Get the top HN stories in your inbox every day.
homarp
userbinator
If I read correctly, the "UI" is not much more than a serial console? In other words, nothing graphical?
throwawayaghas1
Yeah but I think they're working on the UI aspect of it.
conradev
For those that don’t know about it, you can find a fairly complete commercial iPhone emulator at Corellium: https://www.corellium.com/
It does essentially everything, short of hardware accelerated rendering
You can even emulate it being attached directly to your Mac and use it as a cloud device from Xcode
wingerlang
This is a great service. I recently had to test a specific bug on iOS 11. Instead of figuring out how to download the simulator, or buy an old device, I simply created a virtual device, connected to the VPN, and built straight to the device from xcode. Like magic.
It's slow and missing some features but it's still amazing.
terrycody
so now even IOS is under completely emulated like Android? I think this company sued by Apple before then settled with it right?
lucb1e
With this, would it finally be possible to test iOS apps without having to first buy into the Apple ecosystem? Seems super helpful for developers, security testing, etc.
smackeyacky
You can semi not buy into the apple ecosystem at the moment. Purchase a 2nd hand iphone and then run this Docker based OSX system:
https://github.com/sickcodes/Docker-OSX
It's fine for personal projects using something like usbfluxd to talk to your iphone from the docker container. I wouldn't rely on it to do commercial work.
chrismorgan
The cheapest second hand iPhones that run the current version of iOS (but are right at the tail of any support) are on the high side of the price range of what I’ve ever spent on a new, primary phone that I expect to last me at least several years. (And although it’s not as common as the alternative, I’m hardly alone in not spending much on phones; now laptops, on the other hand—.) I don’t want to spend more on a device that I might use once every few months.
jychang
You can buy a used SE (2020) for only about $150 and that'll probably be supported for another 4 years.
I've spent more than that from shopping at Costco on an empty stomach (rookie mistake).
jjcon
If you don't daily drive an iPhone and you don't want to buy into Apples ecosystem, why do you want to develop for their ecosystem (which of course requires $100 a year to do so)? Genuinely curious cause I see a lot of people with this sentiment, is it for work related purposes or something? Or testing of web work potentially?
gzer0
I am struggling to understand where you are coming from. Can you elaborate?
The cheapest second-hand iPhone that runs the latest iOS 15.0+ is an iPhone SE 1st gen (2016). Current prices on eBay indicate a price of $70.
There is not a single Android that has been supported for this long of a time.
wutwut5521
When I did iOS dev I could get by okay with an ipod touch, since I did not need cell or GPS testing. These are $200 new, $150 refurbed for the prev edition. The other route to go is a device farm service, IIRC AWS offers this nowadays.
beagle3
That’s an iPhone 6S; I’ve seen them go for $100, or less with stuff like “battery runs out in 3 mins so must be connected to charger” which should be sufficient if you just develop.
red369
Did you include low storage (e.g. 16GB) iPhone 6S and SE 2016 in your search?
I’m mostly just curious whether your primary phones generally cost less than those. It would be hard to find much for cheaper than those where I am.
Unrelated, but I find it interesting that storage size seems to affect second hand value so strongly. I mean that it looks like doubling would cost more than a few generations newer.
asddubs
i bought an iphone 6s for this purpose for 50€. upon mentioning this to somebody i was also given a second one with a crap battery for free
mattl
An iPhone SE 1st Generation can be had for around $70.
What phones are you buying?
amarshall
The project makes it not super-obvious, but it’s just KVM underneath. Also it’s likely against the EULA to run on non-Apple hardware.
withinboredom
If the software can’t tell the difference, does it matter? And if the EULA is unenforceable in your jurisdiction, does it matter?
paulpauper
buying an iphone means it's still in the apple ecosystem. the problem is not the money but the hassle of having to buy it
scarface74
So you don’t want to be in the Apple ecosystem. But you want to develop for an Apple product? How will you support the product when users encounter bugs?
cyberpunk
I'm really not trying to be rude, but if you're a serious developer, 'security person' or otherwise, the cost of entry for apple is not a problem.
I know I'll get abused probably for saying it, but I mean come on. An apple device is what, one days worth of consultancy time? For a security researcher maybe an hour? It's the cost of business.
If you're priced out of getting into that particular game (I was too, once) then do something adjacent and switch once you're earning 10k a year and can afford an apple device, if you really want to work on apple devices..
lucb1e
I don't spend €500 on a locked-down device that I can't do anything with.
But if there's a nice open source emulator for €50 (or in this case, free?!) where I control literally everything, that opens up a world of possibilities.
Also, don't overlook students, countries other than the richest thirty or so, and income discrepancies within those countries in general (especially in the USA where the discrepancy (Gini index from the World Bank) is between that of Kenya and Bolivia). One might want to learn and not yet have that well-paying job, or do it as a side project for fun.
> what, one days worth of consultancy time?
Let's go for the iPhone 11 from OP, checking... that's €519 from the cheapest store in NL (huh that 500 euros above was a good guess). That's 2½–3½ weeks of work for this security consultant. (That's a long time to go without food and rent! :P) If you can pay me that many times better that I could afford this after one day of working, without having to relocate to some faraway country, then contact info is in my profile!
---
I do agree with your point in general I suppose. Yes, in many countries serious iOS developers and security firms that have more than one customer request for an iOS app review per year will easily be able to afford the necessary devices, and if needed wait long enough for a jailbreak to exist. But if I want to make an app for fun, and to even get started I need to invest hundreds of euros? In a platform I'll never use? Well, that's why the few small apps that I built are all Android-only.
gbear605
The iPhone SE (2016) still runs the latest iOS (and I know people who happily use it), and I can get it on American eBay for about $100.
kuschku
> I'm really not trying to be rude, but if you're a serious developer, 'security person' or otherwise, the cost of entry for apple is not a problem.
If the cost is so meaningless to you, you’re always invited to donate to the Patreon/ko-fi/GitHub Sponsors links of the projects that can’t afford an iPhone :)
undefined
danuker
cyberpunk
I'm not an apple fanboy. I do have a M1, but I once spent 4 months porting KDE to solaris 10 x86 to run on a hp probook (and even got paid to do it)... I routinely try to exit the apple ecosystem but it always costs me pain and time, which hasn't been worth it for a number of years now. looks at drawer of ubuntu dell XPS's, ThinkPads running openbsd, etc etc.
I've fucking TRIED... :(
It's been linux and bsd machines as clients for work for almost 20 years.. And yet I keep having to go back to OSX for reliability.
At some point you have to just accept certain things are the cost of business..
nomel
I think it could reasonably be called a development platform, with all the software included in its cost.
williamtwild
10k a year? Where would one libe earning 10k a year? A tent in the woods?
dr_zoidberg
There are countries were earning 12k USD a year puts you in the top 1%. Just to give you some context.
undefined
toastal
Thailand it seemed like the going rate for a dev in Bangkok was about $17k USD salary
ge96
Is it "buy into" if you use stuff like Browserstack?
I use their live devices (camera/audio feed specifically) although not sure how far you can go eg. app-level install. Looks like you can and use stuff like Appium.
chrismorgan
At $49/month, it’s a fairly significant expense. Good if you’re using it for other stuff already, but not exactly cheap otherwise. (There’s also $39/month annually, but $468 is well past the cost of second-hand hardware.)
ge96
Yeah I was thinking about that, for example if you had one device but you wanted to back test versions of software is it easy to do that?
What I mean is like iOS/Safari 14 over 15
bri3d
You can also buy into Corellium for this - I suppose the same idea but a closed "cloud" virtualization provider.
lucb1e
That sounded amazing until I clicked to the pricing and then to the FAQ about this "cores" concept
> newer devices, such as the iPhone 8 and iPhone X, require six cores
I'm not keeping up to date with apple phone numbers, but since OP speaks of 11 I take it that 8 must be at least a few years old. So "newer devices" here just means "any reasonable device".
6 cores is $295 a month on the cheapest plan. If you need it more than once every few years, it's cheaper to get a real phone used.
Thanks for the tip nevertheless! Can be useful in a pinch for sure :)
bri3d
Corellium is more for low-level library and kernel debugging and situations where you need control over the boot process, the same kind of thing you'd use qemu for vs. the iOS Simulator in Docker-OSX or AWS Mac instances or whatever. For just running UI tests, AWS Mac instances or Appium/Browserstack/whatever is going to be way cheaper and more practical.
For low level debugging situations using real hardware is impractical or impossible as you need stolen debug probes (or to be part of the super exclusive Apple research program) and/or custom hardware.
saagarjha
Corellium can also bill you hourly at (IMO) much more affordable rates.
amelius
Wouldn't you need an Apple ID at some point?
And doesn't it phone home and report you?
lucb1e
Good questions. I guess for eventual publishing, the app repository fees need to be paid indeed. That only applies to development and not security testing though.
danuker
There are some cases like free-software where you wouldn't need the app store.
rexf
Two factor is a challenge with development (for IAP sandbox) accounts. I have to be careful to constantly not turn on two factor for test accounts. The iPhone will keep prompting me to opt-in, but I don't have several spare phone numbers or '2nd Apple' trusted devices for 2FA.
Apple's 2FA details: https://support.apple.com/guide/iphone/manage-factor-authent...
While I support 2FA usage, I wish there was a way to say 'I understand the risks and do not want 2FA on this account'.
toastal
2FA requires a phone number!?
908B64B197
Honestly why bother? For app dev Macs are basically free. Takes no time to break-even. Can even incorporate and expense-it.
makach
Ooohhh! This will be interesting from a reverse engineering perspective. Also, does that mean I can get iMessage on PC?
Nextgrid
It's technically already possible by installing/virtualizing macOS and giving the SMC emulator a plausible serial number - it's tolerated by Apple for now, however they can trivially block this (both for Hackintosh as well as this iOS emulator) by requiring a real serial number.
trollied
They have started to introduce random serials to some product lines: https://www.macrumors.com/2021/05/05/purple-iphone-12-random...
I imagine this will be extended in the future so that they can begin to clamp down.
muttled
If you know a valid serial number (say from a decommissioned Mac) do you know if you're able to just use that or is there some sort of validation of the device to the serial number?
Gigachad
>by requiring a real serial number
I assume you could just buy some $10 iphone 3gs to grab a number from.
icelancer
I used a real serial number for this and still never had much success doing so, was a giant pain in the ass about a year ago.
Nextgrid
Surprisingly, in my case it worked first try. It needed a compatible wireless card being present though - I think the Wi-Fi MAC is also used as some kind of identifier in addition to the serial number alone.
Quikinterp
I have an old iPhone, could I use a serial number from that potentially?
0x0
I think you need a valid iPhone serial number to activate iMessage?
lostgame
Curious, would this not apply to Macs and iPads as well?
Can you access iMessage just through the Messages app on Mac?
0x0
I think for that case you need a valid mac serial number, too. I think virtualized macOS does not support iMessage either (although googling seems to suggest that you might be able to get it working by copying a valid mac serial number from another device or something. Basically, if you haven't bought a real apple device, you probably won't be able to use iMessage. "Borrowing" your friend's serial number is probably not the smartest idea either.)
vulcan01
Yes, you can, but only if you are signed into your Apple ID and connected to Wi-Fi. I believe Macs and non-cellular iPads send messages over Wi-Fi to the iMessage servers.
smithza
Apple likes to validate hardware through serial numbers or other identifiers before connecting to apple services. I suspect this will be near impossible.
sneak
Is there documentation to hand on how to actually run iOS on this fork?
The readme of the repo is still just the normal qemu repo readme.
wanderer_
Yeah, OP should probably have provided cyberbanjo's link, I was confused too.
kimown
https://github.com/kholia/OSX-KVM
You can also run OSX in qemu too.
userbinator
From what I can see, a "Virtual Hackintosh" is far more functional than this.
CodeWriter23
Does this emulate the Secure Enclave?
Findecanor
Banking apps in my country don't even use the secure enclave, so for emulating those, it does not even matter.
I'm just waiting for hearing about massive attacks on them, and large number of bank accounts having been wiped.
encryptluks2
[flagged]
_jal
Personally, I blame Charlie Babbage for voice mail spam.
tenebrisalietum
Personally, I blame Joseph Marie Jacquard for enabling the automation of anything bad.
stjohnswarts
By that definition probably most of us HN folk are greedy capitalist pigs and proud of it. Thank you for the compliment.
Get the top HN stories in your inbox every day.
from https://mobile.twitter.com/ntrung03/status/14992749382173818... iOS QEMU fork is just published. Some notable features: - iOS Restore - S8000 SecureROM emulation (always FORCE_DFU) - USB - SPRR/GXF emulation
Tutorial/status can be found in the wiki section, e.g. https://github.com/TrungNguyen1909/qemu-t8030/wiki/Bringing-...
It is still very far from a usable device: https://github.com/TrungNguyen1909/qemu-t8030/wiki/Project-s...