that is still your privilege but | arguing that is what everyone should have is disingenuous. | | The Internet supports your freedom to say or do whatever but | people every day show that without some limits everyone | suffers. You might think you are smart enough to defeat all | those who will try to take you out, but there are much | smarter people than you or I out there and lots more of them, | and many of them are evil. | fartcannon wrote: | Your comment reminds me of that Simpson's clip where they | move and Bart is put in the remdial Leg Up Program: "Let me | get this straight. We're behind the rest of our class and | we're going to catch up to them by going slower than they | are?" | meepmorp wrote: | This is a really unpopular take on Apple for HN, so I can see | why you're getting downvoted. | threeseed wrote: | You are either being disingenuous or completely oblivious | because the "I want a fully open iOS platform" is the most | popular take on Apple. | gjsman-1000 wrote: | And also it is quite possible that we are in an echo | chamber, because outside of hacker news and a few circles | like it, there might be less support for this than we wish. | meepmorp wrote: | My god, you're right - it has to exactly one of the two | options you posit! | mengineer wrote: | Given the 1 and 2nm transistors, this minor increase in | performance on non multithreaded applications will be obsolete | in a few years. | PragmaticPulp wrote: | The Write XOR Execute restriction discussed in the article is a | security feature, and it's greatly beneficial from a security | standpoint. | | > Until I can run a proper version of Firefox on iPad | | FireFox for iOS works just fine. The Gecko vs WebKit difference | doesn't really matter in practice. | | If you want general purpose computing, just get a Mac. You can | run Firefox and any other program you'd like. It would be great | if there was an opt-in developer mode on iOS that bypassed | certain restrictions, but I also understand why Apple chose to | go with security and simplicity as 99.9+% of their customers | have no need nor desire to go beyond the security and platform | restrictions. | | I have both an iPad Pro with keyboard case and a MacBook. Even | if I could run whatever I wanted on the iPad, I'd still be | reaching for the MacBook because it's just a better physical | platform for doing anything other than simple touchscreen and | stylus work. | lostgame wrote: | >> FireFox for iOS works just fine. The Gecko vs WebKit | difference doesn't really matter in practice. | | Yeah; sorry - it _really_ does - I vastly prefer Gecko's | rendering engine and notice it's considerably speedier and | more responsive on my MacBook Pro side by side to the newest | Safari. The app even opens faster. | | Not only that, but I imagine there are a _ton_ of web devs | here in the comments who have a requirement testing on the | _actual_ FireFox, not some light skin on top of the existing | WebKit engine with bookmark sync support. | | FireFox for iOS is the _farthest_ thing from 'FireFox'. It's | in name only. | wffurr wrote: | Comparing my iPad Pro with keyboard folio and a 2014 11" | MacBook Air, I agree that the MacBook has a much better | trackpad-and-keyboard experience. | | I do wonder how the 12" iPad Pro with Magic Keyboard would | compare. I haven't used one yet, but I suspect it would be | pretty good. The 12" display seems a little large for a | tablet, though. | sp332 wrote: | Firefox on iOS is not Gecko. Like all other browsers on iOS, | it is a skin on the OS-provided Webkit. This is because fast | JS execution depends on operations that are illegal for apps | to access. | r00fus wrote: | So we're talking about the M1 Macs, not iPhones - Firefox | on Mac is Gecko. So the comparison of Webkit (iOS FF) vs. | Gecko (Mac FF) is the comparison being made as you can | download both if you want. | sp332 wrote: | W^X JIT seems to have been solved in Firefox in 2016. htt | ps://www.phoronix.com/scan.php?page=news_item&px=W-XOR-E- | ... So that's not the specific blocker for Gecko on iOS. | wffurr wrote: | There is an opt-in developer mode on iOS. You can compile and | install any software you want on your own iPad; no paid Apple | developer account needed. | | There's even a way to get W^X memory regions on iOS by | abusing ptrace: https://saagarjha.com/blog/2020/02/23/jailed- | just-in-time-co... | | It can't be submitted to the App Store or deployed with | TestFlight, but you can build and install an app using that | hack just fine on your own device. | | Open source browser vendors, like Firefox and Chromium, could | provide builds that enable a full browser engine experience | on iOS devices, were they to think it worth the effort. | Wowfunhappy wrote: | The apps you install expire after a week. You need to | reconnect your device to a computer at least once every | seven days and reinstall the custom app. Also, you're | limited to three apps at a time. | | It's not actually usable for anything. It's also a | completely arbitrary and needlessly-punitive restriction-- | if I've opted in to installing custom software, why limit | me to three apps at a time, and why make them only last a | week? What security benefit does that provide? | wffurr wrote: | https://altstore.io/faq/ is a pretty comprehensive way to | make this actually work. | r00fus wrote: | Facebook has in the past asked users to deploy their | Onavo app using this mechanism for their privacy invading | VPN (2015-ish). | radicaldreamer wrote: | I thought they used an enterprise certificate? Those are | still available and easily can be used to distribute | software without Apple review (but perhaps not for | companies as high-profile as Facebook) | neetdeth wrote: | They are no longer easily available - presumably as a | direct result of the Facebook incident. I'm sure there | are companies still grandfathered in, but as a new | entrant you'll be aggressively shunted toward either the | B2B or consumer App Stores. | sneak wrote: | > _There is an opt-in developer mode on iOS. You can | compile and install any software you want on your own iPad; | no paid Apple developer account needed._ | | However, an Apple ID is needed, which requires an email and | working phone number to get, along with additional | EULA/terms acceptance. It's not really a mode, but an | additional network service with its own terms and | conditions. | easton wrote: | From the link: "Preliminary testing on iOS 14 seems to | indicate that Apple has changed the kernel so that this | trick no longer works." | | This is why the iPad needs a way to disable SIP (and the | additional security features) just like the Mac. I could | give a heck about the iPhone, to be honest, there's maybe | one time in my life being able to JIT Python or whatever | would've been useful on my phone. But they advertise the | iPad as a computer, and yet their software restrictions | make it a portable TV. | handrous wrote: | > But they advertise the iPad as a computer, and yet | their software restrictions make it a portable TV. | | That's not at all true. It's not useful for some subset | of what certain geeks want to use it for. It's _very_ | useful for all the other things a highly portable | computer hooked up to a bunch of really cool sensors and | a very capable peripherals ecosystem is. | | Ordinarily I'm all for arguments that we, as an industry | (software developers, that is) are laughable failures, | but I don't think we've failed _so_ badly that computers | are useless if you can 't--for any reason, including | personal inability or lack of interest--run (e.g.) Python | on them. | easton wrote: | I was speaking more generally than this specific issue, | but things like not being able to mount file shares in a | stable way (where the connection isn't dropped a bunch, | although maybe that's a me issue and not a Files.app | issue) are blockers to video editing with something like | Premiere taking off on the iPad. No allowance of | alternative browser engines means software like VSCode or | Figma that rely on Electron would have to port bespoke | versions to either entirely native apps or to Safari | (which Microsoft has been doing with VSCode, but that's a | lot of work for teams that chose to make their app an | Electron app because it would save porting time). I'm | more willing to excuse the second one because it has made | it possible for a second browser engine that isn't built | by Google, but it's still a factor. | | It's more of a death by a thousand cuts scenario at this | point rather than major things being completely missing | from iPadOS, which is why it's painful to watch as they | sell extremely powerful hardware that could be used for | something cool if not for the darned restrictions. | nicolapcweek94 wrote: | Besides, I don't get the whole "can't do geek things on | an iPad". I have an iPad Pro 2017 and I've: | | - Run full linux on it (both emulated X86 and via WASM | magic, via A-Shell and iSH, both on the App Store) | | - Coded Python, C#, Javascript and Lua on it (via | Pythonista, Continuous, Scriptable and Codea) _and_ ran | the code on the iPad itself | | - Wrote blog posts for my old static site and pushed them | to a git repo to publish them (via iA Writer for writing | and Working Copy for Git) | | - Connected via SSH and RDP to "real computers" (via the | Remote Desktop app and Blink!, though there's many SSH | clients on the AS) | | - Used SFTP to transfer files to/from said | computers/servers (via Secure Shellfish) | | There's also an entire class of apps built upon the | Shortcuts model, that allows you to extend and improve | upon the Shortcuts (nee Workflow, third party now first | party) "coding model", which is very powerful and heavily | integrated with the device and Apple services - though | very different from "traditional" coding. | | Is it a limited platform? Yes, absolutely. | | Is it a general purpose computer? Yes, most definitely. | | Can you do "geeky things" on it? Well, I've been doing | them for years. | | Can you run a full UNIX-like dev environment on it? Well, | yes, with tricks. But why would you want to, when there's | plenty of options that do it 1) natively 2) better? Use | an iPad for what its purpose is, not for what a Mac's | purpose is. | wffurr wrote: | Doh, somehow I managed to not read that despite (or | because?) being in a big callout box near the top of the | page. | wffurr wrote: | Huh! They removed that hack in iOS 14 but added "extended | virtual addressing entitlement" in iOS 14.2 that allows | this for real! | | https://9to5mac.com/2020/11/06/ios-14-2-brings-jit- | compilati... | mmebane wrote: | Unfortunately, the sideloaded-JIT support seems to have | been an accident, as Apple killed it off in 14.4. | | https://twitter.com/altstoreio/status/1354096048650809349 | saagarjha wrote: | Extended virtual addressing is exactly what it sounds | like: you get more virtual memory, not the ability to | JIT. The technique mentioned in that blog post is no | longer possible. | saagarjha wrote: | It's useful for security if you're running arbitrary | JavaScript you've downloaded from the internet. Its utility | in sandboxing old games is (mostly) dubious. | jtdev wrote: | I quite appreciate Apple's software and general corporate | decisions. Can you tell me about a better software/hardware | vendor out there? | nojito wrote: | Apple doesn't sell hardware/software. They sell experiences. | | It's not in their interest to sell/provide and support an | experience they didn't make. Their success shows that | experiences are all that really matter despite what the vocal | HN userbase routinely shares. | threeseed wrote: | I always laugh when I read comments saying they won't buy an | iPad because it doesn't have custom browsing engines, | terminals, network sniffers, emulators, VMs etc. | | As though Apple is an open source company selling to | developers. | alisonkisk wrote: | So much for diversity and inclusion. | kstenerud wrote: | I see it this way: Apple played the part of trailblazer, | demonstrating that it was possible to run circles around Intel | with modern RISC designs. We'll be seeing many more entries | into the marketplace over the next few years, and MUCH greater | diversity and consumer choice as a result. | | Sure, Apple did it for selfish reasons and they'll keep their | platforms locked up as much as they can get away with, but the | end result is a benefit for all as powerful and open RISC | systems proliferate. | jorvi wrote: | If that was true, Snapdragon, Kirin or Exynos designs would | have caught up by now. | | The fact is that because Apple sells the iPhone for high | profit margin _and_ earns from the services and software sold | on each iPhone, they can afford to stick a big, expensive | chip in there. In contrast, profit margins on most Android | phones are razor thin. Qualcomm has to design a chip that | performs relatively well for as 'expensive' as the market | can bear, as when their top chip is too expensive, OEMs will | just build their phone with one of the lower tier | Snapdragons. | | Once you adjust for transistor count, Snapdragons et al are | much closer to Apple's A-series than you'd think at first | glance. | | As for the M1, what shouldn't be discounted is the fact that | Apple controls the entire stack, which means they could build | in special features into it that together with Rosetta 2 make | running X86 relatively performant. | dmitriid wrote: | > e'll be seeing many more entries into the marketplace over | the next few years | | No, not in the next _few_ years. In 10 years? Maybe. | https://news.ycombinator.com/item?id=26917136 | kstenerud wrote: | This isn't a question of capability (which is already | there), but rather of mindset. Now that the other companies | know that it's possible to sell a $1000 ARM computer that's | not a phone or a toy, they'll be falling all over | themselves to join in on the gold rush. Lots of absolute | crap will ensue as they mindlessly bumble their way through | shitty designs, and then in a few years we'll see the first | decent non-apple ARM desktop and laptop computers. And by | that time, Microsoft will have dusted off their ARM code, | major Linux distros will be giving real love to their ARM | packacing. | dmitriid wrote: | It took Apple more than 10 years to get a CPU that | performs same or better as Intel's CPUs and can be put | into a laptop or a desktop computer. | | To produce a "decent non-apple ARM desktop and laptop | computers" other companies need to have started | developing such a CPU 5 years ago. | Wowfunhappy wrote: | This article isn't about the iPad, it's about the Mac. The Mac | supports JITs. The only conformance change they had to make was | marking memory as either write or execute, as opposed to both | at the same time. | | You can execute whatever arbitrary code you want on an M1 Mac, | up to and including completely custom kernels, if the user set | their Mac to allow such code. It's not locked down and its not | an iPad or an iPhone. I agree that the iPhone and iPad are | unacceptably locked down, but the Mac is not, and there's | absolutely no reason to group them together. | Vrondi wrote: | Yes. | threeseed wrote: | Apple's blanket ban on interpreted code is not arbitrary. | | It is there to prevent apps circumventing the review process | and security model ie. apps pretending to do X during the | review process and then doing Y when in use or obfuscating | their use of private APIs. Now you can argue these restrictions | are unreasonable but many of us don't want our iPads or iPhones | to be like our computers. | m463 wrote: | What good is the security model if every app has unfettered | network access? | xxs wrote: | > Apple's blanket ban on interpreted code is not arbitrary. | | Well, there is no ban on interpreted code but JIT -> just in | time compilation, which in many cases produces high quality | (gcc -o2) code. | notsureaboutpg wrote: | Fine, they aren't arbitrary (obviously a company worth that | much isn't making any arbitrary decisions). | | But they still suck and degrade the performance for computing | enthusiasts who most on this platform are (including me). | | I want to push hardware to it's limits because it's fun | because there's fun things out there when you do that. Apple | wants me to not bork my system or get confused when an app | tricks me or have to show up at their Genius Bar with a | problem they can't fix from a third party app they've never | heard of. | | That's fine, but I won't get in that situation, so I don't | want hardware locked down by software that worries I will. | tw04 wrote: | >Now you can argue these restrictions are unreasonable but | many of us don't want our iPads or iPhones to be like our | computers. | | It seems to me a rather simple fix: give users an | "unrestricted mode" just like Android has the ability to | install from third party. By default keep it locked down, but | allow the USER to make that decision, with ample warnings all | over the place about what they're about to do. | | Heck, for all I care make them go to an Apple store to have | it "unlocked" so an employee can walk them through what it | actually means and how dangerous it is so the average joe | schmoe doesn't just click the button by accident. | gjsman-1000 wrote: | If you do that, guess what Fortnite would do right now. | Guess what Facebook would do to get around Apple's privacy | restrictions right now. Guess what a ex-boyfriend would do | right now to install a blocked spying app. | | For better or worse, the App Store being the exclusive way | into the iPhone forces third parties to deal. Otherwise, | they just tell the user to make the choice for them. | | If you even listen to interviews with Apple engineers, it | sounds like they are less afraid of willing and | understanding people and locking their phones, as much as | they are afraid of third parties essentially forcing their | users to unlock their phone to install their products, and | thus getting an unfair exemption from Apple's protections | while smaller companies probably wouldn't have the clout to | force users to do this, resulting in an uneven playing | field. | | I do get the Apple Store one more, but as history has | shown, people literally go to the Apple store to get iCloud | theft locks removed by impersonating the owner and faking | receipts. | tw04 wrote: | >If you do that, guess what Fortnite would do right now. | Guess what Facebook would do to get around Apple's | privacy restrictions right now. Guess what a ex-boyfriend | would do right now to install a blocked spying app. | | I guess I don't get your point, if a user wants to | sideload fortnite or facebook, good for them? If an ex- | boyfriend has your phone and your password you've | probably got bigger issues than whether or not he can | click a button to sideload an app. | | >I do get the Apple Store one more, but as history has | shown, people literally go to the Apple store to get | iCloud theft locks removed by impersonating the owner and | faking receipts. | | I still don't follow your point, what on earth does that | have to do with someone being allowed to use their phone | how they want? You think someone is going to steal your | phone, go to an Apple store and pretend to be you to have | sideload enabled, then return the phone to you? I'm not | saying it would be impossible for that to happen, but I | would say: why would ANYONE go to that trouble? If this | is another "well ex-boyfriend" issue you're talking about | 1/10th of 1% of all users in existence. I don't think | that should be the demographic with which we base all of | the decisions on what an iphone can and can't do... | dnh44 wrote: | >I guess I don't get your point, if a user wants to | sideload fortnite or facebook, good for them? | | This will result in a few "must have" apps being side- | loaded to start, and finish with people having to | reinstall their phone operating systems every 6 months; | to the detriment of the vast majority of users. | | Do you not remember what the computers of regular people | were like in the late 90's and early 2000's? I remember | pretty much everyone non-technical having at least a mild | malware infestation and at least one extra toolbar in | their browser. | | I'm quite happy that the free market created a solution | that is more secure. | novok wrote: | You could do this with android phones for +10 years, | android is ~+%80 of the smartphone market and this does | not happen in practice. | squeaky-clean wrote: | I think their point is the users would not get the choice | to "want" to sideload. Fornite, Facebook, etc would pull | themselves from the App Store and be sideload-only. | Forcing users to choose between the security of their | device, or their favorite games and social media apps. | frosted-flakes wrote: | Epic tried that on Android. It didn't work so well, so | now they're back on the App store. | gjsman-1000 wrote: | I'm saying that if you add that choice, it isn't that | technical users have more freedom and that's bad. It's | that Apple users become pawns in a chess game against | other tech Giants, who don't want to follow Apple's rules | whether it be for privacy, IAP, or other reasons. | | Like I said with Facebook. If there was a private API | that Apple doesn't allow them to use that would make | tracking users easier, they would happily force users to | sideload so that they could use it. Smaller companies | would not have the power to force users to sideload, so | they would have to follow Apple rules while tech giants | would not. | | At this point, for better or worse, what started as | sideloading has destroyed the App Store. | | Lastly, as for why anyone would go for the trouble, are | you really sure that some government agency wouldn't | force users to sideload an app someday? If it had to go | through Apple approval, there would be a much bigger | legal fight than if they could just force people to | sideload it. There are other reasons than just ex- | boyfriends, I'm just trying to come up with some | examples. | tw04 wrote: | >I'm saying that if you add that choice, it isn't that | technical users have more freedom and that's bad. It's | that Apple users become pawns in a chess game against | other tech Giants, who don't want to follow Apple's rules | whether it be for privacy, IAP, or other reasons. | | Become "pawns" how? You're again saying that a user being | allowed to load things on to their phone is Apple's | responsibility. Literally nobody has said it would be | Apple's responsibility and we've got a case in point: | google. When you sideload an app, you're on your own. | | >Like I said with Facebook. If there was a private API | that Apple doesn't allow them to use that would make | tracking users easier, they would happily force users to | sideload so that they could use it. Smaller companies | would not have the power to force users to sideload, so | they would have to follow Apple rules while tech giants | would not. | | Again, not Apple's problem. If a user is warned that | enabling side loading exposes them to tracking, and the | user decides to do it anyway, that's their prerogative. | | >At this point, for better or worse, what started as | sideloading has destroyed the App Store. | | Destroyed what app store? Google allows sideloading, I | think most people would describe their app store as | thriving, not "destroyed" | | >Lastly, as for why anyone would go for the trouble, are | you really sure that some government agency wouldn't | force users to sideload an app someday? If it had to go | through Apple approval, there would be a much bigger | legal fight than if they could just force people to | sideload it. There are other reasons than just ex- | boyfriends, I'm just trying to come up with some | examples. | | They already force users to load apps directly, | sideloading isn't necessary. | gjsman-1000 wrote: | Right now, every developer will tell you that Apple is | significantly more strict with what is allowed on the App | Store than the Google Play store is. Not perfect, but | more strict. | | This has caused tech giants like Facebook considerable | hurt. For example, the fact that they have to have those | embarrassing privacy labels on their app in the App | Store. Or that they have to present that prompt asking | for permission to use the advertising identifier. | | Right now, even though this hurts tech Giants, this | benefits users. Google draws less than 1/10th of the data | from an iPhone user as they do an Android user. | | If sideloading was enabled, this check on their privacy | rules would no longer exist because they could force | users to sideload, which means they would immediately do | so, and users would lose the benefits that Apple's | restrictions give them. | | If users want to sideload, They should buy an android | where this check does not exist, and they can be on the | less restrictive Google play store where it doesn't | matter. If they want Apple to constrain the power of apps | to spy on them, they buy an iPhone. | | Even though you might vehemently disagree with Apple, I | respect the right of users to choose whether they want a | restricted but more private experience, or less | restricted but less private experience. | hota_mazi wrote: | > This has caused tech giants like Facebook considerable | hurt. For example, the fact that they have to have those | embarrassing privacy labels on their app in the App | Store. | | They have the exact same embarrassing label on the Play | store, and guess what, their Android app is also on that | store. Even though they don't have to be. | | The reason is that they have a lot more reach on a store | than as a sideload. | | The difference is that Google gives a lot more freedom to | developers and businesses than Apple does. | | > Even though you might vehemently disagree with Apple, I | respect the right of users to choose whether they want a | restricted but more private experience, or less | restricted but less private experience. | | That's a straw man. Nobody argued this. | | We're just calling Apple's monopolistic, hegemonic | behavior for what it is. As is Epic as we speak. | [deleted] | danShumway wrote: | By that same reasoning, should we be concerned about iOS- | exclusive apps (ie, Apple Arcade)? Should we be concerned | that you need an iPhone to sign up for an Apple credit | card? Or that iMessage isn't available on other | platforms? | | The situation between iOS and Android is very similar to | the situation you're scared of with a theoretical 3rd- | party app store. Consumers don't have a clean choice | between device ownership and a managed device. They also | have to consider hardware concerns, network effects, | exclusive apps/games and services. | | It probably sounds dismissive to you if someone says that | you can just choose not to use Facebook or Fortnite if | they're not on the official Apple store. In the same way, | it's a bit dismissive to say that I can just choose to | ignore arguably the only privacy-respecting credit card | on the entire market just because I want to use NewPipe | on my phone. People often don't get to choose their phone | based on one specific design aspect of that phone. | | > For better or worse, the App Store being the exclusive | way into the iPhone forces third parties to deal. | | I do agree with this, and I think this is the heart of | the conflict. A lot of people are arguing about whether | iOS is a monopoly. That's not really the most important | part of this conversation, the important question we | should be asking is: "do we want iOS to be a monopoly?" | | Being a (semi) monopoly and gatekeeping access to a | substantial portion of the mobile market allows Apple to | force companies to do certain things. Some people _want_ | Apple to have that power, because they think Apple will | force companies to be more private and to adapt more | consumer-friendly policies. Some people don 't want Apple | to have that power because they don't trust them with it, | they don't trust them not to shut down technologies like | game streaming or adblocking. | | Apple has used its monopoly power to do some great things | with privacy, their stranglehold over browsers on iOS is | one of the biggest reasons Chrome hasn't taken over | already. But Apple has also hampered the open web and is | stalling on PWA features, largely because those features | compete with the App Store. They also (imo) almost | single-handedly created a low-quality mobile games market | by maintaining a strict position for years that games | were not artistic statements and by locking serious games | out of their platform entirely. Apple's privacy- | preserving disposable email system is great, their severe | neglect for adblocking is bad. Their requirements around | accessibility are extremely helpful, their war against | adult content is extremely harmful. It's a situation with | both pros and cons. | | This debate is not really about whether or not Apple has | power over the market, obviously they do. Facebook isn't | just dropping iOS after its recent privacy changes. If | Apple didn't have any kind of outsized control over the | market, then companies wouldn't go along with their | changes, they would just support Android instead. If the | market allowed it, they would do exactly what you're | afraid of with a 3rd-party app store -- they would | abandon iOS and only support Android. But they don't, | because they can't. | | So the debate isn't about what power Apple has, it's | really about whether or not Apple _should_ have the power | over the market that they obviously do have. | flutas wrote: | > Guess what Facebook would do to get around Apple's | privacy restrictions right now. | | You mean the privacy features built in to the OS? | gjsman-1000 wrote: | Some privacy features are in the OS, but others aren't. | For example, Facebook probably doesn't like having users | see the privacy label in the App Store. It's kind of | embarrassing. Also, if Facebook could sideload, they | could use restricted APIs and entitlements that the App | Store would not permit. | handrous wrote: | Also, not being permitted to fingerprint users for | tracking. The OS prevents _certain_ methods of doing | that, but _can 't_ prevent all the methods that Apple's | banned. The review process and threat of the banhammer | are necessary to prevent those. | idle_zealot wrote: | > Facebook probably doesn't like having users see the | privacy label in the App Store. It's kind of | embarrassing. | | What's more embarrassing, that label in the App Store, or | a big scary warning that says something to the effect of | "This software has not been confirmed safe by Apple. It | is not guaranteed to work properly, and may be a SCAM, | VIRUS, or other MALWARE. By installing this application | YOU ARE PUTTING YOUR DEVICE AND PRIVACY AT RISK. Are you | sure you want to proceed y/N?" when trying to install | Facebook's app via sideloading? | gjsman-1000 wrote: | If your cousin or your friend or your techie son tell you | that that app is just fine and then it tells you that | warning for everything, it becomes the boy who cried | Wolf. | | Plus, even that is less embarrassing than Facebook | listing every single thing they track about you. | Cthulhu_ wrote: | That restriction is already circumvented with e.g. React | Native though, or any kind of webview - companies can change | their whole apps without a re-review. They MIGHT get called | out for it if someone reports it, but in theory it's very | possible. | lostgame wrote: | Sure; but the WebView component is Apple's own secured | little space, and it seems to be a fairly secure little | sandbox. | lxgr wrote: | React Native does not run within a WebView and has access | to the full iOS runtime. | fouric wrote: | Sure, it's not arbitrary, but you didn't nail the actual | reason: to make money. | | If Apple was actually concerned about circumventing the App | Store review process _for the purposes of security_ , they | would implement OS-level sandboxing and security models (e.g. | something capability-like) - this is both _far_ more secure | _and_ allows for more freedom to make apps. | | But they don't, because it's not about security - it's about | profit. | povik wrote: | Don't they, really? I was under the impression that they do | implement OS-level sandboxing and the ban on JIT/arbitrary | execute is another level of security. | dataangel wrote: | > It is there to prevent apps circumventing the review | process and security model ie. apps pretending to do X during | the review process and then doing Y when in use | | Doing this is still dead simple and in no way requires a JIT. | robenkleene wrote: | I'm not sure the reasons you listed, "X during the review | process and then doing Y when in use or obfuscating their use | of private APIs", are the best match for blocking all | arbitrary code execution. E.g., there's no reason an app | can't simply compile multiple use cases into a single binary | to get past review (in fact, this happens all the time). And, | it's _way_ too broad to be about blocking access to private | APIs, e.g., they 're blocking all running of Ruby, Python, | Node, etc... with this rule. | | I think the more specific match to what Apple is blocking | with these rules is anything that resembles an App Store-like | experience. Apple doesn't want anything that can download and | run arbitrary apps, because that would dilute their platform | control and other advantages. There's an excellent piece | about why Apple is so afraid of this | (https://stratechery.com/2013/why-doesnt-apple-enable- | sustain...). | | This motivation provides a more specific match to preventing | arbitrary code execution: An App Store-like experience is | almost impossible without downloading and executing code. It | also matches the exception that Apple provides for | "educational apps designed to teach, develop, or allow | students to test executable code may, in limited | circumstances, download code provided that such code is not | used for other purposes" (https://developer.apple.com/app- | store/review/guidelines/#2.5...). | | Furthermore, this perspective is support by other policies as | well: | | 1. This is why Apple doesn't allow third-party web rendering | engines on the App Store. A third-party web engine could also | be used to create an App Store-like experience. | | 2. See 4.2.7 (https://developer.apple.com/app- | store/review/guidelines/#4.2...), the rules around what | remote desktop apps can do. These restrictions seem | specifically written to prevent remote desktop features from | being used to create an App Store-like experience. | | So, while I think rule 2.4.2 does help with the goals you | listed, if it were just about those goals, these rules would | be written differently (e.g., allowing downloading and | executing scripting languages). And I think there's more | evidence that rule 2.4.2 is more about preventing third- | parties from providing App Store-like experiences. | jolux wrote: | It's not even a blanket ban on interpreted code, React Native | depends on dynamically generating views using JavaScriptCore. | Something like this is how Epic originally got around the | payment restrictions. Presumably you're still allowed to use | it to push updates, as long as you don't use it to circumvent | the App Store rules. | sillysaurusx wrote: | I'm surprised to see no one has pointed out you're mistaken. | This hasn't been true in quite some time. | | You can run whatever code you want. Doesn't matter whether it | has a JIT, or whether it loads all its code from a webserver | dynamically, or anything else. | | The sole criteria is "thou shalt not circumvent the app store | review process." That means, do not change the functionality | after they've reviewed it. | robenkleene wrote: | Here's the relevant rule (https://developer.apple.com/app- | store/review/guidelines/#2.5...): | | > Apps should be self-contained in their bundles, and may | not read or write data outside the designated container | area, nor may they download, install, or execute code which | introduces or changes features or functionality of the app, | including other apps. Educational apps designed to teach, | develop, or allow students to test executable code may, in | limited circumstances, download code provided that such | code is not used for other purposes. Such apps must make | the source code provided by the Application completely | viewable and editable by the user. | | I'd say the post you were replying to uses the wrong word | ("interpreted", I usually say it can't run "arbitrary" | code), but the rule is more specific than your description | as well. | sillysaurusx wrote: | There are many, many apps that ship bug fixes with no app | store review process via React Native. It loads code from | a server each time you run it. And to my knowledge, Apple | never has a problem with that as long as the app doesn't | change functionality. Any functional change must be | reviewed; everything else is allowed. | | I agree with you that the rule sounds specific, and I'm | not sure how to reconcile that with the fact that so many | apps ship with hotpatching. | robenkleene wrote: | My understanding is that hot reloading via React Native | is explicitly forbidden by the App Store rules (i.e., | you're never supposed to download JavaScript and run it | in JavaScriptCore). | | I think what you're describing is simply that the App | Store rules are selectively enforced. | alisonkisk wrote: | > many of us don't want our iPads or iPhones to be like our | computers. | | Thats completely irrelevant to anyone else's iPad, which has | no impact on your iPad's security. Would you be in favor of | Apple banning whatever Mac OS app you use because I don't | want to use it? | | And what even is the point of having a secure iPad if you're | also going to run an insecure computer? | TheCraiggers wrote: | > many of us don't want our iPads or iPhones to be like our | computers | | And many of us _do_. I would never buy a locked-down piece of | hardware like that. But I don 't think it matters either way | what either side wants, because it's what Apple wants that | matters. They want to keep their walled garden's walls air | tight, and there are apparently enough people that are OK | living in that garden that it works. | | I'm positive that they have done the calculus that they'll | make more money in the long/short term by behaving this way. | Google did a similar calculus, with a different set of values | (if not an entirely different set of variables altogether) | and came up with a different answer. Although it's | interesting to see how their position has shifted over the | years to be a bit more like Apple in some regards. | Regardless, the point is they don't care what you want once | they've gotten to the point of getting your money. Past that, | they only care about maximizing their profit. | dmitriid wrote: | > Google did a similar calculus, with a different set of | values (if not an entirely different set of variables | altogether) and came up with a different answer. Although | it's interesting to see how their position has shifted over | the years to be a bit more like Apple in some regards. | | It didn't shift. Google had the same calculus with the same | answers. Only Google never had the hardware, so AOSP was a | way to make sure Android is everywhere. | | There's a great Ars Technica article about this: | https://arstechnica.com/tech-policy/2011/09/owning-the- | stack... They all want to own the smartphone stack. | jezfromfuture wrote: | Yes Google calculated that users privacy means jack , users | security means jack but as long as you can do what you want | on ur phone and they can siphon off your data it's all | good. | | Hate apple as much as u like but I'm very happy they lock | the shit down and don't turn it into my pc , my phone is | for calls an texts privacy is important running bullshit is | not. | threeseed wrote: | Apple sells $20-30 billion worth of iPads each year. | | I think they might just survive without your business. And | pretty sure it demonstrates that their formula of security | and privacy over openness is the right one for them. | olyjohn wrote: | I think what you mean to say is that their marketing with | regards to their security is working. Do you think all of | those people with iPads really spend more than 20 seconds | investigating the security of iOS? | caddybox wrote: | > Apple sells $20-30 billion worth of iPads each year. | | > I think they might just survive without your business. | | The parent post makes some the argument that the | restrictive nature of iOS makes it unappealing to certain | users. You counter that with a discussion-ending argument | about how much money Apple makes. | | Not everything that makes billions of dollars is immune | to criticism. Especially since Apple markets the iPad as | a "computer", a term that traditionally referred to | unrestricted computing devices. | jeromegv wrote: | The money is about showing that there is a market for | people who do NOT want what this other user finds | appealing. Saying "no" is as important as saying "yes" | when it comes to adding features to a platform. | gjsman-1000 wrote: | I think a broader point is that iPhones will never be the | choice of people who want openness, and if the OP had a | chance to talk to an Apple engineer, the engineer would | probably tell him to use Android because the iPhone isn't | meant for people who need openness, but for those who | want to trade freedom for an experience that mostly "just | works" as they would say. | | Also, Apple knows as much as anyone that terms change | over time. Last week the RSA experts were angry that | "crypto" now meant "cryptocurrency" instead of the | historical "cryptography". | judge2020 wrote: | > Especially since Apple markets the iPad as a "computer" | | Except when it's not a computer https://youtu.be/pI- | iJcC9JUc (/s) | squeaky-clean wrote: | > makes it unappealing to certain users. You counter that | with a discussion-ending argument about how much money | Apple makes. | | For a business that makes it's money from consumer | spending habits, I think this is a perfectly valid | argument. Apple isn't a utility company or something the | users are locked in to. If they decided openness was more | important, why are they still buying so many iPhones? | r00f wrote: | Obviously I don't have exact numbers, but I am absolutely | sure the huge majority of people buy iPhone because it is | iPhone, and they have zero idea about this whole openness | vs security debate. Apple won the market with marketing, | not with proving that openness doesn't matter | xvector wrote: | > You counter that with a discussion-ending argument | about how much money Apple makes. | | The implication is that Apple's design decision favors | far more users than it doesn't. | | In other words, the same design decisions that cost Apple | one HNer nets them general consumers - so Apple can | definitely survive without the HNer's business. | casmclas wrote: | That's certainly the implication of their text. It is not | a legitimate conclusion. Given the premises "Apple has | made a decision X" and "Apple has made billions of | dollars since making that decision", you cannot conclude | "the decision has made Apple billions of dollars". We | cannot accept "All wood burns, therefore all that burns | is wood" but "All of Alma Cogan is dead, but only some of | the class of dead people are Alma Cogan". | | Lots of people disapprove of Facebook's data practices, | yet they still run several of the overwhelmingly most | popular social networks. Apple could be in a similar | position: producing an otherwise excellent product that | has a limitation people tolerate. | | The fact that Apple makes billions of dollars is not | evidence that every single decision of theirs is the best | decision for their profitability. In order for their | profit to be used against the argument and comfort of a | certain Hacker News commentator, we need some evidence | that the revenue is because of, not despite (or | unaffected by), the decisions that made the random Hacker | News commentator unhappy. At best we can conclude that | the decision is not such a howler that it's cost them | their market viability, but perhaps if they'd made a | different decision they could have owned the entire | smartphone market in a way that Windows used to own the | desktop OS market. | | (Another logical fallacy implicit in the argument is that | a decision made by a powerful person is more worthy of | respect than another decision. I must admit these kinds | of reactionary values are extremely far from me, and I am | shocked and uncomfortable to find how common they are.) | merdadicapra wrote: | > The implication is that Apple's design decision favors | far more users than it doesn't. | | That's some serious spurious correlation. | | https://www.tylervigen.com/spurious-correlations | | Globally in the tablet segment Apple has a 31% market | share (https://cdnen.soyacincau.com/2021/05/210503-tablet | s.jpg), so the number say that <<Apple's design decision | upsets far more users than it doesn't>> | | Many companies could <<definitely survive without the | HNer's business>>, the question is wether the HNer's | opinions hold more value technically speaking or not. | | I mean, Saudi Aramco makes much more money than Apple, | could <<definitely survive without the HNer's business>>, | but I guess nobody would say that their <<design decision | favors far more users than it doesn't>>. | Someone wrote: | > Especially since Apple markets the iPad as a "computer" | | Do they? I don't follow their ads closely, but I can't | find the word "computer" on https://www.apple.com/ipad- | pro/ (given the 8tneractivity on that page, it still may | be there, but I tried looking hard, and couldn't find | it), and they have an explicit ad saying "iPad Pro -- | Your next computer is not a computer" | (https://youtube.com/watch?v=09_QxCcBEyU) | | Can you point to that marketing? | anoncake wrote: | If an iPad Pro can be your next computer, it must be a | computer. | bigfudge wrote: | I think that quote actually emphasises that Apple | describes iPads as not really computers... it only works | as an ad line if it's counter intuitive | anoncake wrote: | What's a computer? | | 1. A device with a screen, a keyboard and some kind of | pointing device. | | 2. A device that can be used for every purpose a computer | can be used for. | | The Ipad is obviously not 1, so Apple must be claiming it | is/will be 2. | myrandomcomment wrote: | We to be fair their argument is 100% valid. Apple is very | successful in selling their HW as is without the feature | certain users want. The reality is that adding that | feature would have a great deal of cost behind it for | very little growth on their already impressive numbers. | Everyone here on HN likes to criticize Apple for not | allowing 3rd party stores, but in general wants their HW. | This community is self selecting for the tech people so | they think this is reasonable. My wife and kid and my | friends that are not in tech do not care about 3rd party | at all, and when I have asked them the answer is "I buy | Apple because it just works and I do not have to think | about it. That would add complexity I do not want!" This | is Apples market, not HN were this is the norm: | | Me: "Great, do not buy an Apple protect." HN: "But I like | their HW." Me: "Well then you have to deal with their SW | restrictions." HN: "But I do not want to, why cannot they | not just do this for me, it's just SW." | | Wash, rinse, repeat on every story on AppleHW. I would | really love to be able to read the comments on the | interesting aspect of the story without 80% of the | comments going back to this debate for once. | | Apple is NOT a monopoly, therefor you cannot force them | to change this. You can buy another device that allows | you to install 3rd party stuff. Do that. | swiley wrote: | >Apple is NOT a monopoly... you can buy another device | | They're a monopoly on imessage which most people who own | iphones think is just more advanced text messaging. | You'll get left out of groups if you do this. | | All we want is to be able to run our own binaries, I | can't believe this is even controversial _especially_ on | a forum full of software developers. | threeseed wrote: | There's also a monopoly on Slack, Google Docs, Fortnite | etc. | | In fact by that ridiculous definition everything in life | is a monopoly. | swiley wrote: | This is anti-trust (extreme abuse of the monopoly.) | | Slack, Google Docs, and Fortnite don't force you to use | their brand of computer to participate in group chats | with your friends. | | Slack and Google Docs even work on my pinephone. | | If Google forced you to buy an Android if you wanted to | use Google Docs with whatever group of people you need to | work with you'd probably be upset too. | myrandomcomment wrote: | WhatsApp has 2B users vs. 1.6B for Apple. Of the 1.6B for | Apple there is a group that would not use iMessage, but | any other 3rd party application, like Whatsapp. | | The fact that you are left of a chat does not make Apple | a monopoly. The people in your group could choose to all | switch to the same application, of which most of are | closed source. I spent a ton of time in APAC and while | each country has different most popular chat apps, the | group of us that have spent years working together on and | off at different companies all agreed on a common chat | app. It's just not hard. | | I have a few long term friend groups where a member has | an Android and the text is green. No issues sending them | text at all. The MMS stuff can be broken but that is not | Apples fault. | | Your argument is Apple once again the same as everyones | else, and appeal to everyone be open because it is your | philosophical view of things and it would make your life | simpler. | | Apple is a for profit company. They are not a monopoly on | chat because they choose to offer their users a better | experience over the standard SMS (which they supported). | | I am frustrated with all the people that miss that | distinction. They are a private entity and can do what | they way within the outline of the law. You can vote with | your pocketbook, or run for office and get the laws | changed. | | Also, the OSS vs non-OSS comment: you cannot take for | granted that everyone here comes down on the side of the | GPL 100%. There are a ton of us that work/worked at | companies that did priority software because that is what | made sense for the business model. We do not write | software for free - ie, there has to be a method to pay | our bills. I personally have major issues with GPL3 when | it comes to creating works for a profit company. No major | ones with GPL2, Apache, MIT, etc. | zepto wrote: | The term 'computer' has not historically made reference | to 'unrestricted' in any way, and the early history is | rife with examples of restrictive licenses and hardware. | derekjhunt wrote: | Source on this please. I'm skeptical that they sell | enough iPads to equal half of all clothing sold on the | planet, or they have a larger market or 20% of movies or | gaming worldwide. | catblast01 wrote: | This is really low effort to look up from reputable | sources if you don't believe it. Electronics have far | higher sales prices than clothing, I can't even begin to | fathom why that is a relevant benchmark. | zepto wrote: | Please don't ask for sources on things you can easily | Google. | | It looks like you are trying to discredit the poster or | accuse them of dishonesty without adding new information | to the thread. | | If they are wrong, you can trivially demonstrate that | with a link of your own. | dragonwriter wrote: | Please don't ask people to do a web search for support | for your claims. | zepto wrote: | For easily verifiable claims, it's absurd and frankly | dishonest to expect people to provide links. | | If you want to accuse them of lying or being mistaken, | you can provide a link. If their claim is implausible, | you can comment on why. | | Just asking for a link without adding one of these | doesn't add anything to the conversation except a demand | they do work. | spullara wrote: | Maybe you don't know what the size of the clothing market | is because it isn't $40-60B. If you just look at | ecommerce for clothing: | | The global fashion ecommerce industry was expected to | decline from $531.25 billion in 2019 to $485.62 billion | in 2020. The negative compound annual growth rate (CAGR) | of -8.59% is largely due to the coronavirus pandemic. | However, the market is set to recover and hit $672.71 | billion by 2023 | | The general clothing market is even bigger, obviously: | | In 2019, global retail sales of apparel and footwear | reached 1.9 trillion U.S. dollars, and were expected to | rise to above three trillion U.S. dollars by 2030. | squeaky-clean wrote: | Don't buy an iPhone then. I used to be all about | customizing my phone, but when the "Phone" app on my | android crashed repeatedly while trying to call 911 in an | emergency, I now only want a locked-down and stable piece | of hardware as my phone. | notsureaboutpg wrote: | Well as the main comment pointed out. The lament is that | the strongest mobile hardware out there at the moment is | also locked down. Would be nice to have the option for a | not locked down piece of that hardware, and we do not | wish that you don't have the option for a locked down | stable piece of hardware. | dylan604 wrote: | >I would never buy a locked-down piece of hardware like | that | | Do you own an Xbox or Playstation? Do you own a SmartTV? | vcxy wrote: | I'm not who you replied to, but I find this interesting. | It seems like you're asking rhetorically, but the answer | for me is no. I expect I'm not alone. | | I do own an old Kindle Paperwhite, which I assume is | fairly locked down? I'm not actually sure. | pwinnski wrote: | The Paperwhite is indeed locked down. | vcxy wrote: | Figured as much. It's been in airplane mode the entire | time I've owned it and I just put books on it with | calibre. I guess this somehow mirrors how some people | feel about their Apple devices? They don't notice it | being locked down because it already does what they want? | | The other alternative is what I can't relate to at all: | the device doesn't do what they want due to being locked | down, but they're ok with the trade-off. I don't have a | problem with it, but I can't relate. | dylan604 wrote: | This is what I don't get as well. The limitations of the | devices are well known. Why would you drop the money on a | thing that doesn't do what you want it to do? Just | because someone feels a device has the ability to do | something other than what it is actually doing doesn't | mean the vendor has to allow it to do that thing. It was | designed and tested against what the vendor wants it to | do. Allowing it to do other untested thing just means | more support headaches down the road. | pwinnski wrote: | I use both an iPhone and a Kindle Paperwhite. Like yours, | my Paperwhite has been in airplane mode since I bought | it, and I've never cared about missing anything on iOS | either. | | I am well aware that of the choice I'm making, and will | continue to make the same choice in both cases. | m_a_g wrote: | Considering the average user, I think you are in the | minority. Still, I don't think there has to be a choice | between one and the other. | reledi wrote: | > They want to keep their walled garden's walls air tight, | and there are apparently enough people that are OK living | in that garden that it works. | | For many, including me, it's not some inconvenience that we | are okay with. We see it as a selling point. | | I've tried them all and Apple's balance of | openness/security/quality is the best I've experienced. If | they follow the direction of others, I'd probably jump | ship. | judge2020 wrote: | There are many other devices locked down much more than iOS | devices and this argument would apply to them as well. The | only reason apple is the subject is because people want to | take advantage of the massive, expensive engineering work | that has happened over the past 15 years (in both hardware | and software) without any of the limitations that go | towards actually paying for that engineering effort (and | enable many high-security use cases). If apple's product | sucked and had horrible UX nobody would care. | roofwellhams wrote: | You already paying 1000usd for an iphone. How much more | is it worth? | [deleted] | valuearb wrote: | The market has spoken. iPad revenues are higher than all | the other tablets combined. | gjsman-1000 wrote: | Like everything in technology, you have a choice. If you | want openness at the expense of security and privacy, you | can purchase an Android or Windows device. If you want | security and privacy more than openness, you buy an iPhone. | The Hacker News crowd is unique in that we want to have our | cake and eat it too by making the iPhone work more like | Android and expressing outrage that such a choice exists. | | So even though I wish iPhone would become more open, I find | it strange that people are saying that we must break the | iPhones App Store requirement to increase choice, even | though that removes the choice to have a safer but locked | down experience from the market. | daveidol wrote: | > _Like everything in technology, you have a choice. If | you want openness [...] you can purchase an Android or | Windows device._ | | Windows Phone is dead. And what happens if Android | decides to be like Apple and lock down sideloading more? | There is nothing forcing them to continue allowing this | "freedom of choice" for consumers if they decide it would | be better for their bottom line. | | So, what would be the next best choice after Android in | that scenario? Basically nothing, because smartphone | operating systems are a duopoly. | | > _So even though I wish iPhone would become more open, I | find it strange that people are saying that we must break | the iPhones App Store requirement to increase choice, | even though that removes the choice to have a safer but | locked down experience from the market._ | | I know many people (including Apple) prefer the iPhone | ecosystem to be more locked down, but given the market | realities (monopoly) it seems like a compromise would | make more sense than forcing everyone to pay 30% and lose | out on things like cloud gaming, emulation, | "objectionable" content, etc. to cater to the lowest | common denominator. | | A few possible compromises that Apple likely will never | agree to without being forced to via regulation: | | - Apple could probably keep the singular App Store model, | but lower their fee to closer to cost, add more types of | parental controls and/or special "expert only" areas of | the store. This way they are more of a neutral hosting | platform that still enforces security via app review | (frankly, if they had done this to begin with, people | probably would have let the whole singular App Store | thing slide). | | - Apple could allow alternate payment processors and let | the user decide if they want the convenience of Apple Pay | vs alternatives. This would let the market dictate the | _real_ value of their IAP infra. (Hell - at least let | subscription apps link to their web site to purchase if | they don 't want to do IAP! This seems highly anti- | competitive.) | | - Apple could allow federated third party app stores to | enforce certain levels of spam and security prevention | (even off the App Store) - if one of these trusted third | party app stores falls short in terms of security they | get removed. | | - Apple could just go the Android route and allow | sideloading, but put it behind a ton of warnings etc. | Continued investment in app sandboxing and permission | prompts for each and every app would already do a lot to | cut down on straight-up malware. Phishing, scams, etc. | are already an issue for iPhone users in the browser or | email clients (plus we've seen these kinds of things on | the App Store as well), so user education on how to deal | with these things is already unavoidable. | | I think it's fair for us as consumers to demand more from | Apple and want both security _and_ freedom with | reasonable tradeoffs. | realusername wrote: | What if you got a used phone or tablet though? Are you | just supposed to throw it away to the trash and get | another one because the manufacturer doesn't approve you | using it? And what about devices which aren't supported | anymore? | bombcar wrote: | I think an interesting attack on this loophole would be a | law that requires that the relevant signing | keys/bootloader access be opened 1-3 years after official | support for the hardware ends. | | Sure this would complicate things a bit (Apple would have | to have different keys for different hardware revisions), | but it would allow devices to be "officially" jailbroken | after support ends. | gjsman-1000 wrote: | Like this, I would really support this. However, Apple | would probably point out the Third World countries might | have more obsolete devices coupled with more oppressive | governments and that puts them at more risk or something. | realusername wrote: | obsolete devices aren't maintained anymore, the only | security you get against known attacks is provided by the | community, not from Apple. | zepto wrote: | I would support opening it as soon as the first | unsupported software release is made available. | temac wrote: | I don't understand why anybody would consider to be at | risk if an alternate store, that nobody would be forced | to use, and which could even be subject to identical or | even better rules, exists. | | And I'm not even talking about transforming an iPhone | into a potentially open computer, but here too the same | principle can be applied: if it is optional, it is | something more, not less. The UX can be made good enough | to actually have your cake and eat it, see Chromebooks. | massysett wrote: | Options drive up support costs for Apple and for | carriers, with no corresponding benefit for people who | were uninterested in these options. | Vvector wrote: | An alternate app store would be a risk for tricking | people to download and install all kinds of malware. | | "Your iPhone is out of date. Tap here to install the | latest security tools to stop hackers from stealing your | bank account" | oceanplexian wrote: | Who is to say an alternative App Store wouldn't have | better security than the Apple App Store? Lots of things | with terrible privacy and security practices have made it | past the mostly automated review process. With a 3rd | party paid App Store, you could pay a subscription to | ensure that every app is reviewed by a human, doesn't | violate privacy, and is free of malware. | Gaelan wrote: | Right, but the scammers aren't going to tell you to go | there to install your Important Software Update, they're | gonna point you towards the store with no restrictions at | all, possibly one they run. | PandawanFr wrote: | The issue is other factors may force you to use an | alternate store. My college uses Proctorio for online | test-taking. I am required to use this for the class. The | issue is, the extension is only available for Chrome | (I've tried other Chromium browsers and those don't seem | to work as well). As a Firefox user, I don't really like | having to switch to Chrome just to use an app that I | never wanted to use but am forced to. | | The same could apply with app stores--if a company, | school, or other requires that you use an app that is | only available on a less privacy-friendly or perhaps more | intrusive app store, that doesn't sound like an | optional/risk-free alternative to me. Once you open the | walls there's no going back. | temac wrote: | Maybe Apple could display a prominent warning that this | _may_ put your personal data at risk, if you choose to | enable alternate stores, and remind that regularly | (including during each boot, when using the apple store, | etc.), giving leverage for users who actually do not want | that to refuse forced installations by third parties. | headmelted wrote: | Philosophically I agree with you, but I also have kids, | and I've seen the wild west that is the Play Store. | | Admittedly, the same problems exist on the App Store, but | not to the same why-even-try level of anything goes. | | The amount of kids apps, that are marketed as kids apps, | certified as age appropriate, then contain ads for zombie | gorefest horror was enough to make me give up trying with | Android entirely. | | I have every confidence Google will eventually address | this (if they haven't already in the intervening years). | | In the meantime while I dislike how restrictive iOS is | I've begrudgingly come to accept that I need it that way, | at least until my kids are older. | | That said, it's not clear if Apple will win or lose this | Epic suit, so who knows what happens after that if they | do? | gjsman-1000 wrote: | I'm surprised you think that Apple is going to lose the | epic lawsuit, because if you look at any legal commentary | (I'm following Hoeg Law's _extensive_ coverage of the | case), the odds of the App Store being broken from this | lawsuit or even sideloading being allowed appears to be | extremely unlikely. | smoldesu wrote: | > the odds of the App Store being broken from this | lawsuit or even sideloading being allowed appears to be | extremely unlikely. | | From what I've seen, Epic's primary intention is to get | Apple to publicly admit the compromises they make to | maintain their ecosystem, and then use that to drive a | wedge between the court's interpretation of the situation | and Apple's defense. | [deleted] | smoldesu wrote: | The issue isn't with one platform being more open or | closed than the other; if you kids want, they can watch | pretty much anything they want. They have YouTube and a | browser, how are you going to stop them? I sympathize | with your distaste for crude advertising, but every | platform has it's fair share of people abusing it. Just a | few months ago, developers were coming out en masse to | denounce Apple's weak regulation in the app store, | filtering obscenities but completely missing predatory | pricing structures, ponzi schemes, stolen code and | frequent double standards/unequal ruling. | | The bottom line is that the internet is scary, and your | kids are growing up faster than any generation before. | The more you try to interfere with stuff like this, the | more animosity they'll perceive in your relationship. | anoncake wrote: | I don't think anyone would mind if Apple offered two -- | otherwise identical -- versions of each Iphone: One | locked down and one not. Or Iphones could be unlocked by | default but you can pay extra to have them permanently | locked. People would pay for that if locking down their | phones actually provides value to them. | myrandomcomment wrote: | Why would they? It is more work. It is 2 code paths to | write, to test and plan for. There is a cost associated | with this that will not likely be recovered in any | reasonable price difference on the phone versions. | bpye wrote: | I would be surprised if Apple don't already have | something like this internally... | saagarjha wrote: | They do. | myrandomcomment wrote: | I do not think that Apple is maintaining a full GA level | release cycle testing and release planning for a version | of IOS that can allow 3rd party apps. The key here is the | RELEASE TO GA. | | Of course they have internal builds that are signed and | allow you to do whatever they want internally, but having | a shipping GA with the normal protects and support for | all the work and validations that would go into | supporting 3rd party installations. | | Your resume says you where an Intern at Apple, so I am | sure you are correct in the fact that they have an | unlocked internal build, however my points are valid | about the difference between that and a GA PRODUCTION | release. | | Note, Apple has some pretty strict NDAs so... | saagarjha wrote: | Apple ships a build with the ability to sideload to the | SRD as well. It's of course not quite the same as a | production release, but I think it's the closest you'll | get to that. | swiley wrote: | It's public.[1] | | They're just asses about it. | | [1] https://developer.apple.com/programs/security- | research-devic... | ActorNightly wrote: | I still dont get how people pretend Apple cares about | privacy. | | By default Apple devices phone home and collect data on | you, and this is not optional, and they will hand that | data to law enforcement. They also have the ability to | change their data handling policieson a whim since there | is nobody holding them accountable. THIS IS NOT PRIVACY. | | Not that windows or android devices are better as they | come out of the box, but at least any computer that runs | windows can run linux where you have full control, and | certain android phones can be rooted/unlocked and flashed | with custom roms without google or run firewall apps to | block outgoing data. | gjsman-1000 wrote: | You're in an echo chamber. By default, iPhones do send | diagnostic data, but that data can be disabled in | Settings. They also upload your files in an encrypted | connection (but without end to end encryption) into your | iCloud backup, and that can be handed over with a | subpoena, but you can disable iCloud backup or simply not | pay for it. | saagarjha wrote: | > By default, iPhones do send diagnostic data | | Doesn't Apple ask you whether you want to enable this | when you set up the device? | vlunkr wrote: | Nothing you said contradicts anything they said. By | default, Apple collects all this data. | gjsman-1000 wrote: | Read it closely, the poster said it wasn't optional. | ActorNightly wrote: | He said it can be disabled in settings, which is not | true. | | Anyone can repeat this experiment at home with a laptop | and 2 usb to ethernet adaptors. | ActorNightly wrote: | Nope. There is data that it sends that is non optional. | | Proof: go into settings and disable every tracking | options, and then capture traffic from the device through | a router with openwrt running tcpdump or wireshark on a | computer with a bridge setup with ip forwarding and | iptables rule. | | Did this experiment already twice to prove to people that | Apple device do phone home plenty. Then I repeat the same | experiment with my rooted android phone running a custom | rom, and people watch the sparse wireshark trace with the | only packets being sent are dns then ntp to the android | ntp server. | threeseed wrote: | Did you also disable iCloud, Find My network, App Store | updates etc. | | What data are you claiming Apple is sending ? | kergonath wrote: | > By default, iPhones do send diagnostic data, but that | data can be disabled in Settings. | | They also ask during setup and regularly after major | updates. I know because I refuse every time. Also, quite | often it is opt in, with the box to send information | unticked by default. | enraged_camel wrote: | This is a lot of FUD. Yes, Apple devices do collect some | data and phone it home (mostly diagnostic, and iCloud, | both of which can be turned off). However, unlike their | competitors, Apple does not sell this data to | advertisers. And they are just as likely to refuse to | work with law enforcement as they are likely to | cooperate. How many times has LE demanded that Apple | break the encryption on the iPhone of a crime suspect? | How many times has LE demanded that Apple install | backdoors and hand them the keys, only to be told to | screw off? | | Yes, Windows and Android devices give users more control. | But that is because their business models are totally | different. We all know that Google is primarily an ad- | tech company, and that Android is how they collect the | data for those ads. And while a technically savvy person | may be able to lock down their devices, that's just a | minority of users we're talking about. | | Apple's data collection is a murmur compared to the | deafening screech of that of Google. | oceanplexian wrote: | Apple could start selling ads tomorrow and simply change | the terms of service, which they have a right to. In that | case the last N years of data they have been collecting | on you is fair game to sell to third parties. | | Is Google a worse example, sure. But plenty of us have | been around long enough to remember when Google was | restructured into Alphabet and the "Don't be evil" motto | was wiped from their corporate code of conduct. All it | takes is a new CEO or a change of leadership and all of | these corporate platitudes aren't worth the paper they | are printed on. | selectodude wrote: | But the key thing is that with Apple, you're generally | the customer. I pay a huge amount of money for an iPhone | and Apple wants me to pay a huge amount of money for | another iPhone in the future. Google develops Android for | free and as such, I, the consumer, am not Google's | customer. It's simply a different business model. Apple | could change their approach and in response I can change | mine. Google could also set up a method for me to | purchase Android. | heavyset_go wrote: | I paid a lot for cable TV and they still showed me ads | despite being the customer. I also pay a lot for my | internet connection as a customer, but guess what my | ISP's privacy policy allows them to do? Share my data. | | Like any other profit driven company, Apple is | incentivized to generate revenue from their customers' | data and to advertise to them. | threeseed wrote: | > Apple is incentivized to generate revenue from their | customers' data and to advertise to them. | | Apple is equally incentivised not to generate revenue in | this way since they would lose hardware sales. | ActorNightly wrote: | Not spreading FUD, just pointing out inconsistency. | | "Yes, Apple devices do collect some data" should be the | end of that sentence. Any data that is collected on the | device and sent to apple is not private. It doesn't | matter if Apple doesn't share it with other advertisers. | Apple does advertising itself. There is no difference | between it an a 3d party advertiser in terms of data they | have access to. | | Once you get past that point and accept that there is no | privacy, then its just a matter of how much you trust | companies with your data. If you wanna claim that you | trust Apple with your data, that is your own personal | choice. | | As far as what Apple does or doesn't with that data, it's | laughable that the argument for privacy is them refusing | to unlock a phone. Security isn't determined by what | computers/users/companies do or don't do, its determined | by what is possible. And when it comes to data, its very | possible, as proven by real life events, for them to turn | over your data to law enforcement. | | Again, whether or not you care, thats a personal choice. | But saying that Apple cares about privacy is just dead | wrong, you have either ironically fallen victim to the | Apple adverting about privacy, or you have an intrinsic | bias towards Apple because you like their products which | leads you to discount basic facts. | threeseed wrote: | > Any data that is collected on the device and sent to | apple is not private | | Please providence evidence of this claim and specify | which data is not private. | | Apple uses differential privacy and removes PII which has | been documented in the iOS Security Guide. | lern_too_spel wrote: | Apple handed the keys to the castle to the Chinese | government. Google collects data from iPhones as well as | Android devices (including non-Google Android devices | like Amazon's and Huawei's). The difference is that on | Android, you can turn off any data collection you don't | like. On iOS, if you want to install an app, you have to | tell Apple. If you want to get your location, you have to | tell Apple. If you want to build an app _for your own | device_ , you have to tell Apple a lot of things about | yourself. | throwaway894345 wrote: | So what's the deal? Any company that makes users opt out | of diagnostic data is just as bad as the companies whose | entire business model is predicated around collecting as | much data as possible about you and selling it to people | whose sole ambition is to manipulate you? Are these two | things really equally bad? We can't acknowledge that one | of those is considerably more in favor of privacy than | the other--they must both be labeled "NOT PRIVACY" with | all nuance eliminated? Is that where we are in our | discourse? | ActorNightly wrote: | Once you get past the fact that any data you don't | explicitly control is by definition not private, the next | conversation is about how much you are able to trust a | particular company with the data they collect, and that | is really an individuals choice. | | Niven stuff like iCloud leaks, and Apple bending over to | appease China by removing the protest app from the app | store (which completely makes it unable to be installed | on any non jailbroken device btw), I personally don't | really see a reason to trust them any more than Facebook | or Google. | throwaway894345 wrote: | So an emphatic "yes" on all accounts then? Am I | interpreting you correctly? | ActorNightly wrote: | Sure if you want to boil it down to a simple yes or no | answer. | kergonath wrote: | It seems like it is. It's like the relativity of wrong | all over again. Two things being wrong does not mean that | one of them is not better than the other. I am so tired | of this fallacy, particularly in an otherwise well read | community like here. | 2OEH8eoCRo0 wrote: | >openness at the expense of security | | This is a false dilemma. You can have both. | fauigerzigerk wrote: | I think you're right when it comes to security, but in | order for that to work Apple would have to admit that | checking apps for security issues is not inseparable from | imposing rules that are supposed to benefit their own | business model. | | That said, here's a challenge for everybody (including | myself) who doesn't like Apple's app store monopoly and | side-loading ban: | | Apple now requires apps to ask for permission before | tracking users. Facebook is _very_ unhappy about that. | Imagine what would have happened if alternative app | stores were allowed on iOS. | | How long would it take before a Facebook/Google sponsored | app store would emerge that would carry all ad funded | apps? How would you prevent this from happening? | swiley wrote: | The security comes from the sandbox, Apple's curation is | pretty mediocre and they only remove malware once it's | popular or if it's extremely obvious during the short | review. | | iOS malware authors tend to publish their binaries as | unsigned dylibs and don't need Apple ID accounts so they | aren't even banned when they're caught. instead they | convince other developers to ship it in seperate apps | (there are various ways, money, convenient APIs, both in | the case of Facebook.) | gbanfalvi wrote: | I can guarantee you that the sandbox can be circumvented | if you can just run an IPA on the device. iOS has a | humongous set of APIs and that attack surface is | impossible to protect properly. | | Don't get me wrong, I'd love to have an iPhone I can | install anything on - but there is _no_ way I would ever | install anything from the open internet on the same | device use to read my email or log in to my bank. | swiley wrote: | Most of us don't want to run everything we find on the | internet, we want to be able to run one or two apps that | Apple doesn't like. | fouric wrote: | > How would you prevent this from happening? | | Very simply - enforce security permissions at the OS | level, rather than the app store level. | | There's no technical reason an app store also has to | handle permissions. Leave the | discoverability/reviews/curation functionality in the app | store, and then just move the app installation | functionality into the OS - the app store delivers an app | package which the OS accepts, parses the manifest file, | prompts user for permissions. | | Put APIs behind a sane, capabilities-like model where the | OS has to approve everything. | | Facebook and Google can make their own app stores - but | they still won't be able to spy on you by using | privileged APIs without your consent. | | (yes, they'll still be able to spy on you using data | collection and aggregation - but then Apple's App Store | privacy labels becomes a differentiating feature that | build user trust and add value to the system, and Apple | could add a warning when you install another App Store | "privacy labels don't transfer, etc.") | fauigerzigerk wrote: | I don't think it's that simple, and relegating the main | issue to a bracketed footnote doesn't make it so. | | I agree with you that permissions and a sandbox that | actually works would have to be part of any solution. | | But you can rest assured that Facebook wouldn't have made | such a fuss if all that was at stake is losing access to | IDFA and getting slapped with some unenforceable privacy | warning. | | What's creating a real problem for Facebook is the | enforceable legal obligation that Apple has put in place | as a precondition for being allowed on iOS devices at | all. | | It works exactly because it is not a technology based | solution. It has created a choice that we didn't | previously have. | | So I wonder how we can keep this choice without making | Apple this all powerful, rent seeking, patronising | overlord that also happens to be an ideal attack vector | for censorship happy authoritarian governments all over | the world. | smoldesu wrote: | I think they do have a point though. If Apple's primary | concern was security, they would be approaching this from | a fundamentally different perspective; their current | solution is a pretty dubious stopgap that bridges "human | consent" and "your app". A fundamentally secure approach | would ultimately let the user audit and manually control | their API interfaces to prevent abuse, instead of just | hoping Apple has your best intentions at mind. | CountSessine wrote: | "Facebook wants access to your address book: | | In order to view your facebook timeline and newsfeed, we | need access to your address book. Please allow access. | | Allow/Deny" | | There's no automated capabilities-based OS-level | permissions model that can protect against this. | Accessing the address book is a legitimate app request - | just not for Facebook Inc. in my opinion. But they can | gate access to your timeline and friends by demanding it. | And I guarantee you that 9/10 smartphone users will grant | it. This is why you need curation and app store rules. | swiley wrote: | Deny shouldn't break the API, it just means the app gets | garbage data instead. | haswell wrote: | And this is an oversimplification. Will you share some | thoughts on how you can have both in an ecosystem like | Apple's? | zepto wrote: | Although I totally think open source should attempt to | produce an ecosystem with the security of Apple's | ecosystem, there is no evidence that this is even | theoretically possible. | lern_too_spel wrote: | According to Gartner and the exploit markets, open source | has surpassed iOS's security for a few years now. | zepto wrote: | You're not talking about how end users are protected | against installing malicious applications, so at best | this is irrelevant. | lern_too_spel wrote: | At least half a billion malicious app installs on iOS and | none from F-Droid. It does seem like open source wins | there too. | saagarjha wrote: | I would ERB surprised if F-Droid even had half a billion | installs total. | zepto wrote: | > At least half a billion malicious app installs on iOS | and none from F-Droid. It does seem like open source wins | there too. | | You must realize that this is a meaningless comparison, | since F-droid is barely used and not a target comparable | to iOS. | | I'm quite sure you are aware of the relative sizes of the | stores. If that is a mistaken assumption, please say. | lern_too_spel wrote: | I am well aware of the sizes of the stores. Are you aware | that the relative amount of malware is is not merely | proportionally less? Are you aware that F-Droid-style | reproducible builds are not possible on iOS? People using | an iOS device can never be sure they are installing the | secure app they wanted to install or some switcheroo. | | On the other hand, Google's and Amazon's app stores are | not open source but built for an open source platform, | together have far more users than the Apple App Store and | far fewer malware installations. Discovery in the Epic | case dug up some documents showing that Apple had no | dynamic analysis for App Store apps at all. Google and | Amazon both run Android VMs in their datacenters to catch | fishy behavior that can't be found via static analysis. | gjsman-1000 wrote: | This is an opinion, and Apple does not believe this | opinion, nor do they have to. Furthermore, I think that | if you look at the comparison of malware prevalence on | Android and iOS, the claim that you can have security and | openness simultaneously does not appear to be true. | daveidol wrote: | > _Apple does not believe this opinion, nor do they have | to_ | | Hopefully if they lose this case (due to the market | reality of being a duopoly) then they will be forced to | at least entertain it. | | Android's way of handling sideloading or multiple app | stores is far from the only way to do it. I'm sure Apple | could find a better middle ground between what we have | now (incredibly locked down, anti-competitive, with | arbitrary rules and Mafia-like enforcement of prices) and | a total free-for-all. | heavyset_go wrote: | > _Furthermore, I think that if you look at the | comparison of malware prevalence on Android and iOS_ | | iOS exploits are cheaper than Android exploits because | iOS exploits are so plentiful[1][2]. | | [1] https://www.theregister.com/2020/05/14/zerodium_ios_f | laws/ | | [2] http://zerodium.com/program.html | 2OEH8eoCRo0 wrote: | https://googleprojectzero.blogspot.com/2020/12/an-ios- | zero-c... | | https://googleprojectzero.blogspot.com/2019/08/a-very- | deep-d... | | https://www.tomsguide.com/news/police-say-android-phones- | are... | haswell wrote: | Apple's goals with a highly curated app marketplace and | the existence of exploits are orthogonal to each other. | | Nor is security just about "can the device be exploited | or not?". | | What are you trying to explain with these articles? How | does the existence of iOS exploits support your thesis | that Security and Openness can co-exist? | [deleted] | epanchin wrote: | I gave my grandmother a iPad because I felt confident that | she could not install anything nasty, nor could be tricked | into installing anything nasty. | | If Apple allowed you to unlock your iPad, they would also | be allowing my grandmother to be scammed into unlocking | hers. | | Building a walled garden was a great decision for consumers | by Apple, and if it was profit driven then that's +1 for | capitalism. | tisFine wrote: | I keep hearing about walled gardens, and not how it's | merely a choice among many. Linux works on tablets and | phones. What's that? It's a janky mess? | | Maybe developers could stop looking at the green grass on | Apples side of the fence and bring that polish to open- | source. | | But I imagine that will simply devolve into the mess it | already is, with flame wars, and figurative genital | punching to prove how hardcore one is for the obfuscated C | they cobbled together. | | There was time when Linux distributions were thought of as | walled gardens. Cobble together just the right collection | of source for you! Don't let Red Hat control your mind! | SystemD is a cage for your soul! | | Meanwhile, Apple just got the damn job done and moved on. | | If it's a choice between masochistic elitism or filtered | content. Hmmm... | rcoveson wrote: | > There was time when Linux distributions were thought of | as walled gardens. Cobble together just the right | collection of source for you! Don't let Red Hat control | your mind! | | No, that's just a garden. A garden is where a single | trusted entity cultivates the plants it wants in the way | it wants. It has boundaries, but not necessarily walls. | | Walled gardens are a strict subset of gardens. A walled | garden doesn't let you go out and forage from the wilds | to augment the produce of the garden. | tisFine wrote: | Neither does Apple's App Store; users can pick Linux. | | Anyone pushing into the App Store specifically then | complaining has their own initial choice to blame. But of | course that can't be right... | rcoveson wrote: | Linux distros offer a lower-case "app store", a "garden", | while _also_ allowing you to straddle the line between | the garden and the outside. On the same device, at your | own discretion. They don 't make it any more difficult | than it has to be. | | iOS is a "walled garden" because it requires you to be in | or out. Like you say, you can "pick Linux", but that's | not tearing down walls. That's just leaving the walled | area. | | The frustration with Apple isn't the fact that they're | forcing anybody to use their stuff. It's that they make a | lot of cool stuff, and then they go out of their way to | make it difficult to use anything not Apple-sanctioned on | their stuff. Most OSes don't do this. I like the Linux | distro approach better: Provide a garden, but also allow | the installation of stuff from other gardens, or from the | wilds. | | I don't know why you're being derisive of people who have | only "their own initial choice to blame". I choose to | live in the city where I live, and that has downsides. I | even knew those downsides going in! But that doesn't mean | I have no right to complain about the downsides. Maybe | the upsides still make it worth it to me, and I'm just | pushing for a world where I can have those while also | fixing what I think is wrong with the place. | rmah wrote: | Hey, don't hold back, tell us what you really think! | tisFine wrote: | Apologies. Next time I will police the thoughts I post to | the "open internet" to spare your sensibilities. | | You're an Apple App Store fan, I take it. Love living | behind walls? | mumblemumble wrote: | Google probably didn't do any real calculus, and I strongly | doubt it was anything like a principled decision. They | probably just realized that it simply wasn't an option. | Android lacks the vertical integration that iOS has. It | would have been extremely difficult, if not impossible, for | Google to get Android licensees to accept such a heavily | walled garden. | | Remember that this decision was made over a decade ago, | back when there were many competitors - both software and | hardware vendors - vying for a foothold in the smartphone | market. Google trying to flex its muscles too much would | have sent its licensees scurrying toward competitors. | jsight wrote: | IDK, AT&T used to lock out third party apps on their | Android phones. It didn't go over well and was eventually | reversed. | | I think they stayed in that state for a few years, | though. | mumblemumble wrote: | It's probably better to think of that as AT&T trying to | continue the thing they were already doing with feature | phones, than as Google trying to make Android as locked | down as iOS is. | | For starters, it's something AT&T did with just the | phones they were selling, not something Google did with | the Android platform or Android phone makers like LG and | Samsung did with their phones. | jsight wrote: | True, and more specifically it was AT&T making their | early Android phones into Android iPhones. This was still | pretty close to the era when the iPhone was an AT&T | exclusive. It was terrible and I believe they sold pretty | poorly. | | My point is that the mumblemumble seemed to think that | Google had no choice in the matter. I think they clearly | did and for the most part clearly opted to keep the third | party door open at the time. | | Granted, Android was much more open back then overall. | mumblemumble wrote: | My point wasn't exactly that they had no choice, so much | as it was a choice they quite understandably weren't | going to make. | | The AT&T analogy is kind of weak here because they | weren't operating in the same business environment. AT&T | was doing it in a B2C context, Google's Android business | at the time was 100% B2B. It's easier to take this kind | of risk as a major telecom operating in a B2C context, | because consumers, as a body, aren't going to punish you | that badly. Case in point was that, while these Android | phones sold poorly, it hasn't actually tanked AT&T's | business. | | Whereas, if Google had sent Samsung, LG, Huawei, etc over | to WebOS or wherever, the impact to Google's Android | business would have been large and permanent. | api wrote: | > Google did a similar calculus, with a different set of | values (if not an entirely different set of variables | altogether) and came up with a different answer. | | Their answer isn't openness, it's surveillance. Google is a | surveillance driven ad company. | danShumway wrote: | I'm not sure I understand how FDroid makes it easier for | Google to survey me. | | I don't see how Google, which controls the default apps, | which can give them whatever privileges it wants at an | OS-level, needs an Open platform to monitor me. If | anything, wouldn't Google have more incentive than iOS to | lock the platform down, since it doesn't want the | competition from apps like Facebook that are competing in | the same data-driven ad space? | | _Edit: Not sure why people are taking offense at this. | Google doesn 't need the web to be open, that's a talking | point that comes up every time we talk about Chrome -- | Google only needs its own ad network to function. Android | is the same; why does Google need Android to be Open? | They don't need the ability to sideload apps. Google Maps | is installed by default, all of their apps are | contractually required to be installed by default if you | want access to the Play Store. If Google removed the | ability to sideload today, none of their apps would get | removed from your phone._ | api wrote: | > many of us don't want our iPads or iPhones to be like our | computers. | | This nails it. I want full control and the ability to run | anything on my computer. I want my phone to "just work" and I | never want to fuck with it or worry about what's on it. They | are different devices with different roles. | | What I do wish for is open ARM hardware with similar | performance. I am totally certain that it is coming now that | Apple has demonstrated just what is possible. Ampere, | Samsung, Marvell, etc. are surely working on high performance | designs now if they weren't already. | | There is nothing magic about what Apple did with the M1. They | built a really high performance ARM core by applying a lot of | the same things that have been done for high performance in | the X86 world but without the X86 dead elephant strapped to | their back. The M1 can be duplicated if not exceeded. | saagarjha wrote: | I mean, there is nothing stopping you from using your phone | in that way even if it was open like your computer is... | kalleboo wrote: | > _The M1 can be duplicated if not exceeded_ | | The obvious question is why has Qualcomm failed so hard at | even keeping up with the A series? They're untouchable for | radio stuff but their CPUs are very average. Samsung are | also trying very hard with average results. | | The M1 isn't Apple's first crack at this that is some fluke | which will quickly be overtaken by someone else. Everyone | else has already been in a race to beat their A-series | chips and failed miserably. The M1 is just the first time | we've been able to benchmark it on a real OS. If someone | beats it, it will be AMD retooling their cores and doing it | in 3-5 years (Zen was originally battling an ARM variant | internally at AMD) | api wrote: | There hasn't been enough of a market so they have not | made the investment. | | Android occupies the lower-end side of the phone market, | so there's less of a drive for the absolute highest | performance. There has until very recently been almost | zero desktop or laptop ARM market or server ARM market. | | Apple also has a ridiculous amount of cash sitting around | and could afford to fund R&D ahead of market demand and | develop a truly killer ARM architecture. Everyone else is | now behind, but what I'm saying is that there's not much | in the M1 that is secret. It's just well-understood | performance CPU engineering techniques deployed well on | an ARM chip and the added efficiency is largely due to | the lack of X86 cruft overhead and the 5nm node. | fartcannon wrote: | You don't have to fuck around with it! You CAN just use it | like a regular locked down device, and throw it into a | landfill when youre done. | | The rest of us can get on with using the otherwise wasted | power of all these tiny computers. | | Think of the waste caused by Apples profiteering. | klelatti wrote: | The real waste comes from inadequately powered devices | that have to be retired early because they are no longer | fast enough. I think Apple have a decent record on this | front although right to repair is another matter. | shsizbz wrote: | Im posting this comment on an iPhone SE (1st gen) I got | in mid 2016. I still get OS updates, not just security | patches. | | Whats that about Apple waste? Its _people_ that waste and | drive waste. | | Id love it if I could load my own OS and do whatever on | this little phone, but only if iOS itself was still | locked up. I dont need to add even more worry about the | safety of my "phone" (really portfolio of everything Ive | done since Ive been online) | fartcannon wrote: | Try that with an iPhone 6. Apple's position on right to | repair and planned obsolescence is well known: | | https://en.wikipedia.org/wiki/Batterygate | smichel17 wrote: | Many years ago, Apple removed all apps for the 1st gen | iPod touch from the app store, with no warning. I found | out about this when I did a factory reset (ironically, | this was to un-jailbreak my iPod touch, since the | jailbreak slowed it down a little and I wasn't using any | of its features). Imagine my surprise and frustration | when all the apps I was using moments before - Spotify, | Fruit Ninja, Opera Mini (the only browser that was | acceptably fast on that device) - were suddenly gone with | no recourse.. except to upgrade. Which I did -- away from | an ecosystem where a company has that kind of control | over me. | GeekyBear wrote: | >How to download old versions of apps from the App Store | | https://appleinsider.com/articles/18/02/08/how-to- | download-o... | smichel17 wrote: | Not available in 2011. | GeekyBear wrote: | It was available starting in 2010. | | It was also possible to backup and restore apps | individually through iTunes. | smichel17 wrote: | Perhaps I have the date wrong, then? | | I do remember the individual app backup+restore, which I | would have done if I'd known that I was going to need it. | But I didn't have any data I cared about (just my music, | which was already in iTunes), so I figured I'd just | reinstall the apps. I remember re-jailbreaking my iPod | afterwards and trying to find an old version of Spotify | to install online, but being unable to find a | _trustworthy_ source. | Siira wrote: | Of course it's not _arbitrary_ ; It is a direct enforcer of | their gatekeeping. Instead of bullshitting, they can just | sell two kinds of devices, one with this restriction and one | without. The market will show you how many people really want | this. Heck, they could do annual voting for each year's new | versions, if they can't bother to create two types of phones | (which they obviously can). We have seen all the bullshit | before in governments, and big tech is not that different. | Big anything needs some kinds of democratic checks and | balances to keep it from exploiting its users to the very | end. | conradev wrote: | Anything a JIT can circumvent an interpreter can circumvent | just fine (albeit slower) | 8ytecoder wrote: | I agree. I prefer these restrictions exist but also a | nontrivial way to bypass it. | captainmuon wrote: | _Malicious_ apps can already do that. There is nothing | (technically) that stops you from e.g. receiving a JSON file | and enabling secret features. | | The ban on third party browsers and JIT is so that you cannot | make _fully-featured_ or _competitive_ apps that don 't go | through the store. Microsoft tried something similar in | Windows 8 (certain DirectX features only available for Metro | apps, strict guidelines what a Metro browser can do, ...). | This is the reason Safari on iOS is lacking certain features | wrt. PWAs, and the reason Flash was banned outright (instead | of saying e.g. it has to be made more reliable). | | If web apps were as powerful on iOS as they are on Chrome or | ChromeOS, then many iOS apps including games would be written | as web apps, and Apple would not get their 30% share. If | someone would port a JVM or .NET CLR to iOS, then you could | sideload those apps and circumvent the app store, too. | georgestephanis wrote: | Best excerpt of the post: | | > We really didn't expect this to work or we probably would have | tried it sooner. | marsven_422 wrote: | This reads like a native ad. | etaioinshrdlu wrote: | I wonder if there are any gains to be had on the M1 because it | uses shared memory between the CPU and GPU - much like the actual | Gamecube architecture. | | From reading this blog, Gamecube games often made heavy usage of | the memory-sharing capability of the hardware - which made | emulation on PCs a performance challenge. | NaN1352 wrote: | As an aside I'm thinking voxel based games, and generally games | that render via CPU should do really well with a native M1 port, | right? (with scaling, because the 4.5k resolution gotta hurt :)) | jchw wrote: | It's always nice to see Dolphin news. I dunno why they're so | surprised over the JITs syncing in some games, though. I suppose | a lot _could_ go wrong, but only a few games seemed to have | especially strong reliance on floating point behaviors to begin | with, and I sort of expect the behavior of JITs to be influenced | by the interpreter a bit due to the way things are laid out in | dolphin. | | I tried porting a much simpler JIT to M1 and ran into the problem | that Rosetta 2 was simply better at translating an AMD64 JIT than | my attempt at a JIT. It could've been related to W^X performance, | but I actually suspect the real answer is that Rosetta's | optimization passes were doing things the JIT did not do | natively. I don't know how to debug that, though, because from | the debugger's PoV, emulated processes look just like native | Intel processes. | dougmwne wrote: | Wow, that frames per watt graph is an eye opener for sure. What | an incredible advancement in mobile computing. | pdpi wrote: | It's a petty thing, but that chart annoys me to no end. The | numerator is FPS, not frames, so frames / watt should've been | labeled frames / joule (or, well, FPS / watt, but that's | nowhere near as fun). | jchw wrote: | The frames / joule suggestion is pretty funny. I forwarded | along your comment and it appears to be fixed now, though. | moolcool wrote: | Not just mobile computing, but computing in general. | ninjinxo wrote: | Whilst very impressive, it's a bit exaggerated, they should | have been locked to the same framerate for comparison: | | * 9900k is boosting to 5ghz which is sacrificing efficiency. | | * 9900k PC is delivering a much higher framerate, so it'd also | have much higher GPU utilisation. | | * Afaik RTX3090 will have high power draw even at low | utilisation (large card, lots of memory). | | From anandtech: | | >Should users be interested, in our testing at 4C/4T and 3.0 | GHz, the Core i9-9900K only hit 23W power. Doubling the cores | and adding another 50%+ to the frequency causes an almost 7x | increase in power consumption. | | https://www.anandtech.com/show/13400/intel-9th-gen-core-i9-9... | | Look at the 3090s power consumption during media playback: | https://www.techpowerup.com/review/zotac-geforce-rtx-3090-tr... | Synaesthesia wrote: | Well that actually shows how impressive the M1 is because it | hits faster CPU than the 9900k at 5ghz using only 10W-20W | total. | | And GPU it's much faster than the Intel integrated. | kllrnohj wrote: | Except it didn't. The 9900K was in a completely different | performance category from the M1 in these dolphin tests. | | To compare efficiency you need to control for performance. | What Dolphin did here would be like trying to compare CPU | coolers without controlling for power consumption. | | What makes the M1 impressive is its performance relative to | other CPUs in its power category (eg, the M1 vs. the | i7-1185G7 in this chart: | https://images.anandtech.com/graphs/graph16680/117493.png | ), or when it manages to be both faster _and_ use less | power. That 's impressive. | | But using less power while also being _significantly_ | slower (which is what Dolphin 's comparison is saying)? | That's... not impressive or interesting. That's some "no | shit sherlock" level stuff - just compare literally any | mobile CPU from Intel or AMD vs. the desktop equivalent in | the same generation. You'll see a chart that looks | basically the same, with the mobile CPU many times more | power efficient while also being a lot slower. Especially | when you're taking the top-end desktop CPU for the | comparison, the CPU where power efficiency isn't even | remotely a design goal. | peoplefromibiza wrote: | As I understand it, OP is annoyed by the graph because they | are comparing different things at different scale. | | I will use another John Deere metaphor: a Prius can cover a | much longer distance on the same amount of fuel, but if I | need a John Deere it's because the Prius can't do the same | job and I am willing to sacrifice fuel efficiency for raw | power. | | In other words: how much more does the i9 consumes to | produce the same FPS of an M1? | | We don't know, but we know power consumption increase on | these CPUs is non linear, meaning that the 60-65% of the | frame rate could potentially lead to 5-6 times less energy | used. | skavi wrote: | these are both general purpose CPUs. They do the same | job. Maybe if you were comparing a server chip. | peoplefromibiza wrote: | Probabky I should have re-quoted what OP posted to make | my point clearer | | _From anandtech: <<Should users be interested, in our | testing at 4C /4T and 3.0 GHz, the Core i9-9900K only hit | 23W power. Doubling the cores and adding another 50%+ to | the frequency causes an almost 7x increase in power | consumption>>_ | | The i9 4C/4T 3Ghz consumes 23 watt | | how many FPS can that produce? | | the one benchmarked consumes more than 7 times that (it's | a 5 GHz 8C/16T), and it's sure it's not 7 times faster | (not even close) | | They are actually not doing the same job, they ate trying | to go as fast as they can. | | But what if they measured how much energy each one uses | to produce the _same_ score? | Shadonototro wrote: | efficiency test speaks for itself | | the m1 is the renaissance of laptops | afavour wrote: | A renaissance would be a revival, surely? Laptops have been | dominant for a long time now. | stu2b50 wrote: | Laptops have dominated personal computing (by the mildly | unintuitive definition of "PC"), but you could certainly | argue that smartphones and tablets have eaten their lunch in | the overall computing space. | toyg wrote: | Ftr, this is Dolphin the games emulator, not Dolphin the KDE file | manager. | amelius wrote: | And also not Dolphin, the MySQL logo. | agustif wrote: | Also not Delphi, for the dyslexics like myself out there | drrotmos wrote: | And also not Ecco the Dolphin (the game). | hnlmorg wrote: | Nor Flipper -- the cult TV show that featured a crime | fighting dolphin (I kid you not). | [deleted] | xvector wrote: | Nor Flipper, the tamogatchi-like hacking device [1]. | | [1]: https://flipperzero.one/ | Andrex wrote: | Nor Flipper, the GameCube's GPU [1]. | | 1. https://en.wikipedia.org/wiki/GameCube_technical_speci | ficati... | | But I guess it's somewhat related. :P | [deleted] | djhonovak wrote: | Also not Dolph Lundgrin. | hotpickles wrote: | And also not Dolph Lundgren (the actor and chemical | engineer). | ihuman wrote: | Although you might be able play the the Wii virtual console | version using the Dolphin emulator | elondaits wrote: | Not Dolphin Smalltalk :-( | MonkeyIsNull wrote: | Yup, sad -- that's EXACTLY what I thought it was as well. | Macha wrote: | Although I would love to replace Finder with Dolphin. | dvfjsdhgfv wrote: | Also not Dolphin, a web browser for Android. | pantulis wrote: | I truly came here thinking about Dolphin the mobile browser. | [deleted] ___________________________________________________________________ (page generated 2021-05-24 23:00 UTC)