[cyberpunk]

Ah I really wanted this too but it seems like it's not available in the EU.

Does anyone understand why? Is it apple having a flap about recent DMA/Whatever regulations they don't like or is there an actual technical reason why what's probably a fancy version of VNC can't work without breaching European regulations?

[quitit]

They haven't given a detailed reason, but pundits who have paid more attention to the DMA suggest that it's because the feature does not allow 3rd parties to offer the same integration.

While the DMA's changes to the app store received the most publicity, the DMA mandates for modularity for any feature where a home-advantage could be granted by the gate keeper. Since features like AI and screen mirroring are already established markets with competitors, Apple offering these as built in functions could be interpreted as actions against the DMA unless they offer a way for others to tap into it via APIs.

However this is just a guess. There is a cynical rhetoric that it's to punish the EU but this is a pretty flimsy idea since it's clear that Apple is relying on these new features to propel upgrades to M series macs and new iPhones. Currently there exists no tentpole feature for people in the EU to upgrade. The other reason is that it's pretty tenuous to think that the EU masses will rise up against the EC because they don't have screen mirroring or image playground.

[deergomoo]

This is an interesting one because, to my knowledge, and unlike alternative App Stores etc on iOS, there’s surely nothing stopping an Android phone manufacturer from developing a Mac app to offer equivalent functionality?

I’m unsure whether the DMA compels them to provide specific APIs beyond the ability to connect to arbitrary devices and draw to the screen, and it’s maybe a little bit concerning if it does. My understanding was that nothing in the DMA specifically compelled Apple to create e.g. MarketplaceKit, it’s just that the alternative would be to open up iOS far more than Apple is willing to do.

[cyberpunk]

I can install a whole number of AppStore or opensource apps that allow me to access other machines graphically. I really don't see why accessing the GUI on an iPhone should be treated any differently than accessing the GUI on a terminal server or an android or linux box or something.. The argument doesn't really make sense to me..

[quitit]

While your guess is as good as mine. I can see that the screen sharing feature goes beyond what is currently possible with 3rd party mirroring tools, including apple's own earlier tools. For example right clicking brings up extensive contextual menus that aren't accessible in iOS, and I can see these also leverage the continuity features between the platforms.

[bri3d]

It's DMA. Certainly part of it is punitive, but it makes sense, too - building and especially supporting interoperability for these protocols is a burden that they can avoid by not shipping features to the EU. They're free to change the key exchange, APIs, wire format, etc. without having to deal with documentation, key issuance, etc. outside of their walls. And, being forced to open up Screen Mirroring would reduce its value as a moat, since someone would presumably be able to build an Android client quickly and with no reverse engineering work.

[cyberpunk]

So do I understand it correctly; the problem is not MacOS having a client app, the problem is iOS acting as the server with only apple approved client implementation?

I really don't see how it falls outside of the DMA.

[seec]

> And, being forced to open up Screen Mirroring would reduce its value as a moat, since someone would presumably be able to build an Android client quickly and with no reverse engineering work.

Which is everything wrong about current Apple. How far the Apple has fallen off the tree. Back in the resurgence of the Mac after Steve Jobs returned, the policy was to make everything as open as possible, now it's entirely the reverse.

If the iPhone/Mac were a competitive product as they are, there would be no need to retort to that sort of shenanigan, the whole thing would be openly documented but implementation quality would be the deciding factor. It is not surprising that Apple doesn't want to compete because they wouldn't necessarily win, before even talking about price.

In any case, while it's a nice feature to have, it can only be considered worthwhile because all of Apple's strategies for convergence have failed pretty hard (after mocking Microsoft) and there are now too many annoying things you need to do specifically on a smartphone (because of Apps, Auths, or other nonsense of the sort).

If anything, it is extremely dumb (considering the price and marketing around ecosystem) that you cannot just use whatever data is on the phone but with correct desktop app implementation even (and especially) for Apple first party app.

As a Mac user that is getting old (I remember System 7 from my youth, and I used System 9 for a bit) I feel extremely saddened that we are now celebrating what is basically a custom implementation of VNC/Remote Desktop for a completely locked device/OS. This feature was considered essential/basic 20 years ago, having to use it to access a limited device because a company can't figure out proper convergence, largely out of pure greed, is really not something to be happy about.

I'm sure one day they'll figure out how to make a Mac App to properly exploit all the health/sport data of their very expensive Watch products (that require an iPhone for no good reason). But when this day will come I probably won't be a customer anymore so whatever...

[Cockbrand]

> Back in the resurgence of the Mac after Steve Jobs returned, the policy was to make everything as open as possible

My perception is quite different. One of the first things Steve did after his return was to revoke the licenses for Mac clones (Power Computing, Daystar, UMAX, etc). Also, the iPod, iPhone and iPad were created under his leadership and have always been very far from open in their designs, regarding both hardware and software.

Apple was (and still is) very open when it helps them, e.g. by adopting and enforcing USB (original iMac) or USB C (laptops from ca 2015 on).

[threeseed]

> supporting interoperability for these protocols is a burden

Also an unprecedented and unacceptable privacy and security risk.

You would be allowing third parties the ability to continuously record your iPhone's screen. Which includes websites you browse, apps you open, health information, text messages etc.

And the Mac is so much open that you could do this, have a local model to transcribe it and ship it to a remote server without the user noticing.

There isn't a government or advertising company on this planet that wouldn't want to get at this information.

[amluto]

> Also an unprecedented and unacceptable privacy and security risk.

> You would be allowing third parties the ability to continuously record your iPhone's screen. Which includes websites you browse, apps you open, health information, text messages etc.

> And the Mac is so much open that you could do this, have a local model to transcribe it and ship it to a remote server without the user noticing.

MacOS is not secure in the way you would like to think it's secure. This is already risk. And Apple really could do this right: make screen mirroring use the DRM playback paths, and open up the API to trigger it to competitors (who would get precisely the same DRM-playback-pathed result of a screen mirror showing up in a window from which they cannot read). I don't really know why a competitor would want to compete here, but they could.

[threeseed]

Most people interact with apps like Health on their phone not their Mac.

And there are also many third party apps that never made Mac versions.

So the amount of data we are talking about exposing is significantly higher.

And the issue is that the DMA is ambiguous about what competition and interoperability specifically means and so it would just take one company to complain about your solution for Apple to be fined 10% of global revenue.

[Nextgrid]

Many people log into their Mac using the same credentials (Apple ID) that give access to the Health data, and in fact Apple makes it really hard or even impossible to use it without (you can't selectively grant access, you need to use a separate Apple ID but then you lose some useful features such as universal clipboard, etc).

This is again a misinformed take. Your Mac can already get all your iPhone's data from the cloud where it is synced without viable opt-out or compartmentalization.

[threeseed]

> Your Mac can already get all your iPhone's data from the cloud

Only if the data is available in iCloud and it is stored in files and it is not encrypted.

Otherwise data from apps like Instagram will be exposed exclusively via screen sharing.

[the_mitsuhiko]

> Also an unprecedented and unacceptable privacy and security risk.

Put a prompt up that asks for permission? Failing to understand why we're drawing the line on the screen.

[seszett]

If it's so sensitive and dangerous, how do you explain that scrcpy has been available for years under Android?

Are governments recording the screens of Android users?

[elzbardico]

Assume it is trivial for the government to do so if they want.

[wpm]

>You would be allowing third parties the ability to continuously record your iPhone's screen

Apple is first-party to the device, but third-party to me, the user. Why are they more trustworthy than a free open-source tool? Who the hell are they to tell me who I can and cannot trust?

[Nextgrid]

It is sad to see such a misinformed take on a technical forum. You can already do everything you want. It will take some reverse-engineering work, but it's possible.

Similar things were said about iMessage interoperability with Android, until Beeper proved them wrong. They managed to reverse-engineer it, build a compatible client and clearly proved Apple's claims were BS (and no, this didn't lead to a mass-scale compromise of iMessage, contradicting fanboys' claims).

If the feature allows to pull up the iPhone's screen without any user consent, then it is vulnerable to begin with - the reverse-engineering requirement would become an insignificant hurdle compared to the value of such a vulnerability. Presumably however, there will be a consent step, either on the spot or prior (maybe it can reuse the cryptographic pairing mechanism that happens when the phone asks you to "trust this computer?" the first time), and no third-party (whether using an approved API or reverse-engineered) would be able to bypass it without the user intentionally consenting.

[threeseed]

> the reverse-engineering requirement would become an insignificant hurdle compared to the value of such a vulnerability

The idea that breaking device attestation that is secured through Secure Enclave hardware i.e. not accessible from user code is an insignificant hurdle is hilariously ridiculous. It is borderline impossible for any ordinary developer.

And people that bring up the "just ask the user" argument clearly don't remember how poorly that has worked in the past e.g. Microsoft Vista. Users will blindly approve any dialog which is why Apple has been so careful to limit them to targeted actions which a "do you approve this app to record everything on your iPhone" is not.

[Nextgrid]

You're approaching this from the idea that the impenetrability by third-parties is the primary security feature.

If this is true, then my worry isn't even about malicious attackers, it's my neighbor (with a real Mac) being able to (accidentally!) eavesdrop on my phone screen (since according to you this is the primary security measure).

It's obviously ridiculous, and the primary security measure is that there must be a prior key exchange and consent step. If that part is secure, then it would be secure against a third-party.

If that part is not secure, then no Secure Enclave-ing will help you, because worst case scenario, the attacker can just use a real Mac as part of his attack to pass the secure-enclave-protected authentication step, or just exploit the good old "analog hole" by using the real Mac as the main attack vector (and then just capture its HDMI output and feed in inputs via a USB-capable microcontroller simulating a keyboard).

[latexr]

> It is sad to see such a misinformed take on a technical forum.

If you’re going to make such a claim, you should be very careful to ensure you’re not misinformed yourself.

> Similar things were said about iMessage interoperability with Android, until Beeper proved them wrong.

No, they did not. We already knew Apple not allowing iMessage on Android was a lock-in choice. The trial with Epic brought that unambiguously to light, years before the release of Beeper Mini¹.

https://www.theverge.com/2021/4/9/22375128/apple-imessage-an...

https://www.theverge.com/2021/4/27/22406303/imessage-android...

> They managed to reverse-engineer it, build a compatible client and clearly proved Apple's claims were BS

What claims? The only time I remember Apple publicly addressing iMessage on Android was after cutting off Beeper Mini’s access.

¹ Which is an important distinction from the earlier Beeper, which used trickery with iPhones to accomplish the task.

[isodev]

Apple doesn’t say. I also think a Remote Desktop with fancy branding shouldn’t be hard to release safely and even allow 3rd party integrations.

[bri3d]

They've made a statement, however weak: https://archive.is/Rl7Ue

“Due to the regulatory uncertainties brought about by the Digital Markets Act, we do not believe that we will be able to roll out three of these [new] features — iPhone Mirroring, SharePlay Screen Sharing enhancements and Apple Intelligence — to our EU users this year.”

[seec]

Considering the pricing in the EU it was already hard to consider the effort to value worthwhile but now we are officially getting a substandard product.

Before there were many stuffs like Apple News never making it but at least there was some pretense of working on it.

Since EU people are getting a less featureful product, they should get products priced accordingly.

Otherwise, Apple should just fuck off EU if it doesn't want to play ball, they started the whole thing by being consumer hostile and the greediest corporation ever, they make Microsoft look like the good guys.

[addandsubtract]

This year

I've been waiting a year for the summarize AI to (not) make it to my Google Pixel 8 Pro. It should be known that everyone outside of the US get a different product than what is advertised online and reviewed on YouTube.

[isodev]

lol at “uncertainty”. It’s perfectly clear what they need to do (or not do). Oh well.

[threeseed]

If it's so clear then tell us what they need to do.

Because the DMA was designed not to be specific about what companies are required to do to be in compliance.

[makeitdouble]

Ignoring for a minute that Apple has back channel access to the EU regulators, they just need to play the same game as for their AppStore:

Release their implementation following the guidelines, and see if it passes review, fix and resubmit as needed until it's accepted.

[Nextgrid]

Publish the protocol docs. That's literally all that's required from them. Actually they don't even need to - they can just promise not to sue anyone who reverse-engineers it and publishes a commercial client.

That's how adversarial interoperability worked for decades (and gave free software the ability to interoperate with proprietary formats, see LibreOffice for example) before abusing the DMCA and/or threatening legal action to take down compatible implementations became common practice. I do not recall of any security breaches as a result of this.

Apple are however not going to do that, because doing so would overnight destroy their moat around Universal Clipboard and all their existing interoperability features. So instead they make up some bullshit that non-technical governments and courts will take years to disprove, buying them more time to operate anti-competitively.

It is however sad to see a member of a technical forum gobble up said bullshit.

[threeseed]

Can you articulate where in the DMA where it says that all Apple has to do "is promise not to sue anyone" to be in compliance. Or where it talks about protocol publication.

Hint: it doesn't.

[kaba0]

Then I guess you know better than all the hundreds of lawyers actively working out the issues on both Apple and EU sides..

[isodev]

I know that Apple wants their cake and eat it too, looking for ways to wiggle out of this while still dodging their responsibilities. This is why they need years and a small army of lawyers.

[jwells89]

Only speculation, but it might be to try to avoid having to support mirroring for Android devices too.

[samatman]

Pretty simple really. The EU can't fine Apple for not doing business in EU countries, including not rolling out a feature. But if they do roll out a feature, EU has decided it can fine them 20% of global revenue if it isn't just how the EU wants it to be.

Not doing so only costs Apple whatever marginal business they expect to lose in EU for not offering this or that feature. So I'd expect more of this going forward.

[Nextgrid]

It's only a matter of time before the EU gets wise to this - this move is simply to delay the inevitable and buy themselves some more time to act anticompetitively. When they feel like the EU is closer to disproving their argument (because there is no technical reason this can't be opened to third-parties in a secure way), they will suddenly announce that they have found some magic and miraculous way to do it and release the feature, bringing them back into compliance.

[samatman]

> It's only a matter of time before the EU gets wise to this

"gets wise to this" how, exactly? The EU can certainly set conditions which Apple must meet to ship a feature. They have no legal grounds whatsoever to demand that Apple ship that feature to Europe, specially modified to meet their exacting requirements.

How would that even work? One way to comply with the EU's demands that a product work a certain way, is to not sell that product in the EU. Is your stance that EU has a right to force companies to sell their wares in the EU?

[Nextgrid]

Gets wise that this is blatant malicious compliance, and use this to inform potential enforcement action and/or revisions to the regulation.

It could very well become that after enough of this, DMA 2.0 would have a provision stipulating that any feature withheld in the EU would need to have a valid technical justification that passes review by a panel of independent experts.

[seec]

Yep, I hope they work on something like that. Maybe we could get a chance for another competitive OS in the EU.

Sometimes I wish they tax the hell out of those US behemoth in a way that would open space for EU companies to become competitive. The network effects are too big when it comes to IT, it's not very wise to let the US be the sole beneficiary of such an industry.