Alternate title: Destroying General-Purpose Computing, One (Permission) Bit At A Time
If I understand correctly, one of the big unsaid implications of this article seems to be that it is now impossible to have RWX, because the hardware completely prevents it. APRR looks more like a general permissions-remapping mechanism, while SPRR appears to go beyond that.
While the technical details are certainly interesting, IMHO it's also disturbing in the same way as weapons of mass destruction or DRM. This technology is used by one company to essentially maintain control over its users, under the convincing guise of security.
What do SPRR and GXF stand for?
Given the functionality, my guess is APRR = Access Permission Remapping Registers, SPRR = Secure Permission Remapping Registers, and GXF = Guarded Execution Feature.
> This technology is used by one company to essentially maintain control over its users, under the convincing guise of security.
Its not a guise of security, it actually accomplishes it. Mac malware now has to operate within the confines of these permissions and nowadays the author has to submit a sample of the malware to Apple before it can be opened without insane prompts (this also means losing $99 and attaching their legal identity to the malware/committing identity fraud). If Apple went full-iOS on MacOS and made it so "everything must go through the App Store" then the possibility of mac malware would effectively disappear overnight into the same realm that iOS malware currently resides: jailbroken iOS devices with shady (mostly piracy-focused) apt repos.
Apple aren't doing this to eliminate malware from their systems. Probably just gearing up to the point where it's impossible to run any application that Apple isn't getting a cut of (or is free).
Realistically, malware only affects a tiny fraction of users, and only a further tiny fraction suffer demonstrable loss from it.
Malware in the past has been an enormous problem, with huge numbers of average users affected. To say that we don't need protection against malware because it's not a major problem now is circular reasoning, and ignores literally decades of effort to bring the problem under control.
For a certain generation of adults, going to visit your non-technical parents socially meant budgeting extra time to eradicate the adware of the month. It was a constant problem affecting large swaths of users, and fixing it was beyond the technical ability of most people.
fwiw, you can disable almost all of Apple's enhanced security features easily on macOS systems.
Their whole design is incredibly neat and well done! If you like these features (or just don't care) the default install does make attacker's lives harder.
But if you disagree with these features or just don't like them you can just boot into recovery mode, authenticate with your password and disable almost everything for macOS.
And if you just like the hardware you can do the same and install a custom kernel like Linux or *BSD and do whatever you want.
You can even have triple boot into one macOS with full security enabled, another macOS install with everything disable and a third "macOS" which actually is Linux.
They spend a lot of effort and engineering time to make all this possible.
This is true on the iOS platforms I'd say but it's not on the macOS ones: There you can just run your own code shortly after the SoC boots and then just leave SPRR/GXF disabled. That way you can easily have all rwx pages all you want.
you can also just map the same physical memory once as rw- and once as r-x even with SPRR enabled there.
Is that bad? It's like saying Pepsi shouldn't have to experiment and reverse engineer Coke since the secret formula is sitting in a vault in Atlanta[0]; Apple's IP is theirs and they should be able to share it as freely as they want or not at all.
Human society was basically an ant colony before we were able to passively, efficiently take care of our basic needs (food, water) and implemented the barter system so that you can only benefit from society if you also put effort into it. Over thousands of years this philosophy has scaled up to the point where Apple underwent nearly 20 years of R&D effort and spent tens of billions of dollars to create the M1 chip - and thus they are allowed to share it as much or as little as they wish since they put the effort into making it.
You're questioning the value of reverse-engineering things in general and publishing them on the internet or this specific reverse-engineering?
For me the basic value is just having more knowledge published in the open for anyone to read. I might not have any practical value of it, either ever or today, but I did learn a bunch reading it and I'm glad I did.
Not sure why you're downvoted because I think you ask a legitimate question.
To me, it's a combination of various things:
I've tried to outline the process I used so that other people can learn how to approach challenges like this. I learned how to develop software and how to reverse engineer by reading posts like this and watching talks from e.g. CCC or DEFCON. Hopefully I can give something back this way.
This might also be valuable to other people who want to virtualize macOS or iOS or those who do security research and run into these features while reading XNU code.
And then ofc I can finally flex in front of my friends with this because I was the first to pull of a new skate trick ;)
This is really cool! However, it breaks my heart that talented people have to spend their time on something like this - companies should be required to release a documentation for consumers so they can fully use their products. Otherwise you don't really buy e.g. a Mac, only a privilege of using whatever Apple cooked up for you.
This erosion of ownership should stop.
If you bought a computer in the 80s you could get everything you need to write your own operating system etc. you could get schematics, parts and so on.
Today you pay a lot of money for an illusion of owning something.
I get that many people don't care, but this is not the world I want to live in.
Hopefully initiatives like right to repair will change it and companies like Apple will be forced to treat consumers like consumers and not sheep that they can fleece as they please. Apple (and other big corporations) should serve consumers, not shareholders.
hi, and thanks! I'm the author of this post and I'm a little bit conflicted where I stand in this discussion.
In general, I agree that the world would be a better place if corporations would release documentation.
But my life would be much less fun then. Reverse engineering scratches a certain itch like nothing else does! So I'm kinda happy that mysteries like this exist and gladly spend my time on something like this :-)
> But my life would be much less fun then. Reverse engineering scratches a certain itch like nothing else does!
Totally, yet at the same time I'm worried that knowledge workers aren't aware enough of just how privileged they are to have been able to 'climb the ladder' to be able to do work like that, and how, unless you're 1) well off and 2) living in the global north, gaining such skills has been made nearly impossible because the ladders needed to climb up are often not available, despite humans having been gifted digital technology (and therefore a zero-marginal cost of information reproduction).
As an example: I'm not technically skilled enough to reverse engineer the things I'd like to, and because of the way knowledge is controlled by big companies as trade secrets and patent claims [1], it's near impossible to gain these skills in an affordable way. I also cannot take apart the technology I already own since it is not modular, it voids the warranty or is it is damaged (since I'm not skilled because I didn't realize early enough how important technology is).
So yes, it sounds super fun for you to reverse engineer this stuff, yet when are we going to seriously admit that this IP system has become a massive problem, and that the people who came before are literally 'kicking away the ladder' they used to climb up themselves? That when people say that the only thing people need to do to succeed is to 'work hard', that that is a lie, since information is made artificially scarce by human systems/institutions, and thus only available to a select few [2].
Edit: I just saw on your twitter that you are a console hacker, thanks for the awesome work!
I completely agree with you about the patent system. There are plenty of companies that tried to do medical innovation and failed because the big corps owning these don't even want to license the IP that their half public funded PhD students create.
But I'm not sure realize where the privilege actually is. People aren't "gifted" with technology. Oftentimes it's because they were exposed to it and didn't have other obligations combined with a mixture of curiosity that was triggered by something. I knew people that had to think long and hard if it's worth saving up 150 dollars to buy a laptop or PC to MAYBE learn skills that MAY help them or if they should just continue working as a hostess. If you have to spend 12 hours a day to grind through school and after-school activity and then homework when society has decided that you can't be a productive member of society later AND then have to help you parents on the farm before you collapse of exhaustion then yes, you won't be able to acquire these skills.
I was privileged enough to have my mother sacrifice everything(her property, her life, her family and her homeland) to pull me out of a warzone to provide for me so I would be in a position to be able to build these skills. Just calling the whole thing privilege is such a disservice to all she had to sacrifice for me to be able to be in this position.
If we want to talk about privilege how about the fact that if the garbage worker wouldn't collect our garbage and the farmers wouldn't provide us with food then we wouldn't even be able to do the things we are able to do and while they feed us so we can build the things that replace them, we tell them how they should have just got to school to fill out excel charts, powerpoints and the next world change ai pipeline, or photo sharing app that nobody needs.
> People aren't "gifted" with technology. Oftentimes it's because they were exposed to it and didn't have other obligations combined with a mixture of curiosity that was triggered by something.
Pretty much. I learned how to reverse engineer back when I was still in school and was bored with my Wii. I wanted to run my own code on it to e.g. watch movies on my TV. But I couldn't afford to buy another computer connected to my TV. So I just had to figure out how the Wii works and how I could run my own code on it.
The privilege I had was that my parents were well-off enough to allow me to have >8 hours of free time after school and that they bought me a computer and gave me pocket money for my Wii.
I used the words "humans having been gifted digital technology" as I am a marxist and I believe that all the technologies and scientific knowledge that we reverse engineer from nature is gifted to us by a higher power. Others talk about the brilliance of human minds, yet since I see us as a part of nature, there's no distinction in that for me. Another reason I say it that way is because unfortunately the 'great man theory/myth' still reigns supreme in the tech industry [1]. I think though that this 'brilliant mind' story that is commonly told in the west seems to have often justified detrimental and destructive human supremacy/domination over the rest of nature (also leading us to the edge of the cliff now with global warming).
> I was privileged enough to have my mother sacrifice everything(her property, her life, her family and her homeland) to pull me out of a warzone to provide for me so I would be in a position to be able to build these skills.
That sounds incredibly difficult and distressing for her (and possibly for you too). Thank you for sharing this personal story here.
> Just calling the whole thing privilege is such a disservice to all she had to sacrifice for me to be able to be in this position.
That isn't what I am referring to as the 'privilege' here though.
I am saying that the property system is the problem. The system makes it so that there are very few knowledge workers. Big capitalist firms, together with the capitalist nation state, control where and when research and development is to be done, and by whom (by enclosing/owning the systems that control the flow of information).
So I have no doubt that your mother/caretaker(s) sacrificed a lot. No doubt about that at all.
Professor Jakob Rigi does a good job of describing what I am trying to explain, maybe I will let him do the talking. Excuse this long quote by him yet I hope the clarity of his message makes it worth it.
“Digital piracy and the digital copying of cultural products for private use is a refusal to pay rent-tribute to knowledge capitalists. Therefore, piracy is miss-naming of the phenomenon. The sea pirates take away by force others' properties. The digital “pirates” only use universal commons which have been artificially fenced off. They just remove fences, and by doing so they do not take away knowledge, because, knowledge cannot be taken away. They use something which by its nature belongs to the whole of humanity. The producer of knowledge uses knowledge, as “raw” material, which is part of the general intellect of humanity as a whole and the produced knowledge itself becomes immediately part of this general intellect. Therefore, the fencing of knowledge is, essentially, more similar to the traditional piracy. The knowledge capitalist fences off, with help of the force of law, universal commons that does not exclusively belong to her/him. Therefore, s/he robs commons.
To put it bluntly, digital piracy takes back that which has been stolen from the public. Therefore, although illegal, it is morally and ethically justified. The very fact that public ethics and the bourgeois property rights contradict each other on this matter evidences that such rights are superfluous in our era of digital technology. In this way, the digital piracy and digital counterfeiting is an important economic-social movement of our time.
This movement is expressed in various ways including the following. First millions of individuals around the world, understanding and believing that they are not involved in theft, copy things for individual uses. The historical, cultural and political significance of this practice can hardly be exaggerated. It undermines the moral and ethical legitimacy of the bourgeois intellectual property in the very pours and veins of everyday life. Digital piracy is a major force of the growth of knowledge and culture, on the one hand, and the self-improvement of the individual on the other. Second, “pirate” activists, so-called crackers, illegally copy fenced off knowledge and make it available for a global public on the net. A good example was Gigapedia digital library on the net, which was created by activists who scanned books. These activists are either from poorer countries or classes or our era’s Robin Hoods from privileged countries and classes. Aaron Swartz was one such Robin Hood. The very massive and online and off line protests against SOPA in the USA and ACTA (Anti-Counterfeiting Trade Agreement ) in the European Union, and their temporary success, are evidence of the moral legitimacy of digital piracy and digital counterfeiting." [2]
Or as another author puts it:
"The current political economy is based on a false idea of “immaterial scarcity.” It believes that an exaggerated set of intellectual property monopolies – for copyrights, trademarks and patents – should restrain the sharing of scientific, social and economic innovations.3 Hence the system discourages human cooperation, excludes many people from benefiting from innovation and slows the collective learning of humanity. In an age of grave global challenges, the political economy keeps many practical alternatives sequestered behind private firewalls or unfunded if they cannot generate adequate profits." [3]
So where does that leave us? I believe that the most powerful leverage point we have available to us is being explored by the http://valueflo.ws project, in tandem with the http://metacurrency.org project. Those projects meet in the middle in a third project called hREA or holoREA [4]. I've written about them in previous comments:
I don’t want to diminish your personal efforts, but gaining reverse engineering skills is something you can largely do on your own for free: it is, after all, a popular hobby of children who have nothing but time on their hands and access to the Internet. You certainly don’t need to buy hardware or have access to special training to get started.
And, to be clear, I do think the current situation of closed systems is not great, and I do think that we do have a lot of engineers who grew up on open systems that they could tinker on going on to design things like iPhone for their children to use. These are real problems, but I just wanted to say that blog posts like these are not the problem; in fact I think they are beneficial as they allow more people to have access to this kind of information.
> it is, after all, a popular hobby of children who have nothing but time on their hands and access to the Internet. You certainly don’t need to buy hardware or have access to special training to get started.
yup, that's how I learned all of this!
> And, to be clear, I do think the current situation of closed systems is not great,
Agreed!
> and I do think that we do have a lot of engineers who grew up on open systems that they could tinker on going on to design things like iPhone for their children to use.
These days there are also more open system like, say, the Raspberry Pi. Back in my day (oh god, I'm growing old!) we had to first exploit video game consoles to get something comparable :-)
We made a slightly related argument when we didn't really feel like driving the WiiU homebrew scene almost 8 years ago (stop making me feel old!) [1]
I think the situation is complicated. For hobbyists it certainly seems like the situation has gotten much better: there's lots of well supported, cheap microcontrollers and little boards for people to play with. But I think for the average user, the situation has regressed. I've heard of many an engineer who got into programming because they played around with BASIC and system extensions on their home computer, because those systems were open and easy to get started on doing that sort of stuff. These days, a child's computing device might be an iPad, or a Chromebook; they're certainly fine for getting work done, but they don't feel like they "invite experimentation" in the same way as systems of the past might've.
My pet theory is that this view fails to recognise that we have moved to a culture of abundance* from the previous culture of scarcity. The lack of 'invitation to experiment' is 100% because there is an overabundance of distraction and lack of constraints.
* for the privileged! The digital divide is very real.
I still think there would certainly still be plenty interesting things to reverse engineer even if mainstream computing hardware would be open as it should be.
Some obscure HPC stuff, vintage mainframes, old games with long lost source code, historic military computing harware, CNC controllers & industrial SCADA devices, consumer device MCUs, advanced radio hardware - lot of stuff to dive into without really knowing what to expect. :)
Not sure why people are downvoting you, documentation of the product that I own is one of the most basic expectations I can have going into owning something. Having every interface abstracted away and being told not to worry too much about the hardware details breaks my heart, because this stuff isn't going to leak any trade secrets: it really only serves to help developers better suit their programs to run on their hardware.
My purely personal opinion is that it should be obvious why manufacturers/vendors don't document everything in great detail: that is tantamount to making those implementation details API and promising support for some indefinite period into the future - no matter how many warnings are put on it. Any observable behavior of a system (or CPU instruction set) becomes public API over time.
People get irately angry when a warranty replacement ends up with a slightly different system (CPU stepping, firmware revision, or whatever) that breaks something. They get only slightly less angry when buying a newer system does the same: "XYZ worked on my previous system!!!!1 this is broken garbage!!1111 Widget Inc is deliberately screwing over loyal paying customers to force us to buy more widgets, it makes me sick!!!!!1111" - this is not too far off from comments made here on HN at times.
Making seemingly trivial changes becomes an exercise in walking a minefield of unknown compatibility constraints.
That's besides the extra work of hiring technical writers to spend time converting a jumble of engineering notes, comments on bug tickets, and code comments into publicly presentable documentation - and making sure to keep all of that up to date when anything changes. For something almost no one knows or cares about that you may completely change in the next version.
100% this. "API is forever" is a saying for a good reason, and writing good API takes a lot of extra work and planning - and we still frequently get it wrong.
Apple (and I’m pretty sure ARM as well) does not want you writing programs that rely on its proprietary extensions to the ISA. The specific things mentioned here are either not exposed to userspace or wrapped in API that hides these implementation details so that third party developers don’t have to deal with them. And Apple changes all these almost every year, which they certainly wouldn’t be able to do if they exposed these; you’ll note that some of my experiments that I wrote not even a year ago are linked in the article as being fundamentally broken now.
> Apple (and I’m pretty sure ARM as well) does not want you writing programs that rely on its proprietary extensions to the ISA.
Well, but at least some people at Apple do. Kind of. They built a mechanism for loading alternate kernels while knowing full well that it would require reverse engineering in order to use. A former engineer said as much. https://twitter.com/XenoKovah/status/1339914716454526979
In a way, Apple has done this for years. Their Mail app contains a third-party plugin API (which dates back to at least Tiger, so it's not some unfinished feature they forgot to remove), but it's completely undocumented. You can't use it unless you reverse engineer it.
Ok, perhaps I should qualify that: they don’t want normal app developers doing this, because those ones want stability. But I believe there are some at Apple that (correctly) see that allowing certain extension points like these is healthy for the overall community. But it’s all under the table…
I don't understand the trade secret concern. Reverse engineering is legal. If you're afraid someone might rip off your product that's what the law is for.
All they do is lock out customers from owning their devices. It's about control- plain and simple.
And if it wasn't patentable, there is a good chance that it would never have been developed or industrialized. It will eventually go off patent and be widely available
> Don't forget that if e-ink wasn't patented, there's a good chance that it would be cheap enough to integrate into everyday utilities.
Why do you (and several others on HN) keepi making this claim with so much confidence? Do you work in the electrophoretic display industry? Do you know what the costs are to make electrophoretic displays? Is there any evidence that patents are what dominate the costs of producing electrophoretic displays? Or do you think there is even a slight possibility that the dominant factor of price is actually volume and scale of production?
Wacom is a good example of patent lock-in. For years they held all the necessary patents to the battery less EMR pen technology and only ever made high end pro-level devices and only ever licensed the technology to makers of high end pen input devices. End result - a generation of digital artists deprived of tools they needed (especially affordable pen displays, only Wacom used to sell those due to the patents they held and at mind-bogglingly high prices).
Now finally a few years ago their patents finally lapsed, forcing them to finally compete with other companies on price and quality.
End result - affordable 13 inch pen displays available at about third to quarter of the old Wacom price from multiple vendors.
I can only imagine the situation is similar if the original E-ink developers managed to patent all the necessary technologies to bloc everybody else.
Same thing for 3D printing - it only really took off once Stratasis could no longer milk their FDM patents to block all progress in affordable 3D printing area.
> I can only imagine the situation is similar if the original E-ink developers managed to patent all the necessary technologies to bloc everybody else.
All this imagination is amazing to me as a person who actually works in the display industry. It is like someone walked into a sports car showroom and announced that these cars are too expensive because of patents and it has nothing to do with volume and actual cost of iron and rubber. And then a bunch of other people all agreed with them and started blogging about it. Because that's what I see happening here. I wonder when someone like this will walk into an Apple showroom and start exclaiming that these apple products are all too expensive because of patents and not because of other factors.
As for Wacom and Stratasis, I have no idea since I don't work in those industries. But I've never seen convincing proof put forth. Circumstantial sure, but clear data that would convince me that "Stratasis used FDM patents to block all progress in 3d printing" doesn't seem to be available.
The parent comment was no where near delicate enough to have any chance - I believe that Apple has simply become too polarising a subject on HN to be able to have a productive debate about their flaws, perceived or real, technical or ethical. As a result many of us have learned the hard way to not bother engaging any more... I might be in for one more lesson.
There's no point in the hivemind downvoting you, but it is an interesting question on product philosophy.
One way to look at it is as ('at it is as'? English is weird) general purpose computer vs. appliance. Apple probably feels no more obligated to give you schematics, chip internals, etc. than Garmin does for a GPS.
Another angle is that hardware companies are becoming more secretive over time. There weren't many secrets in a Marantz receiver or a shortwave radio. Perhaps there's been a change in approach due to low-cost Asian manufacture and the tendency to ignore IP.
There also is a lot more to document. That Marantz receiver or shortwave radio probably had less than 100 transistors. Your smartphone has billions. The cost of providing documentation alone may be sufficient reason not to provide it to customers (yes, they have documentation, but that may not be sufficiently checked for use in a B2C setting, where you likely can’t provide documentation with a “reality may be different” disclaimer)
I also think that, historically, electronics were documented because they broke down so often.
You just had to be able to spot a broken tube in your radio, clean a potentiometer, etc.
There are only so many way ways to skin a cat (in nuts and bolts engineering). When constrained by physics, everyone is going to converge on the same fundamental designs. You therefore have two or three options. Take or leave the licensing agreement of the IP holder, which need not be reasonable or effective; say screw it, use the IP and hide the schemata behind enough trade secret bs red tape that no one is comfortable leaking it, or give up.
I wager the second option contributes to things when number 1 fails. At least, it's the only reason that holds water for me, then again, I haven't gotten into that industry enough to vouch for the presence of skeletal remains in the closet.
If you bought a PC-compatible clone in the 80s you had a good chance of being able to find documentation of some kind to tell you about how pieces of the hardware itself worked.
Not at all the case for other kinds of hardware, or any software.
Companies being required to release documentation would increase the cost of development (passed on to the consumer) by a non-trivial amount.
As it is, people inside companies usually cannot get good documentation for the things the company develops that they need to interface with. Been there, seen that. It’s unfortunate, because that can also increase costs, but usually people just muddle through with poor documentation and many email chains to ask questions about the things that are poorly documented.
What has repairability do with OS security? They are two different topics. You have a valid gripe about the first one but it’s misplaced in this thread
This like of reasoning is absurd.
I’m assuming you drive a modern car, yet can do nothing much of value in running your own software on that computer.
Or your fridge, or TV, or toaster…
In fact, I’d hazard a guess that the large majority of compute capable devices you own, you do not “own” according to your definition of ownership.
Probably partly because it uses the word, "sheep". The word "sheep" is often considered a derogatory non-argument that serves only to rally up believers rather than a substantive piece of rhetoric.
Apple makes hardware that runs macOS. They do not make hardware to run Windows/*nix. They do not need/want to support those other OSes, else, they would make a product that would do that. They have theirs and they feel it is perfectly fine for the product they are offering "thank you very much". Since day one of Apple, the Steves argued open/closed system. Up to the Apple II, Woz won. With the Macintosh and ever since, Jobs won. It is now Apple's ethos. It is theirs to decide. You are free to not like it. Others don't like it, shrug their shoulders and choose to do it anyways. Some of them will even share what they've learned, and some of those will even do that well. If you choose to follow, thank them, and join the movement. Complaing that a company isn't doing exactly what you want just seems sad and pathetic to me.
I'm not voting on it either way, so I can't say, but I personally find it off topic. TFA is a technical article; there are plenty of articles that discuss right-to-repair etc.
Edited to add: the author doesn't seem to themselves be heartbroken. This level of detail suggests enthusiasm.
> Edited to add: the author doesn't seem to themselves be heartbroken. This level of detail suggests enthusiasm.
Absolutely not! Reverse engineering is a lot of fun to me! Especially the moment of clarity when all the unknown pieces eventually fall together and I finally get the whole picture.
Probably the repeated insistence on "force" and "forcing" this result. It's not a practical requirement or an enforceable one in the end unless nearly every government (and every government for every country with a significant manufacturing industry) goes in on this together.
It only takes one government to make it happen (or even a state that is large enough that manufacturers will not choose to stop selling products there). If this was passed e.g. in California, that would open the access up for almost anyone in the world.
It would be practically unenforceable if CA did it, or even the US. The market in both is large, but not large enough, and it's hard to force compliance on companies from other countries.
The result would be similar to the protectionist trade policies that hamper market entry for foreign produced goods in India and some Latin American countries like Argentina. There are enough customers elsewhere whose governments wouldn't give a thought to this that non-CA/US companies would safely ignore CA/US in this case. It would only work with coordinated effort.
There are also other second order effects not considered by a policy like this.
What's the timeline and what's the company scale that this levies?
Is the documentation expected on day 1? Great, Apple and Google and Sony and others will squash all small competitors. You will never see another small (< 20) person hardware startup (not that we see them often anyways) because the cost to produce this kind of documentation is non-zero, and the big players can easily absorb it into their processes. Additionally, small players would literally be handing the design to competitors. OK, maybe patents and things like that stop some companies from being bad actors and reproducing the product in short order, but it won't stop everyone especially in countries with laxer or no enforcement of patents.
Additionally, problems would be created if designs were produced in non-compliant countries. If I start up a hardware company and make a new device, but half my components are designed in Taiwan and they've decided to explicitly reject this, am I non-compliant for not releasing documentation I don't have the authority to release? And if I'm able to become exempted because of a 3rd party component, everyone else would start shifting their design departments to contractors (if necessary) in those countries or shift a portion of their company there.
This is wrong on so many levels, but I will address this one:
> You will never see another small (< 20) person hardware startup (not that we see them often anyways) because the cost to produce this kind of documentation is non-zero, and the big players can easily absorb it into their processes.
I highly doubt that small players would be affected at all, because a small player wouldn't produce a custom chip. The level of documentation required is akin to API documentation that many services produce and this is not revealing any trade secrets, but enables customer to make full use of the device.
If you create a product without any documentation, then you have bigger problems.
> If I start up a hardware company and make a new device, but half my components are designed in Taiwan and they've decided to explicitly reject this, am I non-compliant for not releasing documentation I don't have the authority to release?
This is false, because it is companies like Apple that tell component manufacturers to not sell or to not disclose documentation. Virtually any chip that you can get on an open market has complete documentation available. If you are ordering a custom chip, you shouldn't be allowed to tell manufacturer to not sell it to anyone else nor hide its documentation if it goes into your product.
If you were actually working in hardware design space you would know that what is being asked does not compromise trading secrets, it is done solely out of greed so that people are nudged towards subscription models and becoming dependent on a particular corporation.
Perhaps the courts could force component manufacturers to release the basic specs anyway, regardless of any agreement they may have with Apple. That way they would need to choose between complying and produce documentation on request, or have the component banned for use.
> It would be practically unenforceable if CA did it, or even the US. The market in both is large, but not large enough, and it's hard to force compliance on companies from other countries.
The U.S. regularly imposes plenty of requirements that are far more difficult to meet, in many industries. The U.S. is the largest market in the world for many goods; I think the parent greatly underestimates the power and practices of national governments. Smaller countries also impose requirements.
What you're outlining right now are issues that affect the status quo anyways. Small companies always fight an uphill battle with larger ones, and copyright law is almost never respected: what else is new? Even still, they're weak excuses not to provide the public with information that likely already exists.
I'd contend that a requirement like this, without exemptions for small businesses, would make things worse for small businesses than big businesses and worse than the present situation. It's similar to many other legal regulatory requirements, small businesses end up bearing an outsized cost relative to their revenue.
And if you create exemptions for small businesses, the big businesses would do exactly what they always do, find loopholes to get subsidiaries/contractors to do the work and exempted and nullify the entire thing.
As nice as it would be to bring back (easier) access to system specs, it's impractical without fundamental culture changes that laws themselves don't usually produce.
I almost agree with this, except for the part where you claim that "It's not a practical requirement": this is entirely a practical requirement. People who use Macbooks gripe constantly about the viscous repair and replacement process. Apple's refusal to recover data (or even help customers recover data) is a hostile experience, whether it logistically qualifies as one or not. Customers deal with these issues, and Apple holds all the cards in their hands with the capabilities to fix them. People wouldn't care if the latest iMacs were twice as thick but could upgrade the memory and maintenance the internals. People wouldn't give the Macbook shit if it was twice as thick but had HDMI and USB A. Nobody cares about a thinner product, our current devices are about as ergonomic as they can get without sacrificing durability (if not compromising it, in Apple's case).
This is just a case of Apple being careless. We have a right to criticize the largest company in the world, if not hold them to the highest standards possible. Instead, we've let Apple off the hook because nobody wants to stand up to them and call them out on it. We're all willing to bury those experiences, as long as our next laptop can export our Photoshop projects 500ms faster.
> People wouldn't give the Macbook shit if it was twice as thick but had HDMI and USB A. Nobody cares about a thinner product, our current devices are about as ergonomic as they can get without sacrificing durability (if not compromising it, in Apple's case).
Isn't this statement a bit of a blanket? Not too long ago I purchased a laptop specifically for being tiny and lightweight (X1 Nano). Ports and expandability were an afterthought. Certainly many wouldn't mind increased thickness and bulk but there is absolutely a market for portability, at least in laptops and other mobile devices.
That said, the X1 Nano at least has removable/upgradable storage, which can't be found on heavier MacBooks, so there's absolutely an argument for adding expandability where it doesn't negatively impact portability.
>People wouldn't care if the latest iMacs were twice as thick...
I think Apple have a pretty good idea about marketing, and what sells a product and what most customers find attractive about it. The vast majority of computers sold are never upgraded, whether they can be or not and most people would never even think about it.
It's not a practical requirement in that from an enforcement perspective and economic sense (under the current commercial and economic models) it is not practical.
It is a practical requirement in the sense that it improves (potentially) the practicality of hardware systems.
Those are two distinct senses, I was writing about the former.
Besides the sheep bit, there's two unsaid parts that ring out to me.
Understanding IC's to repair them is a failing prospect. They are black boxes by nature. If you can't actually repair it without the factory, why should they write you a manual to help you repair it?
Beyond that though, there is a degree of Power lost through dispelling the blackbox (information asymmetry is Power, never forget). Explaining how it works opens up PR doors places would rather not have to deal with, and cuts off avenues of development that companies in the space thrive on. See Nvidia graphics cards for an example. Nvidia doesn't "sell" you the card, in the sense of allowing you to do whatever you want with it because they can't. They are contractually required to hide implementation details around things like HDCP and the in hardware foundations of many streaming related DRM technologies.
Then you have other aspects, like their move to requiring Nvidia signed firmware to access the power control of modern cards. This ensures only their driver can feasibly compete in the market and locks out any potential competition that may be able to pull off a true innovation using their own hardware platform (see nouveau and the signed firmware issue).
All of this would be undone by actually being required to support user firmware implementation, and disclosing how everything works.
The above is a link to an offering for a self-driving processing offering (therefore safety-criticality somewhat justifies the absurd guarantees of firmware lockdown), but my experience tells me that once ypu nail down a tricky process like that, you worm it into as many parallel business vehicles as you can.
Just knowing another company is even capable of doing something like that is a signal of demand to competitors. Hence the desire to hide everything possible as no one else's business.
I think you are missing the point. I don't need to know what's inside the black box, but how to communicate with it. Nobody wants documentation that you could send to a factory and said "make me this".
Nobody asks for firmware source code either.
In the software world, companies are happy to release API documentation - it does not reveal any secrets, but lets customers use the product in many other ways.
The same goes with chips.
I dont think its the community. Its just that the people who read/comment on apple related articles tend to be the kind of demographic that dont value those aspects as much. They are looking for a service, not a product.
That's an unfortunate choice of words. I'm definitely looking for a product, not a service (which is why I bought my MacBook instead of leasing it), but everything I need the machine for overlaps with what Apple envisions me doing with the machine.
I don't want my machine to be amateur-repairman friendly and my OS to be infinitely customizable and tinkerable, because we already have that, it's called Linux on a ThinkPad and to me that's the antithesis of a Mac and I consciously decided not to use that kind of setup.
(I'm not strongly for or anti right-to-repair, but I tend to be against tight regulation when avoidable.)
It is the community, but not because we don't care about it. It's because in a thread on an article like this it's not a very valuable comment. The comments it generates (including yours and mine) has nothing to do with the SPRR or exception levels.
I make a thing to a function that I want it to do. I release that thing so other people can do the thing I envisioned. Someone else then realizes they might be able to use the thing I made for something else entirely, but only if I provide instructions on how to do it? How is that my problem/responsibility?
The gist of your argument is sound, but consumer culture is equally to blame as manufacturers. Consumers are used to throw-away cheap goods. People HN != consumers. Apple's consumer base is mostly iPhone users and non-techie crowd.
If you bought a $30000 server, you'll get schematics and a lot of information of the product. Including motherboard traces and gerber files:
If these people are willing to provide schematics and motherboard traces to < 10,000 users, why can't Apple provide schematics and traces for devices being used by tens of millions of people?
Just because we know enough to know when we are getting shafted why is that an excuse to shaft other people who don't?
Intel have done some really shady things, and yet they still publish extensive documentation on how their processors work and how to get the best from them - Apple? Nothing.
That's hardly surprising. Intel sell their chips as components to be used by third parties who clearly need that information to do so, whereas Apple uses them only internally for their own products.
I don't own any. The only reason why I bother complaining is that I respect that Apple aren't like Google or even microsoft both in terms of tracking and taste, but then they are extremely closed which spoils what I think would be the perfect laptop.
If I understand correctly, one of the big unsaid implications of this article seems to be that it is now impossible to have RWX, because the hardware completely prevents it. APRR looks more like a general permissions-remapping mechanism, while SPRR appears to go beyond that.
While the technical details are certainly interesting, IMHO it's also disturbing in the same way as weapons of mass destruction or DRM. This technology is used by one company to essentially maintain control over its users, under the convincing guise of security.
What do SPRR and GXF stand for?
Given the functionality, my guess is APRR = Access Permission Remapping Registers, SPRR = Secure Permission Remapping Registers, and GXF = Guarded Execution Feature.