The author also seems blind to the fact aerial photography has been a well established concept for well over 80 years at this point. These companies are not optimizing their optical systems to spy on people, but rather provide a good focus at long focal ranges in hardened systems, has nothing to do with police or their motives, its a general product feature.
This is not some general blanket approach you can take to talking about internal implementations. You are either right, or wrong. There is no middle ground or "I think". If you've signed an NDA around these internal implementations I would wager that NDA came with a clause to not discuss it without consulting Meta, even after your departure.
And it's obviously BS that companies can abridge a citizen's freedom of speech after the employment agreement ends. If this individual wants to be the case on the lawsuit that's a long time coming, more power to them.
This Supreme Court is not big-tech-friendly; good time to shift up the precedent.
I want to know when the police agencies will start charging companies for abusing the police services.
Having to engage and arrest people puts officers in harm's way every time they make a stop, and when it is literally because some company thinks it's a profitable move to externalizing onto the police the problem to solve their management failures.
I think most commenters are completely gleaning over the contrived systems which are embedded systems.
Sure, on higher performance systems you will be dealing with bigger demons such as cache and TLB performance depending on data size. But many embedded systems are performance limited for cost and power reasons. There is nothing here cloud will solve, nor anything else than more expensive NAND flashes, which require more power, and money. Hence why designing algorithms for critical data throughput are not as simple as using cloud or a filesystem.
It is well accepted that GC-based runtimes greatly increase memory footprint. A tracing GC might need upto several times the memory to match manual memory management. Nothing interesting about the "viewpoint".
It is always interesting seeing comments like that and thinking "they must work for Apple, right?!", as I not only don't know of but even haven't heard of people in the external security research world who have much--if any--faith in Apple's Security Research Device Program... and so, lo and behold: Pavlo here, in fact, works for Apple on their Security Engineering & Architecture team; the whole thing is ridiculous :/.
If you want to do this kind of work without having to maintain a jailbroken phone (which is definitely annoying), I'd think the sane thing to do isn't to apply up for Apple's immoral-by-every-shade-of-hat Security Research Device program (which will probably reject you anyway): instead, consider signing up for Corellium, the iOS emulator service developed by ex-jailbreak people... the one that Apple first tried to buy and then (when they refused to pay very much) tried to sue out of existence (a tactic which, notably, failed).
The downside of this is, of course, that you are now using a third-party hosted service for which you have to pay money for access, but it isn't like that Apple Security Research Device program comes with no attached costs, and their contractual restrictions are going to be way more frustrating than the similar practical issues from working with a remote system. That said, with the recent-ish advances in virtualized ARM, we are seeing more and more emulation of the iOS stack (starting at the lowest levels and working up), so--while I haven't myself tried any of these (including Corellium for longer than a demo... I have always worked with legitimately jailbroken devices)--people might be able to do some useful work locally using QEMU. (Here are a couple prior discussions of the current state of QEMU for this purpose.)
This isn't a "personal attack" as the complaint isn't personal. My comment isn't even about Pavlo himself: it is about the pattern of how it only seems like Apple employees ever talk up this program, and, "lo and behold", this is such an example. I don't pick at Pavlo for being a bad person, or even attack his comment: I complain about the immorality of the terms and mechanism of the program as well as the ridiculousness of how only Apple people defend it.
If my comment is a problem, then the extremely common comments from people on Hacker News complaining that someone is from Cloudflare or from Google--or from any number of cryptocurrency projects that seemingly the zeitgeist on Hacker News is always angry about--and are shilling some random project are also problematic; and yet, I don't believe I have ever seen you attempt to call people out about any of those: in fact, Hacker News seems to have a pretty clear "it is OK to shit on people who work on cryptocurrency projects" policy.
Meanwhile, Apple really shouldn't get any kind of defense, here: you know part of why Pavlo comes around obliquely commenting with no obvious mention anywhere (in comments, bio, etc.) that he's from Apple? I'll claim it isn't even (directly) his fault! Apple, the company, seems to have a policy against people identifying themselves on social media services so strong that if anyone gets attention--even if they are being helpful--it seems to land them in water hot enough that they have to sit around and wait to find out if they are being fired... such as the story of this poor employee on TikTok I've been following the last couple days:
I think this is a shitty policy (whether explicit or implicit: the chilling effect is the same) that Apple has, and it isn't something we should be indirectly helping and supporting by claiming that anyone noting "this person is actually from Apple"--which seems to be the only thing I did, and which I do believe was important context for my comment--is a "personal attack". While I definitely believe that people who work for the large tech companies should be held accountable for the actions of those companies, none of my attacks today are personal: they are all against the explicitly-faceless corporate entity known as Apple.
I think the principles behind Corellium are good (can we build an iOS toolchain without Apple?) but everything I heard about the implementation was unfortunately also negative. I think it would be a lot easier to stand behind them if they separated their product and service offerings, maybe making the iOS bootstrapping code Open Source, but providing ARM instances with commercial support at-cost. In it's current state, though, I can't root for them any more than Oracle or Apple themselves.
You do realize on a zero dollar contract the phone is being upfront subsidized by the corporation contracting them out? This is flat out fraud, no matter how you look at it.
