I wonder how well Apple has deployed these tools internally for security research.
Since mid-April Chrome showed 302 vulnerabilities patched, 225 of them found by Google. Same period last year was 19 vulnerabilities. They've also become more transparent recently, disclosing vulnerabilities found internally, not just externally (which Apple still doesn't appear to do). From the outside, it's hard to tell if Apple has deployed this tooling as much as Google.
I am part of Apple's SEAR (Security Engineering and Architecture) organization and can’t attest that we have been using Anthropic models, including, but not limited to, Mythos, as part of our participation in Project Glassing and previous private partnerships with different frontier AI labs for years. We simply don’t talk about it because there’s no benefit to talk about it, and also NDA’s, but mostly because there’s no benefit to talk about it other than to satiate people’s curiosity about what we do or don’t do internally.
The heavily ironic implication is that they're under NDA, so they can't attest to it, while more or less attesting it. Senator, I cannot confirm or deny that we definitely do this.
This could also be an unofficial-official way for Apple to "leak" that yes, they do this--which is on brand for how Apple handles "rumors" etc.
When the CIA representative says "I can neither confirm nor deny" it generally means the atrocities of which the agency has been accused did, in fact, take place.
When I worked in the civil service we were trained to use that phrase to any query, no matter how innocuous (unless we had permission to give more info).
You may think that not issuing a categorical denial is suspicious, but generally speaking you cannot infer any information from that response. If it was only used when really bad things might have happened, maybe you could infer more.
I think Apple became much better at security in recent years. One example which I think is indicative of their approach to security - they bothered to add a hardware microphone disconnect when a macbook is closed. Source: https://support.apple.com/en-gb/guide/security/secbbd20b00b/...
What's your thinking on this? From my perspective Apple security go pretty hard. They have a strong track record of being able to ship architectural mitigations like PACs / MIE / Exclaves first. I guess because Apple control the stack from silicon to userspace.
My thinking was in a historical context, and for their desktop OS's. I know they've been pretty on top of things with iPhones, and MacOS has become a lot better, but for the longest time MacOS was pretty lacking, coasting very much on promoting how much PCs have viruses and macs didn't, which was a marketshare thing more than a security thing. I don't think they got ASLR until later than pretty much everyone else, for example.
They've improved a lot, especially their phones, but I'd still never consider them a company that has a really strong focus on security.
They were not "coasting" on anything. Everything about OS X has always been designed to protect users from the stuff Apple hasn't caught yet, because they know they can't always catch it first - and Apple has led the pack in nearly every major OS security feature of the last 25 years.
That includes "don't give the user root, and ask the user for their password before doing dangerous things" - four years before Linux distros started moving to a similar model.
Didn’t Microsoft pioneer the privilege escalation prompts in Vista in 2007? It was a joke at the time how little things would hijack the entire screen to allow seemingly mundane things. I didn’t ever use Vista personally or professionally, but macOS has become pretty bad with basically the same model.
IMHO, both are a mode of progressively penalizing developers as a mode of API obsoletion. It doesn't feel like the opportunity to fix a degradation of user experience really motivated app developers in either case.
The difference is Apple is much more likely to progressively make these legacy feature compatibility more difficult for users to configure over time, and to remove them eventually.
Microsoft's Secure Desktop feature is actually incredibly well designed, and provides strong protect against fraudulent prompts or prompt interception attacks.
It is the default (unless they changed it in the last 2 years or so). I know for a fact that my PC and Laptop don't ask for my password and I know for a fact that I reinstalled Windows on my laptop less than 2 years ago and changed nothing regarding the UAC prompt (the closest that is even remotely close is enabling sudo in the settings).
Yeah, they were. Virus writers were not targeting them as a platform because why develop for 10% marketshare when you can target 90% for free. It just wasn't worth it to target as a platform. So there was some level of protection due to lack of interest in distributed attacks, but the OS had very little protection against targeted attacks.
> Apple has led the pack in nearly every major OS security feature of the last 25 years.
What an absurd claim. Apple trails behind, it never leads in this space. Windows 7 had numerous protections that had become standards that Apple still lacked when Windows 10 came out.
Recently there was an Anki vulnerability that gave any website access to any local files. On Windows or Linux this would be deadly. On macOS, Anki can't access my desktop or documents or Chrome storage or password manager storage. I think Apple's been smart about which security features it prioritizes.
> That includes "don't give the user root, and ask the user for their password before doing dangerous things" - four years before Linux distros started moving to a similar model.
Linux distros have always required sudo for "dangerous" things. What distros made users root by default?
That's a really strange claim given AS was a refinement of a technology other manufacturers have yet to surpass in the ten years since the T1 chip came out.
To this day nobody else ties their SMC, biometric auth, and HSM together as tightly and well as the T1 did. AS was further advancement of that.
Furthermore, Apple protects users against the legal changes that have allowed law enforcement to physically force someone to provide biometric credentials. By default MS just provides biometric auth to make it easier to log in to your system.
iOS always had a strong focus on security but if you take the time period say 2005 - 2015 it did not seem like there was much investment in macOS security at Apple. I am talking about stuff like exploit mitigations and relatively low hanging LPEs. Features like (full) ASLR / SIP / kext controls were added well after competitors.
> I guess because Apple control the stack from silicon to userspace.
People always say this but there is no real relationship there. When hardware vendors add security technologies to the hardware, the major third party operating systems add support to use it pretty much immediately, and in many cases before the hardware even ships because the hardware vendor publishes the documentation ahead of time.
Try to name something where Apple was the first to support something (by a non-trivial amount of time) not because they were the first to add hardware support but because they released the combination of hardware and software in the time between when e.g. Intel or Qualcomm added hardware support and when Linux or Windows added software support to use it.
Anything can be turned into emotion-provoking content. That's circular. It's like saying: "viral things go viral, so if you assume no thumb on the scale, then there was no thumb on the scale". Occam's Razor can hide fallacies, there's no reason to assume that the simplest hypothesis is that there was no thumb on the scale. Arguably it's the opposite.
I'm not sure of your reasoning on "anything can be...".
Yes, I suppose, but without elaborating further that doesn't explain why you're taking it to be circular, because I could have given some other description of what trends & goes viral on TikTok and you still could have said "Anything can be can be turned into that."
If we take it in the more formal logic direction you're going though it's all very simple and straightforward, here's the p & q -> r of things:
Algorithms of this sort work a particular way in directing next-video selection towards options with some characteristics similar to what the user has engaged with before. I'll stipulate there are lots of ways that can be done, time horizons and methods of weighting different factors but that's the broad strokes. Take this as premise P.
There are certain things that trend more frequently than others and they share some common traits, it really doesn't even matter what those specific things are, we can take this as an axiom without it being controversial.
Therefore, if anti-democrat content is disproportionate to pro democrat or anti or pro GOP, it isn't automatically thumb-on-scale, it can simply be that anti-democratic content has more similarities to what typically trends than those others.
This isn't circular. It's trending content is similar, anti-democratic content trends more often, therefore anti-democratic content can simply have been more similar to other trending things.
You're correct of course about Occam, but then your bring up that aspect of things was merely expanding on what I explicitly stated in my original comment when I said it didn't mean TikTok didn't tip the scales, only that such a thing isn't the only possibility. In short, it was clearly not stated as an "IIF/if-and-only-if" argument.
Going on to your For "arguably the opposite" final statement:
I think that too needs more little explanation. As-is, it sounds as though you're saying essentially "the fact that simpler explanations can be wrong is potential evidence for deliberate interference". That's a line of thinking when, offered without expansion, steps somewhere just adjacent of conspiracy thinking of the "the evidence is in the lack of evidence", and I doubt that's your intent, but I'm not sure either where that's heading otherwise.
Yeah, the pain/reward ratio is against vibecoded replacements for mature tools. Piracy is cheaper than tokens.
But over the next 5 years I expect a growth in Blender-like open-source projects aiming to take on the big closed-source elephants. Code is cheaper now. The main downside of LLM coding, unmaintainable spaghetti code, can be mitigated effectively with discipline and coordination.
You still need maintainers to uphold contribution standards, but people will throw tokens at you. A small, disciplined team can go a long way, make a decent enough product, and then attract the institutional money (like Blender did) and hit that growth curve where everyone rallies you and you've won.
Lots of companies would have a vested interest in reducing these dependencies to Adobe et al., or have a more customizable product. Competitive professional tools, more like Blender and less like GIMP, but in other areas, like DAWs, CADs, and others.
So far, Google has been better than Apple at treating AI as a technology/feature and not just a product.
Staying on hold for you. Google Lens on that coat or bag. Warning you in the middle of a text convo with a stranger, if the conversation veers into typical scam patterns. Better text/email spam detection than Apple. Hanging up spoofed calls posing as your bank. Magic Cue. Magic Eraser. Better transcriptions and translations, in far more languages.
And who could forget, a good touchscreen keyboard. Those are real "AI as a feature". Not a better Siri.
The second half of your comment is a go-to-market concern but doesn't feel so relevant for a research prototype. It could be done with a private local model too, maybe not by Google.
But I don't think the voice problem is surmountable. I closed their image editing demo when I saw it required a mic.
It would be appealing as a Spotlight-like text pop-up interface where you type instructions, which would work in social/office environments, but that might only appeal to power users.
This will sound like another brick in the paved road to dystopia but I'm kinda bullish on equipment that can recognize subvocalization. Or at least let me have a small drawing tablet with a stylus (think etch-a-sketch or Wacom Intuos) because at this point I'd rather practice writing and do away with typing altogether (even though I enjoy typing for typing's sake via MonkeyType).
Yeah I think there could be something to the integration of AI in an operating system so that it can handle things going on in different applications the same way you can already copy and paste between things.
But if it's going to require phoning home to some Google/OpenAI/whoever then forget it. I don't want a constant connection to my OS from one of these companies.
> It seems that if we ultimately want to "move at the speed of thought," it will require speech.
Except for the large majority of people who read, type, and click way faster than they can talk. Especially for visual things it’s way faster to drag a rectangle than to describe what you want.
A lot of us also aren’t linear verbal thinkers. It would take minutes to hours to verbalize concepts we can grasp visually/schematically in seconds.
Most people speak at about 150 wpm, but very few can type that fast. But reading and gesturing are fast, which is what TFA is about, combining reading and gesturing with speech.
You rarely need 150wpm when typing. If you try dictation, you’ll notice that half those words are error correction and checksum bits and just turn taking filler.
I usually convey the same meaning with 80wpm typing. Makes it faster to read too
Maybe I’m just slightly adhd – listening to people talk drives my crazy. Get to the point! Much easier if they type it out
Isn't "drag the rectangle" and visual interaction exactly the point of the research in the article? Speech is the perfect side channel to this interaction, not a context switch to text.
Also, I doubt DeepMind is designing for existing programmers and savvy computer users. They are thinking about the other billions of people in the world. Speech is the skill people will already have, not typing.
I suppose the idea is that the AI is going to do the "editing" for you (with all the consequences for "thinking" that implies).
You don't have to think about the design of your app. You just say what you want and the AI makes it appear. If you don't like something, you tell the AI to change it. You iterate live until you get the final result you want.
This is what writing docs has become for me. I have the agent make a draft, then tell it which sections to rewrite, combine, etc. I tell it the ideas I forgot to include. I manually make certain word choice changes. The question is how do you extend this flow to non-pure-text scenarios. For most people, just talking about what you see if probably the easiest.
That's probably all the hardening the average person needs. BlockBlock because most malware tries to get persistence. Little Snitch or LuLu for fine-grained whitelisting of network requests for any apps that have plugins (e.g. you give Documents permissions to Obsidian, plugins inherit that, but they can't exfiltrate if you only allow requests to trusted domains).
reply