WWDC 2024

[Roller]

This is interesting and pretty neat... Today Blackmagicdesign announced a new camera with a dual lens system that supports Apple Immersive Video for creating 3D movies for its AVP headset. They also announced a new version of DaVinci Resolve to support editing video from the camera.

That should help kickstart the creation of some really outstanding 3D videos. As soon as someone creates an immersive 3D video of the prehistoric cave paintings in Lascaux, France, letting me walk through the caves and seeing paintings on cave walls that go back 15,000 years, or lets me run a San Francisco Marathon with 20,000 other people, I'll be ready for an AVP.

Check it out:

Media | Blackmagic Design

Yes, this announcement has caused much excitement in the AVP community. How much the camera will cost is unknown. The closest device from Blackmagic goes for around $15K, so I expect this will push $20K or more with lenses. That's a lot for amateurs or even many prosumers, but well within the range of many production facilities.

I haven't posted much about the AVP since I got mine last February, but I've been using it for an hour or two every day for play and some work. There's already a wealth of content that looks great on the AVP or in some cases can only be viewed on it: Apple's immersive videos, 3D movies, IMAX films, third party interactive experiences like Marvel's What If…?, and so on. One of my favorite apps, Voyager, is available for free from ForeFlight. Voyager displays a floating round platter that is centered on an airport of your choice. You can move, rotate, and magnify the view and "walk into" it to look down on the terrain. Aircraft are rendered in 3D blue in real time, and you can see their origin, destination, speed, altitude, and other information. You can also listen in to ATC for many airports.

visionOS 2.0 is a welcome update that is what 1.0 should have been. Far from perfect, but a significant improvement in many respects. The new Bora Bora immersive environment is a joy: sandy beach, swaying palms, gently rolling aquamarine water, and background sound.

 

[Citysnaps]

Yes, this announcement has caused much excitement in the AVP community. How much the camera will cost is unknown. The closest device from Blackmagic goes for around $15K, so I expect this will push $20K or more with lenses. That's a lot for amateurs or even many prosumers, but well within the range of many production facilities.

I haven't posted much about the AVP since I got mine last February, but I've been using it for an hour or two every day for play and some work. There's already a wealth of content that looks great on the AVP or in some cases can only be viewed on it: Apple's immersive videos, 3D movies, IMAX films, third party interactive experiences like Marvel's What If…?, and so on. One of my favorite apps, Voyager, is available for free from ForeFlight. Voyager displays a floating round platter that is centered on an airport of your choice. You can move, rotate, and magnify the view and "walk into" it to look down on the terrain. Aircraft are rendered in 3D blue in real time, and you can see their origin, destination, speed, altitude, and other information. You can also listen in to ATC for many airports.

visionOS 2.0 is a welcome update that is what 1.0 should have been. Far from perfect, but a significant improvement in many respects. The new Bora Bora immersive environment is a joy: sandy beach, swaying palms, gently rolling aquamarine water, and background sound.

I'm guessing Blackmagic's 3D cam will be rentable. Here in the SF Bay Area there's a place near where I live called Borrowlenses.com. You can rent almost any lens you want for a reasonable price - good if you're thinking about buying a lens but need to try one out for a few days first. You can also rent camera bodies, even cinema cameras like an ARRI Alexa or a RED. Still, renting Blackmagic's 3D camera for a week would likely be a large chunk of $$$$.

Regarding your AVP... What are some things you don't like about it, or bug you?

ForeFlight... I can see them being all over AVP. I wish they would offer a non-subscription version for those into flight simulators like X-Plane. But since they were acquired by Boeing a few years ago, I'm guessing that will never happen. Sure look like a sweet app/service!

 

[B01L]

WWDC 2025

• Mac Pro Cube
• M4 Extreme SoC (N3P)
• 64-core CPU (48P/16E)
• 256-core GPU
• 128-core NPU
• 1.92TB LPDDR5X RAM (inline ECC)
• 2.16TB/s UMA bandwidth
• Thunderbolt 5
• USB 4
• WiFi 7
• Bluetooth 5.4

 

[Nycturne]

Speaking of … I saw this about the “real reason more iOS apps are unavailable on macOS” but not being an actual developer I wasn’t sure what they were talking about:

Siguza (@siguza@infosec.space)

The real reason iOS apps don't run on macOS is because some dumb CI/testing suites flag it as an error if the app "works on jailbroken devices" so everyone and their mom check for /Applications/blackra1n.app and /bin/bash and crash the process if those exist, because some blog post from 2009...

infosec.space

@Nycturne @Andropov can you guys explain?

I think this is somewhat tongue in cheek and be simplified to: Developers are never given time to support stuff like this unless there is a business angle.

But yes, there's libraries and the like that will throw a fit if a device looks to be jailbroken to help you try to cut down on piracy. They will attempt to do something that the iOS sandbox will usually block them from doing, and if they can, then it's jailbroken. Or they'll check for things that the jailbreak installs to the device that Apple doesn't have. So yeah, if your app aggressively blocks use on a jailbroken device, a Mac could very well look jailbroken.

That said, I don't think this is actually the dominant reason, but certainly could be a reason. At least in my small part of the world, it is usually not the reason, but rather the lack of desire to "add a new thing to the test matrix" without a user base to go with it.

 

[dada_dave]

I think this is somewhat tongue in cheek and be simplified to: Developers are never given time to support stuff like this unless there is a business angle.

But yes, there's libraries and the like that will throw a fit if a device looks to be jailbroken to help you try to cut down on piracy. They will attempt to do something that the iOS sandbox will usually block them from doing, and if they can, then it's jailbroken. Or they'll check for things that the jailbreak installs to the device that Apple doesn't have. So yeah, if your app aggressively blocks use on a jailbroken device, a Mac could very well look jailbroken.

That said, I don't think this is actually the dominant reason, but certainly could be a reason. At least in my small part of the world, it is usually not the reason, but rather the lack of desire to "add a new thing to the test matrix" without a user base to go with it.

Ah I see. Okay thanks!

 

[Andropov]

Speaking of … I saw this about the “real reason more iOS apps are unavailable on macOS” but not being an actual developer I wasn’t sure what they were talking about:

Siguza (@siguza@infosec.space)

The real reason iOS apps don't run on macOS is because some dumb CI/testing suites flag it as an error if the app "works on jailbroken devices" so everyone and their mom check for /Applications/blackra1n.app and /bin/bash and crash the process if those exist, because some blog post from 2009...

infosec.space

@Nycturne @Andropov can you guys explain?

The companies that develop some apps sometimes run security audits. The goal can be simply to improve the security of the app, or, more commonly, to obtain a security certificate (like SOC 2, ISO 27001, HIPAA...). These security certificates are required often when selling a piece of software to another company (rather than to final users through, say, the App Store). Some companies will refuse to use your software at all if you don't have said audit certification. So you hire another company to audit your software looking for security issues or privacy violations. The company that does the audit rarely takes a good look at the software you're selling, it's likely that all they'll do is check boxes in a form. What the person in that Mastodon post is arguing is that one of the common checkboxes is something similar to "Does the app avoid running on jailbroken devices?", so developers have to add jailbreak detection. Depending on the company, you can face a lot of pressure to do so, as it could be blocking potential deals with other companies.

The issue is that macOS can look a lot like a jailbroken iOS device, so it's possible that running an iOS app on macOS triggers this jailbreak detection.

FWIW, I don't think that's the main issue preventing some iOS apps from coming to the Mac, but it's possible that some apps have run into this.

 

[NotEntirelyConfused]

The issue is that macOS can look a lot like a jailbroken iOS device, so it's possible that running an iOS app on macOS triggers this jailbreak detection.

Exactly. And I just ran into an app that looks like it's doing that. It occurs to me that I can *probably* get it to work by building a chroot environment. But... what to put in it? And will Apple's security stuff get in my way? I hate to waste a ton of time fiddling with this, if anyone has looked at this already.

I think I recall Apple supporting the equivalent of bind mounts, which would make things a lot easier- much less to copy. Though APFS makes copies not a big deal in most cases, a lot of the files would have to come from the sealed system volume, so that stuff would still have to be copied, not just referenced.

Has anyone done this?

 

[Altaic]

Exactly. And I just ran into an app that looks like it's doing that. It occurs to me that I can *probably* get it to work by building a chroot environment. But... what to put in it? And will Apple's security stuff get in my way? I hate to waste a ton of time fiddling with this, if anyone has looked at this already.

I think I recall Apple supporting the equivalent of bind mounts, which would make things a lot easier- much less to copy. Though APFS makes copies not a big deal in most cases, a lot of the files would have to come from the sealed system volume, so that stuff would still have to be copied, not just referenced.

Has anyone done this?

System Integrity Protection disables chroot.

 

[Alli]

Anyone with the iOS 18 beta on their phone experiencing issues with notifications?

 

[NotEntirelyConfused]

System Integrity Protection disables chroot.

WTF????

I mean... I guess I can see the point, if you're assuring that the system is uncompromised, then allowing wholesale replacement of userland binaries could be a problem, but still, this is a case of "here, have this security feature... but we're taking away this other security feature".

SIP really needs levels, or maybe feature bits, not just an on/off switch.

 

[Roller]

I'm guessing Blackmagic's 3D cam will be rentable. Here in the SF Bay Area there's a place near where I live called Borrowlenses.com. You can rent almost any lens you want for a reasonable price - good if you're thinking about buying a lens but need to try one out for a few days first. You can also rent camera bodies, even cinema cameras like an ARRI Alexa or a RED. Still, renting Blackmagic's 3D camera for a week would likely be a large chunk of $$$$.

Regarding your AVP... What are some things you don't like about it, or bug you?

ForeFlight... I can see them being all over AVP. I wish they would offer a non-subscription version for those into flight simulators like X-Plane. But since they were acquired by Boeing a few years ago, I'm guessing that will never happen. Sure look like a sweet app/service!

Some of the things that bug me:

• No app folders
• Can't mirror iPhone to AVP so that it's usable on the device
• Slow pace of release of immersive Environments (and other Apple immersive content)
• Many Apple apps still not tailored for the device
• No multiple user profiles (saved guests isn't nearly as good)

I agree the new Blackmagic camera will be available to rent though, as you say, it won't be cheap. And I'd pay for ForeFlight's Voyager if they offered a version with higher-res views, just for virtual sightseeing from above, as well as aircraft that are rendered more authentically.

 

[Nycturne]

WTF????

I mean... I guess I can see the point, if you're assuring that the system is uncompromised, then allowing wholesale replacement of userland binaries could be a problem, but still, this is a case of "here, have this security feature... but we're taking away this other security feature".

SIP really needs levels, or maybe feature bits, not just an on/off switch.

chroot is a poor security feature, which is why there are better tools these days (although mostly Linux focused). Docker uses pivot_root to ensure that processes are properly isolated to the virtual filesystem of the container for example. Per RedHat back in 2013:

It is not hard to consider the chroot() system call a security feature. In theory, it sounds great, but if you really take the time to understand what is going on, it is not really a security feature, it is closer to what we would call a hardening feature. It might slow down an attacker, but in most situations it is not going to stop them.

It's also been the case that people attempting to make it more secure in the Linux kernel have gotten clear pushback that it isn't meant to be for security, but rather having environments with different sets of user space binaries.

 

[Citysnaps]

Some of the things that bug me:

• No app folders
• Can't mirror iPhone to AVP so that it's usable on the device
• Slow pace of release of immersive Environments (and other Apple immersive content)
• Many Apple apps still not tailored for the device
• No multiple user profiles (saved guests isn't nearly as good)

I agree the new Blackmagic camera will be available to rent though, as you say, it won't be cheap. And I'd pay for ForeFlight's Voyager if they offered a version with higher-res views, just for virtual sightseeing from above, as well as aircraft that are rendered more authentically.

Thanx for the list... I guess the good news is it's just a matter time for the above to be implemented in future visionOS updates.

I just watched ForeFlight's Voyager vid. Pretty cool. And free (for the current version).

Canon recently announced a 2nd 3D lens for making AVP immersive videos. Not professional level specs being for their R7 APS-C camera, but would still have a use for people getting into making immersive videos, and seems well priced at $1,100.

 

[Roller]

Thanx for the list... I guess the good news is it's just a matter time for the above to be implemented in future visionOS updates.

I just watched ForeFlight's Voyager vid. Pretty cool. And free (for the current version).

Canon recently announced a 2nd 3D lens for making AVP immersive videos. Not professional level specs being for their R7 APS-C camera, but would still have a use for people getting into making immersive videos, and seems well priced at $1,100.

Thanks, I've read about that lens. I'm a Nikon shooter, but my D7200 is getting long-in-the-tooth, especially for video. I can see myself moving to Canon, though I'm sure Nikon will have an equivalent lens to go with their mirrorless lineup at some point. For me, in addition to the hardware, the key will be a relatively smooth, easy workflow from capture to AVP-ready.

 

[NotEntirelyConfused]

chroot is a poor security feature, which is why there are better tools these days (although mostly Linux focused). [...]
It's also been the case that people attempting to make it more secure in the Linux kernel have gotten clear pushback that it isn't meant to be for security, but rather having environments with different sets of user space binaries.

Which, shockingly, is what I'm suggesting it be used for.

Apple are the ones who've declared it a security feature. Or rather, I guess, an "insecurity" feature, so that SIP disables it. Grr.

 

[mr_roboto]

Which, shockingly, is what I'm suggesting it be used for.

Apple are the ones who've declared it a security feature. Or rather, I guess, an "insecurity" feature, so that SIP disables it. Grr.

I mean, in context of the new feature, it really is an insecurity feature. You yourself acknowledged that Apple's signed system volume tech wouldn't make much sense if it was trivial to bypass by calling chroot().

SIP really needs levels, or maybe feature bits, not just an on/off switch.

Lots of levels and feature bits would add lots of complications, and complications to the design are great ways of accidentally introducing vulnerabilities at either the design or implementation stage.

Bottom line, IMO, is that UNIX had countless security mistakes in its design. Fixing them well inevitably means breaking some traditional UNIX features, and that's fine.

 

[Jimmyjames]

A couple of interesting additions to macOS.

FSKit. It looks to be a user space filesystem api. In the same way that fuse is.

FSKit | Apple Developer Documentation

Implement a file system that runs in user space.

developer.apple.com

MediaExtension: QuickTime plugins are back baby!

MediaExtension | Apple Developer Documentation

This framework provides a means for developers to create format readers, video decoders, and RAW processors for media that the system doesn’t natively support.

developer.apple.com

Looking through the private frameworks, there is an expansion of the “blast door” protections. Also there is a “FramePacing” framework. Which might explain why there are some reports of Game Mode having a bigger impact than it did previously.

Has anyone tried Xcode 16s new AI completions? I am unsure if they have shipped yet. I thought they would ship later, along with the other Apple Intelligence features, but some are saying they already shipped and they aren’t very good. Early days obviously given it’s just Beta 1, but I’d be interested in others experiences.

 

[Nycturne]

Which, shockingly, is what I'm suggesting it be used for.

Except that’s not the statement you made that I’m responding to.

Anyways, sideloading IPAs to attempt something like this in the first place presents its own issues, which folks have to work around. And PlayCover found out that a small number of apps like TikTok behave really poorly on Mac because of the differences in the sandbox model between the two platforms.

Apple are the ones who've declared it a security feature. Or rather, I guess, an "insecurity" feature, so that SIP disables it. Grr.

When did they do that? In general, Apple’s approach here is more that they won’t preserve a feature that presents issues with other features they deem more important. chroot was never really an important feature for Apple’s goals.

But if you were to look at the logs on why the shell spun up by chroot is killed:

AMFI: hook..execve() hardened runtime not allowed in chroot

Hardened runtime is required for all executables Apple ships, app store apps for Mac, and notarized apps for Mac. One of the key bits of functionality of the hardened runtime is to prevent library hijack attacks. So this is the system protecting itself from a chroot being used to perform a library hijack against a hardened executable.

I’m not actually convinced that chroot is completely blocked, but rather, you aren’t going to be able to symlink/copy system-provided binaries into the chroot for use. So you’d effectively have to build a userspace from scratch. In the face of that, I’m not surprised the answer tends to be “disable SIP”.

I’ll also add that SIP does have some flags for different features, but some configurations are not supported, and csrutil will tell you about them.

 

[Nycturne]

A couple of interesting additions to macOS.

FSKit. It looks to be a user space filesystem api. In the same way that fuse is.

FSKit | Apple Developer Documentation

Implement a file system that runs in user space.

developer.apple.com

Apparently this has been in development for a while. macOS 13 and later has been using this for external drives, but the library was limited to a private entitlement until now. Interesting.

MediaExtension: QuickTime plugins are back baby!

MediaExtension | Apple Developer Documentation

This framework provides a means for developers to create format readers, video decoders, and RAW processors for media that the system doesn’t natively support.

developer.apple.com

Huh. This is more surprising because we aren’t exactly seeing a proliferation of codecs these days. And hardware acceleration is becoming increasingly important for battery life.

Has anyone tried Xcode 16s new AI completions? I am unsure if they have shipped yet. I thought they would ship later, along with the other Apple Intelligence features, but some are saying they already shipped and they aren’t very good. Early days obviously given it’s just Beta 1, but I’d be interested in others experiences.

There is an option to install them, but I haven’t used the beta long enough to see them in action.

 

[dada_dave]

A couple of interesting additions to macOS.

FSKit. It looks to be a user space filesystem api. In the same way that fuse is.

FSKit | Apple Developer Documentation

Implement a file system that runs in user space.

developer.apple.com

Apparently this has been in development for a while. macOS 13 and later has been using this for external drives, but the library was limited to a private entitlement until now. Interesting.

I wonder … supposedly there’s a private, unstable API for user space graphics drivers too. Maybe one day we’ll see that surface as well?