This blog post is mostly a response to a video my friend Arnoldo posted, which poses the question of whether Tim Cook and/or Johnny Ives should be fired from Apple, given the direction they’ve been taking as of late. Youtube doesn’t allow comments of this length, so luckily I have a blog where I can say as much as I want. Since this is largely a response to their video, I’ll assume it’s been watched.
What seemed to have been the catalyst for this thought exercise was the 2016 Macbook Pro – there is no shortage of criticism for it, no matter how interesting the touch bar might be. Arnoldo is willing to overlook the USB-C ports, but I’m not, and the reasoning is simple: my objection isn’t the existence of USB-C, it’s the exclusivity. What would have made a lot more sense would have been to have two standard USB ports and two USB-C ports. This handles a transition period far better than the current setup and poises itself as a transition device that accommodates existing peripherals – including the iPhone – far better than the current requirements. Yes, I am looking forward to USB-C becoming a common standard over the next several years, even if that means I’ll need adapters in the other direction…but without peripherals that leverage the port, it comes across as arrogance far more than forward thinking. Furthermore, I think it was Dane who cited the usage of USB-C in the most recent crop of Chromebooks. I think Chromebooks fill the netbook niche pretty well and are great for people who can do most of their work in The Cloud™, but comparing the functionality of a product line whose core use case is a web browser and generally costs $300 or less with a product line whose base model is $1,800 and intended for professional users is a bit disingenuous.
Arnoldo’s main objection was the integrated storage. I can’t disagree with him, but then again, my last four laptops (including my current one) have all had at least two hard disks, a configuration that was only possible on Apple machines through the use of aftermarket solutions, and only on machines that shipped with an optical drive. I too object to this, but to me, the writing has been on the wall for years in this respect. Last year, I upgraded a client’s 128GB SSD in their 2013 Macbook Air to a 256GB model. Why did I upgrade to 256 instead of 512, and why did I spend over $300 for it? Because that was the only option available. For years, Macbooks have used a connector that was different than the rest of the industry. It’s not proprietary per se, but the tech industry has had mSATA for years, and more recently NGFF, both of which have plenty of bandwidth and would have afforded all the I/O throughput necessary for blazing fast performance. Given that Apple hasn’t gotten much grief for a pseudoproprietary connector, and that soldered-in RAM was first introduced in the 2012 Retina Macbook without massive blowback, it doesn’t seem all that surprising that the storage would end up a part of the logic board.
On a springboard from this, I would disagree with Kevin’s assessment regarding the Secure Enclave being the reason for the storage being soldered on, for a number of reasons. First, Apple would have had to redesign anyway from a purely physical standpoint – they’re not using iPhone storage in their Macbooks. Additionally, Intel and (to a lesser extent) Samsung both have hardware-based encryption in their SSDs. If it is a secure enclave thing, I submit that integrating such a technology into a removable drive is entirely possible as other OEMs are already doing it. Furthermore, the San Bernadino iPhone case had nothing to do with a secure enclave, since the iPhone 5C did not possess one. The case precedent set there was that, although Apple was capable of writing and signing a firmware update that would allow the FBI to try to unlock the phone 10,000 times, Apple could not be legally compelled to write the software to do it. The reason Apple did not write that firmware was philosophical, not technological.
The topic of processing was also discussed at length. I’ll agree with Kevin on this one – if Apple is going to continue making “thin” a core selling point, CPUs are pretty close to their limits due to power and cooling. On a similar note, that would have been my answer with respect to the AMD question. Yes, my laptop is a Wintel/nVidia model, and my VMWare box is as well…but my FreeNAS and my router are both AMD-based, because the Sempron 145 can handle both of those adequately in 35 watts with $30 chips, and a four-year-old Phenom X4 that uses 65W is still plenty powerful for a media workstation at a church where I have a desk. AMD is also pretty good at being more power-efficient in their GPUs, especially in the fanless segment. Perhaps there was some cost-based leverage involved, but even Steve Jobs spent time expressing the importance of performance per watt. I still rock an i7 in my laptop, and to be honest, AMD isn’t all that great at the high end. The low end, and the power conscious end, however, is AMDs house. MacBooks have never been about having amazing specs. I respect the ingenuity used here to get Crysis running on a Macbook, but I would love to see Johnny Ives react to the use of an external GPU like that. I know about a dozen Macbook Airs are needed to match the weight of my 2011 Origin PC EON17 (thus separating their target demographics), but 21fps at 1280×800 with the ‘medium’ system spec and 2xAA is a joke compared to the 95fps I got on my current EON17x with those settings. With everything set to ‘maximum’ at 1920×1080 got me 31fps, going down pretty close to that 21fps region in some particularly complex areas with fog and shading. In my defense though, The GTX965M was the lowest end GPU the laptop came with when I bought it. Perhaps I’m due for an upgrade. I’m interested in any Crysis 3 benchmarks for the 2016 Macbook, so if there are any around, let me know.
Let’s talk about Apple’s support cycle for a moment, because I can both appreciate it and hate it at the same time. Apple provides excellent support and is still surprisingly liberal with their policy of handing over new Macbooks during Applecare. They’re also pretty good about allowing OSX updates to be compatible with older models. However, once you’re EOL, you’re SOL. If a computer isn’t supported, there’s not even a “best effort” attempt to get it working – the system simply will refuse to install. In comparison, a few enterprising PC enthusiasts managed to run Windows XP on an 8MHz processor. It is certainly not something anyone would ever wish to do for any other reason than “because you can”, but they could – and they did. Even Windows 10 runs on 12-year-old hardware. It’s probably nothing I would wish upon anyone I even remotely cared about, but it does show a fundamental difference between the two systems. On a tangentially related note, the forced Windows 10 installs were something I was not happy Microsoft was doing, but when there’s a new iOS update, my iPhone asks me multiple times daily to install it. Sure, it won’t actually install without permission, but the fact that it’s impossible to tell the iPhone to wait until I manually perform the update is the kind of behavior that is only one step above the forced installs and is by no means an example for anyone to follow.
I’ve considered attempting the Hackint0sh route on my EON17x as a proof of concept – My EON17x does have UEFI, which my old unit does not. However, this raises its own set of questions. First, how does this jive with the thought that the Macbooks will end up on ARM in the next few iterations? With a different instruction set, it’s only a matter of time before the hackint0sh community is going to be stuck developing some sort of abstraction layer yet again. Even if not, Apple is not new to the cat-and-mouse game – jailbreaking is almost as old as the iPhone itself, the hackint0sh dates back pretty far, and even Bootcamp was predated by a few enterprising individuals. However, I would argue that Apple cares more now than they used to in the past. Apple is no stranger to DRM, and while Psystar may not have gone about things the right way, Apple isn’t afraid of the courtroom, either. However, I would again argue that Arnoldo, Kevin, Dane, and myself are not Apple’s target demographic anymore. If Apple sold a copy of OSX that could run on basically anything with the rules of “never, ever ask us for support”, we’d all probably buy it and install it on whatever non-Apple hardware we prefer. However, what Apple sells, and what most people like Apple for, is the experience. No calling India for support, no finger pointing between vendors, just a seamless transition from “the thing is broken” to “the thing is fixed”, in a visually appealing and simple to use form factor that is generally less prone to viruses and malware. I don’t think the hackint0sh fits that bill. Even if Dell or Razer or Origin or Samsung made a laptop that had language like, “run any OS you want….really, any BSD-based OS…Ten different OSes and more…we’re compatible with all the OSes, even if it isn’t Windows or Linux…run whatever OS you want while climbing El Capitan, you maverick, you lion, you snow leopard, you!” in their marketing material, it would be the polar opposite of the Apple experience – Samsung isn’t going to actually give support for OSX, and Apple sure isn’t, either. I’m fine with that, Arnoldo seems to be fine with that, but I don’t see it growing beyond its current size, not the least of which because ISO downloads are still the foray of the shady side of the internet. Moreover, the fact that the ability to disable Secure Boot is now purely at the discretion of the OEM puts the rise of the hackint0sh in even greater jeopardy.
I’ll close by answering the question of whether Tim or Johnny (or both) should be fired. I don’t think either of them should. I’ll give them some benefit of the doubt that Steve was not only a one-in-a-billion, but also had good timing and market sense. The Diamond Rio was relatively popular before the iPod took it to school due to the excellent iTunes integration and simpler interface. The Blackberry Curve had basically every feature of the first-gen iPhone and then some, but Steve knew that the user experience outweighed the spec sheet, and a phone with half the features but flawless execution would compete well. The market as a whole is looking for the next blockbuster product, and I question whether even Steve Jobs would have been able to envision and release another game changing product since the iPad simply due to market forces and the state of consumer electronics. I fault neither Tim nor Johnny for this reality.
I do, however, think they need some more courage. Not their definition of courage, mine. The courage to do exactly what Dane said, and release a Macbook that’s an inch thick and can fit four M.2 SSDs, is 5 pounds, and gets 3-5 hours of battery life because its midrange i7 and Geforce 1060 can finally put the Macbook on the map. They need the courage to ask whether it’s possible to have a shelf that showcases both “the best Facebook machine money can buy” and “a laptop that can render graphics from Motion in a sane amount of time” side by side. The courage to stop sidelining their professional users and prove that they can cater to the graphic designers and musicians as well as the college kids and soccer moms. The courage to tell the shareholders that Apple cannot – and should not – be expecting to keep exponentially growing forever. Tim should have the courage to tell Johnny that he wants a Macbook that can render a given Motion project in half the time of the present Macbook, regardless of how thick it is. Johnny should have the courage to attempt a dual-processor Macbook that can run iOS apps natively and tell Tim that it’d be a perfect way to pitch the magic of a dual-screen Macbook.
Now, for me personally, I’m in the Origin PC niche, and will remain there for the foreseeable future. My laptops may be heavy, they may be expensive, but my laptop presently has 3.5TB of storage space (room for 8TB), 16GB of RAM (room for 64) and a GeForce 965M (room for a pair of 1070s), and I get support that even Apple must rival. OSX is a great system that I do like using when I have to work on a Mac, and when Tim and Johnny have the courage to build a behemoth like mine I’ll definitely take a long, hard look at it. Until then, I’ll let them both get incredibly rich off their present offerings, keep my work iPhone close at hand, and revel in the performance I get from a laptop that has never kept me waiting for anything.
Edit: Performed benchmarks in Crysis 3 and reflected observed numbers in the graphics comparison.
[* Shield plugin marked this comment as “0”. Reason: Human SPAM filter found “_sys” in “comment_content” *]
First I want to complement your article. It’s a great discussion of what we talked about in the video.
I agree that Tim Cook and Jony Ive shouldn’t be fired. I hope this is a wake up call about the Mac though. If they put the amount of engineering effort into new Mac products as they do iOS, we’d be in much better shape. They need someone dedicated to the Pro Macs. Jony Ive seems obsessed with the iOS devices and tiny laptops. They need someone that is going to stand up for power. We need a Tim Taylor laptop from Apple. Apple needs the courage you described.
I think we’re going to see more custom ARM processors in the Mac, bringing us closer to seeing iOS and macOS side by side like you described. The touch bar is actually powered by a custom T1 ARM, similar to the S1 chip in the Apple Watch. Apple has been designing all the CPUs in the iDevice lineup for quite a while now. I don’t think the main processor will be off x86 anytime soon, but I think we’re going to see custom processors doing a lot more on the mac.
There is also a lot of shared software between all Apple operating systems: macOS, iOS, watchOS, and tvOS. The TouchBar also runs a variant of this OS. The Darwin kernel is the same. The code libraries for things like notification center widgets, notifications, app stores, and more are shared across all platforms. Even my custom library for work can run on any Apple OS. With shared code libraries, there is no reason they can’t start using an os that can run multiple architectures simultaneously side by side. Run the ARM code on the ARM processor, the x86 code on the x86 processor. I’m not saying Apple will do that, but it’s absolutely possible. They’ve already proved that with the TouchBar. This may also be a driver for Swift. Hard to say with Apple.
One of the most important technologies that Apple shared with the Mac is TouchID. The secure enclave is a tightly integrated part of iOS. It’s instrumental in access to all protected files on the file system. You can read more about it here: http://www.apple.com/business/docs/iOS_Security_Guide.pdf
The unique thing about the secure enclave is that the encryption keys cannot be read. There are traces on the chip to CREATE a key, but not to READ it back. That key is generated with a hardware UID that is unchangeable and unknown to Apple. That UID creates the key. The only way to recover the key is an electron microscope. That hardware key is then used in the calculation of all the encryption keys for the device. If you change it, all the data on the device is lost. The SE also enforces password attempts, getting slower and slower each time. If the “delete after x attempts” option is enabled, you’re pretty safe. You can actually use the SecureEnclave in your apps to encrypt things that must be secured by touchID (https://blog.trailofbits.com/2016/06/28/start-using-the-secure-enclave-crypto-api/).
I don’t think Apple is using any of the technologies developed by Samsung or Intel. They are using a custom solution on both platforms. Apple is working on a new file system called “Apple File System” (https://en.wikipedia.org/wiki/Apple_File_System) to replace the aging HFS+ file system. It was introduced this year at WWDC. Encryption on macOS with FileVault is not as robust as on iOS. Right now, on macOS, they are using a custom full disk encrpytion scheme in file vault. On iOS every file on the iOS system is encrypted individually using a “Data Protection Class” (iOS Security Guide, 12). The hardware key from the secure enclave is used in multiple portions of the encryption process for each file (iOS Security Guide, 11). The keys are also required to access file metadata. While written in a layer on top of HFS+, the new Apple file system implements this natively as part of the system. When this becomes finallized, both macOS and iOS devices will use the new file system. I expect future iterations of macOS to tie the encryption used by AFS to secure enclave hardware.
AFS and security is part of why I think they have soldered in the hard drive. With SE and touchID, it becomes much more difficult to crack into a Mac. It makes imaging the device for forensic attacks much more difficult. Once you manage to image it, you’re decryption efforts are still tied to the SE, enforcing its rules. Once you’re into the device, you have to break through multiple levels of security to decrypt *each file* (as opposed to the one key breaks all approach of FV2). When the change to AFS occurs, the only way to access the contents of the file system will be through Apple, and only if you have the correct keys. This could, in theory, make it as hard to decrypt a Mac as it is to decrypt and iPhone. I really think we’ll see these features in the next version of macOS. It also allows Apple to further merge the code required to interact with encryption hardware. Now improvements to one OS benefit the other. This allows them to move forward the encryption tech across the board much more quickly.
I honestly think the 2016 MBP was an incomplete product. People were clamoring for an update and there was a whole lot to give them based on their current hardware choices. They’re limited by Intel and chipset support for LPDDR4. Intel processors with LPDDR4 support suitable for the MBP won’t be available until Q1 2018. I think Apple may be working with Nvidia again as well. The Pascal chips from Nvidia took everyone by storm. I don’t think Apple expected there to be such a performance gap.
There are some interesting things coming on the horizon as technology gets shared between the two platforms. I’m pretty excited.