[jd20]

> The phone boots into an operating system known as “Switchboard,” which has a no-nonsense black background and is intended for testing different functionalities on the phone.

I think the article confuses the meaning of "dev-fused" hardware, with what OS is actually installed on the phone. When I used to work at Apple, I always understood "dev-fused" to mean a device on which you could install unsigned builds of iOS.

Internally, Apple puts out new builds of iOS daily. The engineers building features on top of iOS need to install these builds, to do their work. A normal iPhone from a store won't take these unsigned builds, hence the need for these dev-fused devices. There are regular builds like what a customer would get, debug builds with lots of logging and debugging checks enabled, and even bare-bones builds like switchboard, for employees who are not UI-disclosed or work in factories. As someone building higher-level iOS features, all my dev-fused devices just ran a normal looking iOS, unlike what the article describes.

> Two people showed Motherboard how to get root access on the phone we used; it was a trivial process that required using the login: “root” and a default password: “alpine.”

Oh boy, that sure brings back memories!

[saagarjha]

Specifically, developer-fused hardware allows for stuff like setting boot arguments and having them actually get passed to the kernel. Basically, it lets you get in the way of and modify the "chain of trust" that the bootloader → kernel → userland processes normally ensures.

[jd20]

Thanks for clarifying, I figured I was generalizing it a bit.

[saagarjha]

To be honest, I think the daily builds are signed by B&I as well, so you can install them on production hardware provided you have valid AppleConnect credentials (which I think just authorizes the install). You just won't be able to debug the kernel, etc.

[throwabayhay]

Not true, and just more complex in general.

EDIT: I just looked at some of your other comments. I think you mean well and have some impressive knowledge for someone not working on those things, but some of it is also guesswork about very complex details that even internal people can get wrong, so I think publicly claiming conjecture as if it were fact is more misleading than you mean it to be.

[saagarjha]

I'm mostly basing my comments on my knowledge of what the jailbreak community has made public so mistakes are likely me misremembering or not fully understanding something. Is there something in particular that I got wrong?

[therein]

Very impressive indeed. And the GP is right about many employees even getting these little details wrong. The answer is definitely a lot more complicated.

As far as I remember, the AppleConnect aspect of it is only if you want to connect to the corp NFS where they have the IPSW. And beyond that I think I was able to use PurpleRestore on production silicon by switching the device connected to the host at the right point in time and leaving my phone in a really odd state that had shocked everyone at the Apple store I brought it to. They were so confused that I had to explain to them where I work for them to calm down.

[therein]

Oh I had forgotten all about the codename disclosed, UI-disclosed, bin-disclosed, src-disclosed distinction.

"dis clos urec heck.co rp.a pple.com" is the most paranoid thing ever too. :)

[therein]

How about PurpleRestore? :)

I binge-read all of luna and the "other" internal wiki back in the day. :)

[liquid9]

I love doing this occasionally, its just really interesting seeing the internal tools.

Is there any videos/screenshots of PurpleRestore and similar tools? I've searched and can only find a single picture and descriptions.

[therein]

Same here, that's why I sometimes wish I had saved some screenshots for my own use or even for sharing but I have a feeling Apple would have hunted me down for it. That's probably why we don't see so many of them in the wild. Even in the orientation you'll hear stories about how seriously they take their ability to surprise and delight, with an emphasis on the surprise. :)

The best source I can find was this: https://www.theiphonewiki.com/wiki/Apple_Internal_Apps

With this fascinating discussion of Apple insiders talking about exactly the same apprehension imprinted in their minds: https://www.theiphonewiki.com/wiki/Talk:Apple_Internal_Apps

Here are some things I remember:

The "purple" series of tools are basically for managing dev-fused iPhones https://www.betaarchive.com/imageupload/2017-02/1487521492.o...

I also remember there being two internal wikis for development and having access to both. Maybe one is called luna and the other is just straight out called purple?

You get root on the device simply by authenticating as root with password alpine. Sometimes you'll get your hands on iDevices with weird specs like 3.75GB of RAM etc.

There is also AppleConnect which is Apple's internal single-sign on.

What I find fascinating the most is honestly how I am unable to find recent screenshots of these software. They are all screenshots of really old versions with outdated UI.

Apple must have a special way of taking these down or doing offensive-SEO and burying them in results because while I was able to find search results for "apple luna internal wiki", I am no longer able to.

[saagarjha]

PurpleRestore will refuse to work unless you have valid AppleConnect credentials, AFAIK.

[therein]

I loved PurpleRestore and never would have wanted to go back to the iTunes way of managing my device.

[saagarjha]

Alas, such is the life of those not blessed with Apple Internal tools…

[bearmcbearsly]

Do you work for Apple?

[saagarjha]

Nope.

[tinus_hn]

Why don’t they just sign them using a different key?