zimmie

The wild part is eliminating Section 230 would ultimately just consolidate power into the hands of already-rich media companies. All the conclusions you can reach via Section 230 can also be reached via the First Amendment, but it will take vastly more money and time to get there. Small sites like this one would have to shut down anything which accepts arbitrary input from users, while sites like Facebook could keep operating while they spend years and millions of dollars on the court case. Then after all that, Facebook would win (after all, they're not a government, so they have freedom of speech, and choosing what you want to publish and what you want to remove is speech), and the smaller sites would have been crushed, so Facebook wins again!

dewme said:

elijahg said:

I wonder if this is intentional so Apple can keep telling its users their data is encrypted, which it is, but then also able to turn a blind eye to the hacks the law enforcement uses to dump the phone's contents. That way they don't get forced to put in an explicit backdoor, because there is a workaround. Either that, or Apple has been secretly forced to allow access and these encryption workarounds give the illusion of privacy and non-compliance with law enforcement bigwigs and yet they actually are bending, with this being the best way they've got to keep the agreement secret.

I think you are actually pointing in the right direction. Apple isn't stupid, and to believe that they are somehow being repeatedly "duped" by US and Israeli security experts despite their proclamations of providing "total security and privacy" for their customers is a little bit more than a stretch or the ultimate "oops." There is probably a game of Chicken going on between Apple and government agencies like the NSA. Apple knows that it could lock down their stuff in ways that would make life miserable for the NSA. At the same time Apple also knows if they actually did this all pretense of civility and private industry operating independently and without the heavy hand of government slapping them down would vanish. No matter how you want to spin this, there is no way that Apple (or any other private company) would come out as the "winner" in this struggle. The winners and losers in such a conflict are predetermined, so we'll all get to to witness these little theatrical performances for as long as it takes to avoid or at least delay the inevitable outcome. 

The contents of messages actually have very limited intelligence value. The NSA and FBI mostly care about communication metadata - specifically, the sender and recipient of messages. TOR is the closest you can get to concealing endpoint data, and breaking that anonymization only takes controlling about 30% of the nodes in the TOR network. It fundamentally isn't possible for Apple to make the FBI's or NSA's lives significantly harder.

About 95% of the FBI's claimed outrage about device encryption is performative. They are attempting to portray themselves as the good guys to win sympathy from the general public and distract from the creepy things they actually care about. The value of an unlocked phone is mostly that it can be used to correlate the message endpoints which belong to one person.

Some data stored locally on the device can be useful in certain criminal proceedings (like access to the photos can prove possession of CSAM). Individuals' crimes only rarely catch the attention of the FBI and NSA. They mostly care about groups: terrorist cells, people distributing CSAM, that sort of thing. The photos, notes, messages, and so on stored on a phone are far less useful for that than the communication metadata.

50k processors per month on a bleeding-edge fab tech might be enough for the Mac Pro. Definitely not enough for anything more mainstream.

As an aside, TSMC uses wafers 300mm in diameter in most of its fab processes. That's 70,685mm^2. The A14 is 88mm^2. You lose about 6% of the area of a wafer to the edges and unmasked regions for handling. That means very roughly 750 A14 processors per wafer (before you lose some to flaws). 50k processors per month at that density would be about two wafers per day. That's believable preview volume for a bleeding-edge fab process while the fab works on scaling it out effectively.

abracadabra said:

And Docker is what exactly? A whale tracking software?

To actually answer the question asked, Docker is really a couple of things. Primarily, it's a tool for packaging software meant to run on a server. The idea is to bundle the application itself together with all of the other software it depends on (like a specific version of OpenSSL) so that in this one bundle, you have everything needed to run the software with only minimal requirements from the OS it's on. When you go to deploy the software, a bundle like this makes the deployment perfectly reproducible. You don't have to deal with making sure the server has anything else already installed. The bundle just includes the correct version of all of your dependencies right there.

To a lesser extent, it is also a "container runtime" which takes the bundles produced by the first part and lets you actually run them. There's no real installation of the bundle, you just tell it to run. This part has limitations, because it runs mostly on Linux, which doesn't have a real concept of containers. On Linux, it uses a combination of namespaces and cgroups to provide a semi-private environment for the bundle to run in, but there's little to no isolation between multiple bundles running on the same system. If they want to mess with each other, they generally are able to. The runtime on Windows uses Hyper-V containers or Hyper-V hardware VMs, both of which separate things much more strictly. Given the talk about Apple's hypervisor framework, I expect the macOS runtime basically builds whole hardware VMs.

The Docker runtime is mostly important so developers can test the bundles they build.

blastdoor said:

zimmie said:. 

There’s nothing special about the memory being on-package.

I wonder if that’s totally true....

anandtech’s review seems to show no advantage in terms of latency or bandwidth relative to other PCs (unless I’ve misinterpreted). So that seems to support your statement.

But might there be an advantage in terms of watts?

Right now, the on-package RAM is "normal" LPDDR4X. This is slightly exotic in that it only saves a relatively small amount of power compared to normal DDR4 or LPDDR4, and most vendors only care about that level of power draw reduction in phones. The current 13" MacBook Pro with 4TB3 uses it with off-package chips, though. On-package LPDDR4X has maybe a few microwatts less power draw due to the shorter traces compared to off-package, but that should be it.

On-package RAM can use stricter timing, but LPDDR4X isn't enough to need that. HBM and HBM2 do need it, and I'm very slightly disappointed Apple didn't go with that for their on-package RAM.

I think the choice to go with on-package was related more to the physical package technology they're using. Specifically, the M1 is physically a lot like the A12X and A12Z. I bet the M1 has almost exactly the same number of pins as the A12X. I think they wanted to go low-effort with the M1 and just use the same packaging technology they already used. That lets them prove out the core designs (not just CPU and GPU, but Thunderbolt, and so on) while TSMC works on the larger packaging needed for off-package RAM.