Apple believes that privacy is a fundamental human right and that security is a constant priority for teams across the organization. For years, Apple has led the industry with new protections to prevent sophisticated attacks and protect its users, including features like pointer authentication codes (PACs), BlastDoor, and page protection layer (PPL). For more information about Apple platform security, see support.apple.com/guide/security/welcome/web. Apple does not feel comfortable working within the framework of Khronos` intellectual property as this is a dispute between Apple Legal and Khronos that is private. I cannot speak to the substance of this dispute. No representation can be made for Apple to agree with Khronos` intellectual property framework. Apple`s lawsuit provides new information about NSO Group`s FORCEDENTRY, an exploit for a now patched vulnerability previously used to penetrate a victim`s Apple device and install the latest version of NSO Group`s spyware, Pegasus. The exploit was originally identified by the Citizen Lab, a research group at the University of Toronto. Apple`s objection to SPIR-V is largely non-technical. They prefer a text format, prefer a single unified document rather than integrating SPIR-V by reference, and then they are not willing/unable to work with Khronos for legal reasons that I do not understand but that have been publicly referenced in several contexts.
There is this related issue that raw SPIR-V is not suitable because it allows for many undefined behaviors and a web execution context needs to be secured. Since Tint with SPIR-V is bijective, taming work has not yet taken place, either through a validation profile (uncertain hue is rejected) or through a transformation to add security controls. This is done as an SPIR-V to SPIR-V transformation from Dawn and wgpu, as I understand it. Since you have to make a passage on the shader anyway, it shouldn`t be more expensive to do it as part of a text-to-binary translation than from binary to binary. «State-sponsored actors like NSO Group spend millions of dollars on sophisticated surveillance technologies without the need for effective accountability. That has to change,» said Craig Federighi, Apple`s senior vice president of software engineering. «Apple devices are the most secure consumer hardware on the market, but private companies that develop government-sponsored spyware have become even more dangerous. While these cybersecurity threats only affect a very small number of our customers, we take any attack on our users very seriously and are constantly working to strengthen security and privacy in iOS to keep all our users safe. «Mercenary spyware companies like NSO Group have facilitated some of the world`s worst human rights violations and transnational repression, enriching themselves and their investors,» said Ron Deibert, director of the University of Toronto`s Citizen Lab. «I commend Apple for holding them accountable for their abuse and hope Apple will help bring justice to all those who have been victims of NSO Group`s reckless behavior.» This is all very exciting, I hope the people at WebGPU follow the design clarity that the people at WebAssembly have demonstrated. Apple makes the most secure mobile devices on the market and is constantly investing in strengthening privacy and security protections for its users.
For example, researchers have found that other mobile platforms have 15 times more malware infections than the iPhone,2 and a recent study showed that less than 2% of mobile malware targets iOS devices.3 What does Vulkan offer developers who don`t yet have them from Metal, SceneKit, ARKit, and CoreImage? So only a subset of valid SPIR-V programs are translated into color? You`ve already cited Google`s objection to WSL – it`s an almost impossible task to pin and test the semantics of a GPU shading language across the ecosystem unless it`s based on SPIR-V. Apple doesn`t have to deal with them as they provide two or three orders of magnitude fewer references than the rest of the ecosystem, and WSL`s design reflects that (it`s more metal-based than SPIR-V). It doesn`t sound so much like a proposal as it is a non-WHLSL. I really like the Webkit document because it describes the motivations and explains the context. edit, More information about WHLSL issues so much drama, GPU control is the partition of platform dominance. It seems that we are at the tipping point where the operating system is largely irrelevant. All the parts are already in place. One pattern I`ve seen is that security is an afterthought, semantics was added that someone wanted (C++ user and pointer) and now this specification can`t use a new context. If things are safe, they can be used anywhere by default. True, a subset of is correct, we should strive to be correct, especially in the specifications.
Accuracy does not mean working as intended. However, in the best timeline, Apple would simply drop the metal and take control of Vulkan. That would really make things easier for everyone. They bring clues, and that`s something I still don`t understand. OpenCL, CUDA, Metal and Vulkan 1.2 have some, while the others lack some, DX11/DX12 is among the most important. Since SPIR-V can express pointers (but essentially as an extension), Tint can express them, but I don`t yet know what WebGPU implementations should do with them. Choices include: (a) disabling in WebGPU, (b) allowing as an optional extension when running on a pointer-enabled GPU, (c) translating into array access. Since WSL contained clues, it seems that they would opt for (c). DS: Bijectivity helps us make sure that everything you say is absolutely convertible into SPIR-V. We also think it makes sense to go the other way around: convert SPIR-V to hue. If someone already has the SPIR-V generation, they can easily use a library to convert to Tint and use it in WebGPU.
There is an ecosystem around. See also Licenses for software used in our Objective-C iOS SDK. Game companies Roblox and Niantic, as well as cryptography-based metaverse platforms such as The Sandbox and Decentraland, are also absent from the Metaverse Standards Forum. The forum is open to any organization for free, so Apple and others could join in the future. Apple is noticeably absent from the membership list, despite its high investments and ongoing work on several devices in the field of augmented reality and virtual reality. Apple has always been heavily involved in creating standards, such as HTML5 for the web. He created Thunderbolt with Intel and the «USDZ» file format for three-dimensional content with Pixar and Adobe. Most recently, Apple announced its involvement in the development of Matter at WWDC 2022, a new open standard for smart home accessories. Apple also announced a $10 million contribution to support researchers and advocates for cyber surveillance «At Apple, we are always working to defend our users against the most complex cyberattacks. The steps we are taking today will send a clear message: in a free society, it is unacceptable to use powerful state-sponsored spyware against those who want to make the world a better place,» said Ivan Krstić, Apple`s head of engineering and security architecture.
Our threat intelligence and engineering teams work day and night to analyze new threats, quickly patch vulnerabilities, and develop new, state-of-the-art protections in our software and silicon. Apple operates one of the most sophisticated security engineering operations in the world, and we will continue to work tirelessly to protect our users from government-sponsored abusive actors like NSO Group. (The above is somewhat suited to my latest blog post with GPU computing resources, but the new shader language is definitely the interesting news).) By «gate» I mean that any SPIR-V can be translated syntactically with Tint (and vice versa), but not everything is accepted in a WebGPU runtime environment. One conceptual way to think about this is that «insecure» is an optional extension that would be available to programs that run as native code but are not available in a web execution context. But SPIR-V/Vulkan wasn`t designed with security in mind, so it`s not designed that way, and I think a lot of work is needed here. And there, I thought that the real objection to SPIR-V was completely non-technical. Excerpt from the minutes of the meeting of 09.12.2019: Both had disadvantages that made them unacceptable to different people. Apple is suing NSO Group to curb the abuse of government-sponsored spyware, oh- that explains a lot. I was wondering what was the value of a language strictly isomorphic to spir-v compared to spir-v only. that it has to work like that, but that`s probably the best option then. But the overall direction and attitude of the WebGPU team is excellent.
Apple informs the small number of users who have been targeted by FORCEDENTRY. Whenever Apple detects activity that is compatible with a government-sponsored spyware attack, Apple notifies affected users in accordance with industry best practices. Your app or game would not be limited to macOS/iOS and could very easily be ported to any other platform. The spyware has been used to attack a small number of Apple users worldwide with malware and dangerous spyware. Apple`s lawsuit aims to prohibit NSO Group from further harming individuals by using Apple`s products and services. The lawsuit also seeks redress for NSO Group`s gross violations of U.S. federal and state law resulting from its efforts to target and attack Apple and its users. Ses plus de 35 membres fondateurs comprennent 0xSenses, Academy Software Foundation, Adobe, Alibaba, Autodesk, Avataar, Blackshark.ai, CalConnect, Cesium, Daly Realism, Disguise, la Fondation Enosema, Epic Games, Express Language Foundation, Huawei, IKEA, John Peddie Research, Khronos, Lamina1, Maxon, Meta, Microsoft, NVIDIA, OpenAR Cloud, l’Open Geospatial Consortium, Otoy, Perey Research and Consulting, Qualcomm Technologies, Ribose, Sony Interactive Entertainment, Spatial Web Foundation, Unity, VerseMaker, Wayfair, le Web3D Consortium, le World Wide Web Consortium (W3C) et la XR Association.
