[aeadio]

The article is definitely light on details, but my reading is that this pertains to the orange dot painted in the menu bar or notification area when the camera/microphone is being rendered, not to any physical LEDs (which I believe iPads don't have for these components).

Since this is drawn on the screen, typically you might assume system-level malware that's able to get access to window server, compositor, etc would be able to prevent the dot from being drawn, or remove it after the fact.

It sounds as if what they're implying is that there is a dedicated function in a separate hardware chip, outside of the control of the primary application CPU, and not addressable by the system software at all, that paints the dot on the screen as an overlay after the image is rendered by the software display stack, but before it is presented to the OLED/LCD. That would make it very difficult or potentially impossible for even root/kernel-level malware to hide.

That would definitely be noteworthy. And it sounds like a very Apple thing to do -- based on some of the Asahi team's notes about their current hardware, they have an affinity for novel and intricate solutions at the hardware/platform level.

[saagarjha]

It’s not a separate chip but a bit of code isolated from the main OS.

[wahern]

Apple's Secure Enclave utilizes a separate processor isolated from the main processor(s): https://support.apple.com/guide/security/secure-enclave-sec5...

It runs it's own microkernel-based OS to isolate individual tasks/functions to mitigate the impact of one of those tasks having exploitable bugs.

[transpute]

  eNclave
  eXclave

[wahern]

I stand corrected.

The best info I've been able to find about the architecture is https://www.df-f.com/blog/ios17 Is there more info available, yet? Might this be related to Apple's recent sponsorship of seL4--https://sel4.systems/news/#member-apple?

[johnwalkr]

It sounds impressive. One could argue for a physical LED tied to the power of the internal camera and microphone. But if I understand correctly, this exclave/dot will be work on external monitors (so the LED is not hidden just because you use one) and probably works with external cameras and microphones (which don't normally have their own LEDs). At least, it probably works with "normal" external cameras and microphones that one uses for zoom, etc.

[1oooqooq]

that's a nice guess. i think it's still more of the same, which is more likely.

interfacing with the display behind/on top of the display driver? i doubt it.

in the end the real target are repair shops. the marketing team just run with anything that smells like use privacy because it sells like hot cakes

[baq]

The idea is kind of obvious, but the implementation sounds quite tricky. Kudos to Apple.