Well XNU has always been 'open-source' [1] for some time on Intel machines but its just that ARM support remained closed (until 2017) which is why the darwin-on-arm [2] project existed. But I'm assuming that the OP means that the ARM64 code was recently open-sourced in the XNU sources[3] making a possible open-source ARM port much simpler. I still find it quite interesting to see some regained attempts in emulating iOS; with Corellium being the furthest at doing this.
In a way, it seems strange nobody made a full-blown iPhone/iPad iOS emulator yet. Not a simulator like the one Apple makes, but an emulator like for game systems. I would guess the amount of information available about iPhone hardware and software would make it much easier to emulate than e.g. a gamecube, Wii, PS3, etc, especially for older models. Such an emulator could obviously be used for piracy, but could also be an intersting tool for a homebrew scene (custom firmware, developing iOS apps on Linux & Windows, etc.
Is there a practical reason why this would be hard or impossible? Or is it just for fear of Apple's lawyers?
Yeah it is because the CPU and GPU are customized for Apple. You'd have to recreate them (which probably would require a F500 company like Amazon or Google) or write a translation layer similar to WINE (which would need a couple dozen expert coders). Not worth the effort for knockoff phones.
You can buy them at "the market" in Shenzen. You can even put in original Apple logic board and run iOS - and have crazy things like double storage, memory cards, 3.5mm output, etc. You have to build it from parts though, no one is selling a complete product AFAIK.
Afaik, those are not really knockoff as in a Gameboy replica. They're still using the proprietary Apple mainboard and all for the most part. What they did to double the storage was to desolder and solder back in a different storage with different capacity with the image from the original storage cloned onto, a process which kinda costly amd very risky as the components aren't designed to be plug and play like desktop components
There are stores selling knock-off easy to manufacture parts like body, some basic electronic components etc, and yes, as I said, the logic board itself needs to be original.
I would be fiercely interested in any more details around this. I'm sure many of us have seen Scotty from Strange Parts doing his headphone socket project, and the franken-phone built from spare parts, but it sounds like you're suggesting something even more than that.
Sorry, that's personal anecdote, not something I got from youtube or articles that could be cited. See my other reply: I'm not really suggesting anything more than what you can see on Youtube, just that knock-off iPhone parts that are easy to manufacture (body, battery electronics etc) exist - not the logic board though.
They still can't run iOS apps from the App Store. They are encrypted when downloaded and only decrypted at runtime. Decrypted apps can be offloaded from a jailbroken phone and then re-uploaded to a pirate store though.
It seems Corellium (linked to from the blogpost) has done that. That said, it seems they only run iPhone 6, et al., which was jailbroken (untethered), so it's significantly easier to emulate than trying to run the only unencrypted file (kernel cache) targeting an undocumented CPU with Qemu of an iOS beta that was released a few days ago.
>..but XNU is now open source.
Well XNU has always been 'open-source' [1] for some time on Intel machines but its just that ARM support remained closed (until 2017) which is why the darwin-on-arm [2] project existed. But I'm assuming that the OP means that the ARM64 code was recently open-sourced in the XNU sources[3] making a possible open-source ARM port much simpler. I still find it quite interesting to see some regained attempts in emulating iOS; with Corellium being the furthest at doing this.
[1] (https://opensource.apple.com)
[2] (https://github.com/darwin-on-arm/xnu)
[3] (https://github.com/apple/darwin-xnu/search?p=5&q=ARM64&unsco...)
In a way, it seems strange nobody made a full-blown iPhone/iPad iOS emulator yet. Not a simulator like the one Apple makes, but an emulator like for game systems. I would guess the amount of information available about iPhone hardware and software would make it much easier to emulate than e.g. a gamecube, Wii, PS3, etc, especially for older models. Such an emulator could obviously be used for piracy, but could also be an intersting tool for a homebrew scene (custom firmware, developing iOS apps on Linux & Windows, etc.
Is there a practical reason why this would be hard or impossible? Or is it just for fear of Apple's lawyers?
It seems strange to me that there are no Chinese OEMs selling mobiles with iOS. I mean, I understand it's hard, but is it THAT hard?
You would probably need to hack the OS to disable updates etc to prevent Apple from remotely bricking your device.
Wrapping it with a firewall would be the easy part.
That's be the easiest part. You can just grep the binary for apple domains and replace them with your own.
Yeah it is because the CPU and GPU are customized for Apple. You'd have to recreate them (which probably would require a F500 company like Amazon or Google) or write a translation layer similar to WINE (which would need a couple dozen expert coders). Not worth the effort for knockoff phones.
Knockoff iPhones would sell like hot bread.
You can buy them at "the market" in Shenzen. You can even put in original Apple logic board and run iOS - and have crazy things like double storage, memory cards, 3.5mm output, etc. You have to build it from parts though, no one is selling a complete product AFAIK.
Afaik, those are not really knockoff as in a Gameboy replica. They're still using the proprietary Apple mainboard and all for the most part. What they did to double the storage was to desolder and solder back in a different storage with different capacity with the image from the original storage cloned onto, a process which kinda costly amd very risky as the components aren't designed to be plug and play like desktop components
Ref: Youtube channel "Strange Parts"
There are stores selling knock-off easy to manufacture parts like body, some basic electronic components etc, and yes, as I said, the logic board itself needs to be original.
I would be fiercely interested in any more details around this. I'm sure many of us have seen Scotty from Strange Parts doing his headphone socket project, and the franken-phone built from spare parts, but it sounds like you're suggesting something even more than that.
Citations, please!
Sorry, that's personal anecdote, not something I got from youtube or articles that could be cited. See my other reply: I'm not really suggesting anything more than what you can see on Youtube, just that knock-off iPhone parts that are easy to manufacture (body, battery electronics etc) exist - not the logic board though.
They still can't run iOS apps from the App Store. They are encrypted when downloaded and only decrypted at runtime. Decrypted apps can be offloaded from a jailbroken phone and then re-uploaded to a pirate store though.
Same like Hackintoshes, right?
It seems Corellium (linked to from the blogpost) has done that. That said, it seems they only run iPhone 6, et al., which was jailbroken (untethered), so it's significantly easier to emulate than trying to run the only unencrypted file (kernel cache) targeting an undocumented CPU with Qemu of an iOS beta that was released a few days ago.
Corellium can run up to iPhone X, and certainly can run iOS 12 (Option is given for jailbroken or not jailbroken too).
Only limit which you may be thinking of is that it only supports 64-bit ARM, so no emulation of the older devices.
Interesting. I would love virtual iPhones. For testing apps, anonymously. But I doubt that I'd get an invite from Corellium, either :(
Reads as an ad for Corellium...