mirror of
https://github.com/mroi/apple-internals.git
synced 2026-02-12 17:12:44 +00:00
internals: macOS 10.15 Catalina
This commit is contained in:
Michael Roitzsch
246
internals.txt
Normal file
246
internals.txt
Normal file
@@ -0,0 +1,246 @@
|
||||
AA Apple account
|
||||
AAT Apple Advanced Typography; font format and rendering engine
|
||||
Accounts launchd service: com.apple.accountsd; /System/Library/Accounts
|
||||
ACDE Apple Connect Device External? ACDEClient.framework, old two-step verification, derived from a company-internal AppleConnect system? server: appleconnect.apple.com
|
||||
ACFS Apple Clustered File System; deprecated file system for Xsan; acfs.framework
|
||||
Acoustic ID Siri feature to recognize songs
|
||||
Action extension type for quick interaction with foreign content within a host app; extension points: com.apple.services, com.apple.ui-services
|
||||
Activity jobs, coarse-grained work units of applications; tracked by the system across XPC, bears a QoS class for scheduling; low-level mechanism not to be confused with User Activity
|
||||
AE Apple Events; messaging system to invoke application functionality; CoreServices.framework/AE.framework; launchd services: com.apple.coreservices.appleevents, com.apple.AEServer (AE over network)
|
||||
AGC Apple Graphics Control, management of multiple displays and display port connections; launchd service: com.apple.displaypolicyd
|
||||
ALF Application-Level Firewall, launchd service: com.apple.alf (socketfilterfw)
|
||||
Alloy substrate for communication between user devices over Bluetooth and devices to iCloud, implemented over IDS; /System/Library/IdentityServices/ServiceDefinitions; launchd service: com.apple.identityservicesd
|
||||
ALS Ambient Light Sensor, AmbientDisplay.framework
|
||||
Amber Swift UI; SwiftUI.framework
|
||||
AMFI Apple Mobile File Integrity, checks code integrity based on code signature, stronger enforcement with hardened runtime, validates entitlement restrictions; launchd service: com.apple.MobileFileIntegrity (amfid), invoked by kernel through host special port 18
|
||||
AMP Apple Media Protocol? former parts of iTunes for iPod and iOS device access in Finder, Home Sharing; AMPDevices.framework, AMPSharing.framework; launchd services: com.apple.AMPDeviceDiscoveryAgent, com.apple.AMPDevicesAgent, com.apple.amp.mediasharingd
|
||||
Anisette two-factor authentication creates security codes on trusted devices using TOTP, probably using Circle keys, checked by HSA; AuthKit.framework; launchd service: com.apple.akd
|
||||
AOS Apple Online Services? historical name for iCloud
|
||||
APNS Apple Push Notification service, server infrastructure for remote push notifications over a single connection, clients subscribe to push topics, can be authenticated by app (remote notifications), device (Find My …), or Apple ID login (DSID); credentials in apsd keychain; launchd service: com.apple.apsd; server: courier.push.apple.com
|
||||
App Nap quiescence detection for applications and corresponding self-demotion in scheduler parameters, implemented within the application by frameworks, listens for occlusion notifications from WindowServer
|
||||
App Sandbox Seatbelt-based sandbox for apps; /System/Library/Sandbox/Profiles/application.sb; enabled with com.apple.security.app-sandbox entitlement; command line tool: asctl; launchd service: com.apple.secinitd
|
||||
APRR Access Protection Range Register? ARM CPU register to downgrade actual permissions of memory pages; used for JIT protection and by AMFI to freeze user code after checking
|
||||
APFS Apple File System; copy-on-write file system with support for volume space-sharing, per-file encryption, and snapshots
|
||||
APT Adaptive Picture Timing? ProMotion; dynamic screen updates with 120Hz base frequency
|
||||
ASL Apple System Logger, superseded by Unified Logging; /etc/asl; stored in /var/log/asl; launchd service: com.apple.syslogd; command line tool: syslog
|
||||
ASR Apple Software Restore; restore entire volumes from sources like disk images (HDI, SIU), also restores based on APFS snapshots and snapshot deltas; command line tool: asr
|
||||
Assertions power state management allowing applications to prevent sleeping; launchd service: com.apple.powerd; command line tools: caffeinate, pmset
|
||||
Assessment checking of System Policy; term used on iOS for school exam apps that lock the device
|
||||
Asset Cache discretionary caching server for Mobile Assets, Packages, iOS updates, App Store content, ODR, MMCS data; launchd services: com.apple.AssetCache.builtin, com.apple.AssetCacheLocatorService, com.apple.AssetCacheManagerService, com.apple.AssetCacheTetheratorService; command line tools: AssetCacheLocatorUtil, AssetCacheManagerUtil, AssetCacheTetheratorUtil
|
||||
Assistant Siri; dictation and semantic understanding, Intent is communicated to and enacted on the client, uses TTS; /System/Library/Assistant, AssistantServices.framework; server: *.siri.apple.com
|
||||
ATS App Transport Security, sandbox mechanism only allowing TLS-secured connections
|
||||
ATSUI Apple Type Services for Unicode Imaging; rendering engine superseded by CoreText.framework, font management; ApplicationServices.framework/ATS.framework; launchd service: com.apple.fontd; command line tools: atsutil, fontrestore
|
||||
Authorization discretionary access control policies for high-level services; similar to PAM; policy stored in /var/db/auth.db
|
||||
Avatar Memoji; AvatarKit.framework
|
||||
AVB Audio Video Bridging, low-latency audio over Ethernet; launchd service: com.apple.avbdeviced; command line tool: avbdiagnose, avbutil
|
||||
AWD Apple Wireless Diagnostics, sends system telemetry to Apple; CoreAnalytics.framework, WirelessDiagnostics.framework; launchd services: com.apple.awdd, com.apple.analyticsd
|
||||
AWDL Apple Wireless Direct Link; secondary WiFi interface that runs in parallel to an active WiFi access point connection, similar to WiFi Direct (p2p interface), uses a randomized MAC, used for peer-to-peer networking: AirDrop, AirPlay; DeviceToDeviceManager.framework
|
||||
Bezel on-screen overlays for hardware volume buttons, screen brightness, Bluetooth HID, and others; /Library/Application Support/Apple/BezelServices, launchd services: com.apple.loginwindow, com.apple.OSDUIHelper
|
||||
BOM Bill of Materials; format to store contents of installer Packages; command line tool: lsbom
|
||||
Bonjour mDNS; launchd service: com.apple.mDNSResponder.reloaded; command line tool: dns-sd
|
||||
Boot Cache disk cache pre-heating at boot time with typically loaded applications; /var/db/BootCaches; launchd service: com.apple.warmd
|
||||
BPR Boot Progress Register; set-only flags to track boot mode (normal, DFU, recovery), part of Keybag class key derivation within SEP, so passcode-protected keys are inaccessible in DFU and recovery
|
||||
Bridge T2 ARM CPU in Intel Macs to drive Touch Bar and Secure Boot, runs a derivative of watchOS, boots the platform and the Intel CPU, communication from macOS uses RemoteXPC, which uses HTTP/2 over a USB-Ethernet interface; launchd service: com.apple.multiversed; /System/Library/MultiversePlugins; command line tool: remotectl
|
||||
Bulletin Board application push notification management, aggregates local and remote push notifications; BulletinBoard.framework
|
||||
Cache Delete cleanup for various caches; /System/Library/CacheDelete; launchd service: com.apple.cache_delete (deleted)
|
||||
CAML Core Animation Markup Language; XML file format for layers, shapes and animations
|
||||
Carousel derivative of SpringBoard for Watch home screen, watch face, and notification center
|
||||
Celestial media streaming used by ReplayKit for game broadcasts; Celestial.framework
|
||||
Certificates validity checked using OCSP stapling, locally installed CRLs, and transparency logs; /System/Library/Security/Certificates.bundle; launchd services: com.apple.trustd, com.apple.trustd.agent, com.apple.ocspd
|
||||
Circle cryptographic primitive to exchange public keys of all trusted devices of one user, signed by all Circle peers; used by SOS; command line tool: tpctl; KeychainCircle.framework; iCloud identity keypair as an additional Circle peer, triggers countersigning from all trusted devices, private key synced across all trusted devices, new devices can pull this key from Secure Backup to join the Circle
|
||||
CKKS CloudKit Key Store, backend for SOS and Circle using CloudKit, currently stores the ApplePay, AutoUnlock, Engram, HealthKit, HomeKit, and Manatee PCS keys; secrets are unknown to Apple; launchd service: com.apple.secd; command line tool: ckksctl
|
||||
Classroom launchd service: com.apple.studentd
|
||||
Cloud Pairing part of Alloy, Bluetooth out-of-band pairing over iCloud for Continuity; launchd service: com.apple.cloudpaird
|
||||
CMAS Commerial Mobile Alert System, now known as Wireless Emergency Alerts (WEA)
|
||||
Commpage user-mapped kernel data, like vdso/vsyscall on Linux; mapped at 0x7fffffe00000
|
||||
Communications Filter recipient blocking for iMessage, FaceTime, Mail; launchd service: com.apple.cmfsyncagent
|
||||
Companion iPhone that is paired with Watch; communication uses Alloy over Bluetooth
|
||||
Continuity umbrella term for Handoff, Sidecar, SMS relay, Universal Clipboard, Watch unlock, WiFi call relay and others; SMS relay works by proxying to iMessage, other services use Alloy
|
||||
CPML CorePrediction Machine Learning; CPMLBestShim.framework
|
||||
CRD Conference Room Display; Apple TV mode
|
||||
CSR Code Security/Signing Restrictions/Requirements? also called System Integrity Protection (SIP) or rootless mode; collection of kernel-level security restrictions regarding file system modification, unsigned Kexts, Taskport access, NVRAM access, DTrace; /System/Library/Sandbox/rootless.conf; command line tool: csrutil, rootless-init
|
||||
CTK Crypto Token Kit; smart card management, also for the secure element on iOS? launchd service: com.apple.ctkd; command line tool: sc_auth
|
||||
CTS Centralized Task Scheduling; execution of DAS tasks; /System/Library/UserEventPlugins/com.apple.cts.plugin
|
||||
CVMS Core VM Server/Service? compilation of GPU shaders; launchd service: com.apple.cvmsServ
|
||||
DAAP Digital Audio Access Protocol; used by Home Sharing (with Rapport token) and by the Remote app to control Apple TV (with pairing token); payload unencrypted; DAAPKit.framework; Bonjour services: _atc._tcp, _home-sharing._tcp, _mediaremotetv._tcp, _touch-able._tcp
|
||||
DAS Duet Activity Scheduler; scheduling policy engine behind NSBackgroundActivityScheduler and XPC activities; /System/Library/DuetActivityScheduler; launchd service: com.apple.dasd
|
||||
Data Detectors text analysis to highlight phone numbers, street addresses, and the like; DataDetectors.framework
|
||||
DataVaults directories with the UF_DATAVAULT special flag; read access limited under CSR
|
||||
DAV Distributed Authoring and Versioning; network protocol on top of HTTP for syncing calendars (CalDAV), contacts (CardDAV), and formerly also bookmarks (BookmarkDAV)
|
||||
DCIM Digital Camera Images; DCIMServices.framework
|
||||
DEP Device Enrollment Program; devices check in with Apple during Setup Assistant to query for their enrollment status, retrieve MDM server URL to fetch initial configuration profile
|
||||
DFR Dynamic Function Row?, TouchBar; /System/Library/CoreServices/ControlStrip.app; DFRFoundation.framework
|
||||
Differential Privacy crowdsourcing without user tracking; privacy budget for management of anonymity set; used for keyboard words, emoji, Spotlight searches, Parsec deep links, HealthKit usage, Safari telemetry; /System/Library/DifferentialPrivacy; stored in /var/db/DifferentialPrivacy; launchd service: com.apple.dprivacyd
|
||||
DND Do Not Disturb
|
||||
DSID Destination Signaling Identifier, unique ID for IDS login on a specific device
|
||||
DTrace system-wide tracing infrastructure, command line tools: dtrace, *.d, dappprof, dapptrace, dtruss, errinfo, execsnoop, fddist, fs_usage, imptrace, iopattern, iopending, iosnoop, iotop, lastwords, latency, opensnoop, plockstat, rwsnoop, sampleproc, sc_usage, topsyscall, topsysproc
|
||||
Duet telemetry collection engine for system and user events, forecasting by machine learning, backend for DAS, Proactive, Relevance, Screen Time, thermal and battery management; /System/Library/DuetKnowledgeBase; CoreDuet.framework, CoreKnowledge.framework, CorePrediction.framework; launchd services: com.apple.coreduetd, com.apple.knowledge-agent
|
||||
Dyld Shared Cache dynamic linker cache, stores all system libraries in prelinked form, original library files are removed; /System/Library/dyld; command line tool: update_dyld_shared_cache
|
||||
EAS Exchange Active Sync; network protocol for accessing Microsoft Exchange servers
|
||||
Energy Impact unitless metric for per-application energy consumption, machine-specific coefficients; /usr/share/pmenergy; launchd services: com.apple.sysmond, com.apple.thermald
|
||||
Engram Messages in iCloud; devices store received iMessages in CloudKit; Engram.framework
|
||||
Entitlements capability-like attributes bound to executables by code signing; some entitlements like App Sandbox restrict ambient authority, some gradually relieve those restrictions (using Seatbelt), some services or system calls grant privilege based on caller entitlements
|
||||
ESS IDS user directory, public key distribution for iMessage and CloudKit sharing, uses Transparency; server: *.ess.apple.com; launchd service: com.apple.identityservicesd
|
||||
FaceTime video calls, employs the ICE (establishing peer-to-peer connection), STUN (session credential exchange) and SRTP (encrypted media streaming) protocols; FTServices.framework; launchd services: com.apple.videoconference.camera (avconferenced)
|
||||
FairPlay DRM system used by app and media stores; CoreADI.framework, CoreFP.framework; launchd services: com.apple.adid, com.apple.fpsd; credentials stored in /var/db/fpsd
|
||||
Family Circle Family Sharing; launchd services: com.apple.familycircled, com.apple.askpermissiond
|
||||
FDE Full Disk Encryption, FileVault; command line tool: fdesetup, sysadminctl
|
||||
Feldspar Apple News; Silex.framework
|
||||
FiDES Fi? Distributed Evaluation Service? ingests and aggregates Differential Privacy data for unlinkability? used for emoji, Suggestions, Dictation; /System/Library/DistributedEvaluation; DistributedEvaluation.framework; server: fides-pol.apple.com
|
||||
Find My … location sharing by explicitly querying devices remotely or collateral beacon detection using Search Party; launchd service: com.apple.icloud.fmfd (find my friends)
|
||||
Firmlink bi-directional non-symbolic link between the read-only system volume and the data volume, additional symlinks and mountpoints in the root directory are virtually allocated; /usr/share/firmlinks, /etc/synthetic.conf
|
||||
FollowUp user interaction for Secure Backup wrapping with device passcode, CoreFollowUp.framework; launchd service: com.apple.followupd
|
||||
FoundationDB fundamental iCloud storage database, marketed as CloudKit for app developers, separated into containers; records, blobs and large asset storage with MMCS, server-side continuous queries can trigger push notifications, user management by IDS, sharing between users; PCS keys used for hierarchical zone, record, and asset encryption; CloudKitDaemon.framework; launchd service: com.apple.cloudd; locally stored in ~/Library/Caches/CloudKit, ~/Library/Containers/*/Data/CloudKit
|
||||
FUD Firmware Update Daemon; /var/db/fud; launchd service: com.apple.MobileAccessoryUpdater
|
||||
Gizmo Apple Watch; managed by Bridge.app (watch settings) on Companion
|
||||
GSS Generic Security Service; part of Kerberos; GSS.framework; launchd service: com.apple.gssd, invoked by kernel through host special port 19; command line tool: gsstool
|
||||
HAP Home Automation Protocol; CoreHAP.framework
|
||||
HDA High Definition Audio; HDAInterface.framework
|
||||
HDI Hard Disk Image; command line tool: hdiutil
|
||||
HDR High Dynamic Range; video with wide-range transfer function; HDRProcessing.framework
|
||||
HeadBoard derivative of SpringBoard for tvOS home screen; sub-service: PineBoard
|
||||
HLS HTTP Live Streaming
|
||||
HSA Hardware Security Architecture; version 1 used for two-step verification, iCloud Keychain with iCSC; version 2 for two-factor authentication, SOS and Secure Backup with iCDP
|
||||
HSM Hardware Security Module; HSM fleet runs escrow service for Secure Backup; public keys for authenticating the HSM services in /System/Library/Security/Certificates.bundle/Contents/Resources/AppleESCertificates.plist
|
||||
Hyperion iCloud Photos, uses CloudKit; launchd service: com.apple.cloudphotod; command line tool: cpldiagnose
|
||||
IAP iPod Accessory Protocol; IAP.framework
|
||||
iCDP iCloud Data Protection, codename for a set of enhancements to iCloud privacy: device passcodes used as iCSC for Secure Backup, PCS root keys for CKKS-enabled services only synced between devices using SOS and not stored at Apple; launchd service: com.apple.cdpd
|
||||
iCloud umbrella term for a conglomerate of services, consists of FoundationDB containers with PCS views for key management, supported by SOS; uses IDS and APNS; some services under the iCloud name are actually served by the iTunes conglomerate or by IMAP or DAV
|
||||
iCSC iCloud Security Code, credential wrapping for Secure Backup, previously used a separate code, with HSA2/iCDP uses device passcodes
|
||||
IDAM Inter-Device Audio and MIDI; audio connection between devices
|
||||
IDS Identity Service, also IDMS, Apple ID identity management for all of Apple’s online services; APNS topics for signaling and messaging, see also Alloy, ESS, FaceTime, iMessage; authentication to services with Kerberos
|
||||
IM Instant Messaging; usually means iMessage and FaceTime, formerly also XMPP
|
||||
Intent use-case-driven interaction with 3rd-party apps from a host app; used for Siri, Maps, Widgets (configuration); extension points: com.apple.intents-service, com.apple.intents-ui-service
|
||||
IOKit device driver subsystem for in-kernel and DriverKit drivers, command line tool: ioreg
|
||||
Ironwood dictation, customized on server with selected user data (contacts, app names, music titles, HomeKit names, Siri Shortcut phrases), not tied to Apple ID; server: guzzoni.apple.com
|
||||
ISP Image Signal Processor; camera imaging circuit in iPhones
|
||||
ITML iTunes Markup Language; metdata tagging for media services; ITMLKit.framework
|
||||
ITP Intelligent Tracking Prevention, cross-site tracking defenses in Safari, statistics and user interaction classify sites, cookies are partitioned and access is restricted
|
||||
iTunes old umbrella term for a conglomerate of media services: App Stores, Apple Music, Apple TV, iCloud media library, Apple Podcasts, Podcast sync, Books Store, Books sync; server: phobos.apple.com
|
||||
JARVIS Just A Rather Very Intelligent Scheduler, Mesos cluster manager for Siri, iCloud, iTunes
|
||||
Jellyfish Animoji
|
||||
Jetsam reclaiming of purgeable memory and terminatable apps during memory pressure; see TAL
|
||||
JSC JavaScript Core; JavaScriptCore.framework; command line tool: jsc
|
||||
Kerberos single-sign-on mechanism; Heimdal.framework; command line tools: klist, ktutil
|
||||
Kext kernel extension, /Library/Extensions, /Library/StagedExtensions, /System/Library/Extensions; launchd service: com.apple.kextd, invoked by kernel through host special port 15; also handles DriverKit drivers; command line tool: kextutil, kmutil
|
||||
Keybag storage of protection class keys for Keychain and filesystem, protected by SEP with passcode and lockout; stored in user.kb; launchd services: com.apple.mobile.keybagd, com.apple.securityd_service, com.apple.secd
|
||||
Keychain storage for credentials; launchd service: com.apple.securityd; command line tools: certtool, security, systemkeychain
|
||||
KIP Kernel Integrity Protection, locking of physical memory pages to prevent changes to kernel
|
||||
Launch Services management for applications, uses Spotlight to update cached info; launchd services: com.apple.coreservices.launchservicesd, com.apple.lsd; CoreServices.framework/LaunchServices.framework; command line tools: lsappinfo, lsregister
|
||||
Liverpool PCS and TCC codename for CloudKit
|
||||
LKDC Local Key Distribution Center, Kerberos on client machines
|
||||
LSM Latent Semantic Mapping, text analysis, used for spam filtering, command line tool: lsm
|
||||
Mac Buddy historic name for Setup Assistant
|
||||
Machine Learning Vision.framework, Espresso.framework, Futhark.framework, PhotoAnalysis.framework
|
||||
Madrid iMessage; /System/Library/Messages
|
||||
Manatee PCS key for some CloudKit containers are protected/wrapped with a key synced via SOS, so data is unreadable to Apple (credential management codenames: Plesio, Stingray)
|
||||
Mangrove transfering UI tiles over XPC; Mangrove.framework, IOSurface.framework
|
||||
Marco Marco.framework, something about IDS and communication (iMessage, Calls), logging?
|
||||
Marzipan Catalyst; port of iOS frameworks to macOS, Catalyst apps are iOS apps with additional API to adapt macOS UI idioms; /System/iOSSupport; integration using UIKit system process; launchd service: com.apple.uikitsystemapp
|
||||
MCX Managed Client for OS X, preference management for settings from configuration profiles, /Library/Managed Preferences, command line tools: mcxquery, mcxrefresh
|
||||
MDM Mobile Device Management; server software to manage fleets of iOS and macOS devices; uses configuration profiles to manage preferences; ConfigurationProfiles.framework
|
||||
MDS Module Directory Services, ancient part of the old security APIs (CSDA, CSSM)
|
||||
Memory Debugging uses Taskport; command line tools: heap, leaks, malloc_history, stringdups, vmmap
|
||||
Mesa Touch ID; /Library/Catacomb; /var/db/bkad.db; command line tool: xartutil
|
||||
Metadata Spotlight; file indexing on macOS; CoreServices.framework/Metadata.framework, CoreServices.framework/SearchKit.framework; stored in /Volumes/*/.Spotlight-V100; launchd service: com.apple.metadata.mds; command line tools: mddiagnose, mdfind, mdimport, mdls, mdutil; in addition to auto-indexing, apps can explicitly register searchable items; CoreSpotlight.framework; launchd service: com.apple.corespotlightd
|
||||
MMCS MobileMe Chunk Storage, used by iCloud, splits blobs into chunks and stores them at Amazon/Google with convergent encryption; MMCS.framework
|
||||
Mobile prefix for iOS
|
||||
Mobile Assets demand-downloaded system components like fonts, dictionaries, linguistic data; stored in /System/Library/Assets/; launchd services: com.apple.languageassetd (language-dependent assets), com.apple.mobileassetd; server: mesu.apple.com
|
||||
Mobile Device connectivity to iOS devices over USB or WiFi (AirTrafficHost) for syning, development, and debugging; MobileDevice.framework; launchd service: com.apple.usbmuxd; Bonjour service: _apple-mobdev2._tcp
|
||||
MOC Managed Object Context; Core Data object space
|
||||
Mondrian photo arrangement in moments, collections, years; Mondrian.framework
|
||||
MRT Malware Removal Tool; /Library/Apple/System/Library/CoreServices/MRT.app
|
||||
Multipeer Connectivity ad-hoc networking; Bonjour for discovery; WiFi, AWDL, Bluetooth, or Ethernet as transport; optional encryption and certificate-based authentication
|
||||
Nano prefix for watchOS
|
||||
Newton fall detection on watchOS
|
||||
NLP Natural Language Processing; NLP.framework; related to mecabra libraries, a linguistic engine for Chinese and Japanese; /usr/share/mecabra, /usr/share/tokenizer
|
||||
Notarization app security scan by Apple; cryptographic proof stapled to code signature, tested by System Policy; command line tools: altool, stapler
|
||||
Noticeboard User Notifications for Software Update and App Store, Noticeboard.framework; launchd services: com.apple.noticeboard.state (nbstated), com.apple.noticeboard.agent (nbagent)
|
||||
Notifications system notification bus, unrelated to the local/remote push notifications; launchd service: com.apple.notifyd; command line tool: notifyutil; complemented by framework-level notification system (CFNotification, NSNotification); launchd services: com.apple.distnoted.xpc.daemon, com.apple.distnoted.xpc.agent
|
||||
NSP Network Service Proxy; per-app VPN and proxy settings; launchd service: com.apple.networkserviceproxy
|
||||
ODR On-Demand Resources; loaded from App Store; launchd service: com.apple.appstored
|
||||
Onboarding data protection splash screen shown by service-connected apps; /System/Library/OnBoardingBundles; OnBoardingKit.framework
|
||||
Open Directory directory service for user, group, and machine management; plugin-based to use different backend stores (LDAP, Active Directory), local accounts in /private/var/db/dslocal; launchd service: com.apple.opendirectoryd; command line tools: dscacheutil, dscl, dsconfigad, dsconfigldap, dseditgroup, dsenableroot, dserr, dsexport, dsimport, dsmemberutil, odutil
|
||||
Opus create slide shows from photos; Slideshows.framework
|
||||
OSA Open Scripting Architecture; scripting of applications from different fontend languages (currently AppleScript and JavaScript); backed by Apple Events; command line tools: osacompile, osadecompile, osalang, osascript, sdef, sdp
|
||||
OTUT One-Time Unlock Token; security mechanism to allow keybag unwrapping after updates
|
||||
PAC Pointer Authentication Codes; pointers signed in unused bits to prevent ROP attacks
|
||||
Packages unit of software installation; command line tools: pkgutil, installer, softwareupdate; launchd services: com.apple.softwareupdated, com.apple.bootinstalld, com.apple.installd, com.apple.system_installd, com.apple.uninstalld; /var/db/softwareupdate, /Library/Apple/System/Library/Receipts (system), /System/Library/Receipts (read-only), /private/var/db/receipts (App Store)
|
||||
Parsec Spotlight web results and searching of crowdsourced User Activity deep links; server: *.smoot.apple.com; launchd services: com.apple.parsecd, com.apple.parsec-fbf (Feedback Flush to Differential Privacy)
|
||||
Pasteboard storage for cut, copy, and paste; launchd service: com.apple.pboard; command line tools: pbcopy, pbpaste
|
||||
PCS Protected Cloud Storage; key management for separate iCloud storage compartments (PCS calls them views), each can contain FoundationDB plus bulk data stored by MMCS; see also iCDP, CKKS, Manatee; ProtectedCloudStorage.framework; /System/Library/Preferences/ProtectedCloudStorage
|
||||
PCSC Personal Computer Smart Card; PCSC.framework, uses CTK
|
||||
PDE Print Dialog Extension; old name, not a proper Extension
|
||||
Pegasus picture-in-picture video playback; Pegasus.framework (iOS), PIP.framework (macOS)
|
||||
Pepper UI elements for Watch home screen and Chat, like Quickboard (canned replies), Animoji; PepperUICore.framework
|
||||
Persona separation of sub-user-identities, like when using a private and managed Apple account; PersonaKit.framework; ~/Library/Personas; /System/Library/UserManagement
|
||||
Piano Mover Mail Drop; large mail attachments transfered over PCS; not to be confused with storage for iMessage attachments, which uses a CloudKit container
|
||||
Plugin Extensions, XPC services bundled with apps or frameworks, discovery by Launch Services; launchd service: com.apple.pluginkit.pkd; command line tool: pluginkit
|
||||
PMP Port Mapping Protocol; Apple alternative to UPnP, Bonjour service: _acp-sync._tcp
|
||||
Preferences storage for user-configurable settings; launchd services: com.apple.cfprefsd.xpc.daemon, com.apple.cfprefsd.xpc.agent; stored in Library/Preferences, command line tool: defaults; interaction with Synced Defaults per /System/Library/DefaultsConfigurations
|
||||
Proactive umbrella term for suggestions and completions based on Duet forecasting and User Activity context, also marketed as Siri features; PersonalizationPortrait.framework
|
||||
QoS Classes inheritable property for Activities; semantic priorities, influences scheduling parameters; initially set at user-level, priority inheritance within GCD queues and across XPC in kernel?
|
||||
Quagga framework for QR and barcode decoding; Quagga.framework
|
||||
Quick Look file preview and thumbnail generation; comand line tool: qlmanage
|
||||
RAOP Remote Audio Output Protocol; formerly AirTunes, now part of AirPlay; Bonjour service: _raop._tcp
|
||||
Rapport device pairing by proximity using Alloy, with PIN entry, or using iCloud; once paired, devices can access services; used for HomeKit, HomePod, AirPlay, Home Sharing, SideCar; Rapport.framework; launchd service: com.apple.rapportd; Bonjour service: _companion-link._tcp
|
||||
Recents recently used items (not files) in various applications, synced with Synced Defaults; CoreRecents.framework, /System/Library/Recents; launchd service: com.apple.recentsd
|
||||
Relevance Engine backend for Siri suggestions (for example of Siri Shortcuts), Siri watch face, Widget smart stacks; consumes Duet knowledge and app-provided timelines; /System/Library/RelevanceEngine; launchd service: com.apple.relevanced
|
||||
Revisions document autosave and auto-versioning; stored in /.DocumentRevisions-V100; GenerationalStorage.framework; launchd service: com.apple.revisiond
|
||||
Routine frequently visited locations on iOS, interacts with Duet; launchd service: com.apple.routined
|
||||
RTC Real-time Telemetry and Crash reporting; RTCReporting.framework; launchd service: com.apple.rtcreportingd
|
||||
SBPL Sandbox Profile Language; a TinyScheme-based embedded DSL for Seatbelt profiles
|
||||
SCIP System Coprocessor Integrity Protection; like KIP, but for SEP, ISP, Motion coprocessor
|
||||
Screen Reader VoiceOver and Braille; /System/Library/ScreenReader; ScreenReader.framework
|
||||
Screen Time digital wellbeing and parental controls system, uses Device Management as policy engine, self-enforced within the application by frameworks; launchd services: com.apple.ScreenTimeAgent, com.apple.dmd
|
||||
SDB SQL Database; CoreSDB.framework, used by iCloud communication
|
||||
Search Party portion of Find My service for offline devices; devices emit public part of rotating key pair via Bluetooth LE, other devices encrypt current location with this key and send to Apple, private key shared over CloudKit
|
||||
Seatbelt process sandbox by filtering system calls; /System/Library/Sandbox/Profiles, /usr/share/sandbox; profiles written in a SBPL; command line tool: sandbox-exec; launchd service: com.apple.sandboxd, invoked by kernel through host special port 14 for logging
|
||||
Secure Backup escrow part of SOS; escrow key individually wrapped with passcodes of trusted devices, stored in HSM to prevent brute forcing, uses SRP so passcodes are not visible to iCloud, limited number of recovery attempts; protocol called Lakitu, uses FollowUp; launchd service: com.apple.SecureBackupDaemon; CloudServices.framework
|
||||
Secure Boot firmware checks integrity of OS before booting it, configurable on Macs
|
||||
SEP Secure Enclave Processor; dedicated ARM core for security services, runs L4/Darbat, inline encryption to DRAM, factory-paired channels to Touch ID/Face ID hardware and Secure Element; SEP can use but not read device UID key, usage restricted to ROM code
|
||||
Sharing umbrella term for wireless proximity services: AirDrop, Continuity, Instant Hotspot, WiFi sharing; used by loginwindow for Watch unlock; Sharing.framework; launchd service: com.apple.sharingd; also serves connection sharing and remote disk
|
||||
Shoebox Passbook
|
||||
Sidecar using iPhone/iPad as Mac accessory: camera for photos and scanning, annotations, external display over low-latency WiFi (llw interface) using avconferenced encoding; SidecarCore.framework; launchd services: com.apple.sidecar-display-agent (SidecarDisplayAgent), com.apple.sidecar-relay (SidecarRelay)
|
||||
Signpost telemetry API to report points of interest in code; launchd service: com.apple.signpost.signpost_reporter
|
||||
Simulator running an iOS/tvOS/watchOS personality on macOS, uses sandboxing and a separate Mach bootstrap namespace for container-like isolation, command line tool: simctl
|
||||
SKS Secure Key Store; handling of keybag keys within the SEP
|
||||
SkyLight WindowServer; SkyLight.framework
|
||||
Social Gaming Game Center; multiplayer gaming services on top of CloudKit, shared storage and low-latency multicast for multiplayer sessions; launchd service: com.apple.gamed
|
||||
Sock Puppet Watch interaction that requires Companion device
|
||||
SOS Secure Object Sync; backend service for iCloud Keychain and iCDP/PCS, not to be confused with the emergency call feature; syncs credentials across trusted devices using keys from Circle, transferred items stored ephemerally in CKKS (new) or Synced Defaults (old) using OTR protocol; launchd services: com.apple.secd (access to local keychain), com.apple.security.cloudkeychainproxy3 (connects to Synced Defaults), com.apple.security.keychain-circle-notification; command line tool: otctl
|
||||
SPI System Private Interface; /System/Library/PrivateFrameworks
|
||||
SpringBoard iOS home screen; like Dock (Launchpad, Mission Control, desktop picture), Control Center, SystemUIServer (menu extras icons), loginwindow (lock screen), and WindowServer (compositor) on macOS; sub-services PreBoard, BaseBoard, FrontBoard, BackBoard (compositor), SplashBoard, SketchBoard; /System/Library/RunningBoard
|
||||
SRP Secure Remote Password; standard cryptographic protocol for proving knowledge of a secret such that attackers cannot brute-force the secret; AppleSRP.framework
|
||||
SSO Single Sign-On
|
||||
Stark CarPlay
|
||||
Stockholm Apple Pay
|
||||
Storage Management freeing up disk space by managing bulky items; UI in System Information.app; StorageManagement.framework; launchd service: com.apple.diskspaced; extension point: com.apple.storagemanagement; extends Cache Delete service
|
||||
Suggestions semantic analysis of mails and websites to suggest contacts, calendar events and the like; launchd services: com.apple.suggestd, com.apple.reversetemplated; custom JavaScript parsers in /System/Library/AssetsV2/com_apple_MobileAsset_CoreSuggestions
|
||||
Symbols debug symbols for backtraces; CoreSymbolication.framework; launchd services: com.apple.coresymbolicationd; command line tools: symbols, symbolscache
|
||||
Symptoms network diagnostics; Symptoms.framework; /var/networkd/netusage.sqlite; launchd service: com.apple.symptomsd, invoked by kernel through host special port 27
|
||||
Synced Defaults simple key-value store for applications, no user control over data; can use iCloud key-value backend (old) or Manatee container (new, marked as com.apple.kvs) as storage; launchd service: com.apple.syncdefaultsd; locally stored in ~/Library/SyncedPreferences
|
||||
System Configuration SystemConfiguration.framework; launchd service: com.apple.configd; command line tool: scutil
|
||||
System Extension user-level components formerly in the kernel; currently either a DriverKit, Network, or Endpoint Security extension; /System/DriverKit; launchd services: com.apple.sysextd, com.apple.nesessionmanager, com.apple.endpointsecurity.endpointsecurityd; command line tool: systemextensionsctl
|
||||
System Policy Gatekeeper; policy engine for application launches and kext loading; /var/db/SystemPolicy; launchd service: com.apple.security.syspolicy; invoked by kernel through host special port 29; command line tool: spctl
|
||||
TAL Transparent App Lifecycle; app process is started and stopped independently of the user launching and quitting app; also handles session restore across reboots; ~/Library/Saved Application State; launchd service: com.apple.talagent
|
||||
Taskport Mach kernel concept for ptrace-like access to task internals; access policy implemented by daemon; launchd service: com.apple.taskgated, invoked by kernel through task special port 9; command line tool: DevToolsSecurity
|
||||
TCC Transparency, Consent, and Control; user control over app access to privacy-related services (kTCCService*); TCC.framework; launchd services: com.apple.tccd, com.apple.tccd.system; command line tool: tccutil; stored in /Library/Application Support/com.apple.TCC, ~/Library/Application Support/com.apple.TCC, /var/db/locationd (for kTCCServiceLocation)
|
||||
Time Machine automatic backup service, command line tools: tmdiagnose, tmutil, bypass
|
||||
Tin Can Walkie Talkie on watchOS
|
||||
Tones ringtones; ToneLibrary.framework
|
||||
Tourist backend for user-visible tips and hints; launchd service: com.apple.touristd
|
||||
Transparency key transparency for ESS keys? Transparency.framework; launchd service: com.apple.transparencyd; server: init-kt.apple.com
|
||||
TTS Text To Speech, command line tool: say; /System/Library/Speech; synthesizer engines: MacinTalk (historic), Polyglot (phoneme-based?), Gryphon (current, DNN-based?)
|
||||
TVML TV Markup Language; declarative UI language for TV apps; TVMLKit.framework
|
||||
Ubiquity iCloud Drive; uses CloudKit, codename Bladerunner; CloudDocs.framework; command line tools: iclouddrivectl, fileproviderctl; launchd service: com.apple.bird (iclouddrive-agent); locally stored in ~/Library/Mobile Documents, ~/Library/CloudStorage/iCloud Drive
|
||||
Unified Logging system-wide logging and Activity tracking; launchd service: com.apple.logd, com.apple.diagnosticd; command line tool: log; /dev/oslog; data stored in /var/db/diagnostics, support files in /var/db/uuidtext
|
||||
User Activity abstraction behind deep-linking into apps with structured context data (people, places); used for Universal Links (with schema.org on websites), Handoff, Parsec, Siri Shortcuts, Proactive; UserActivity.framework; launchd service: com.apple.coreservices.useractivityd
|
||||
User Notifications user interface for notification center; launchd service: com.apple.usernoted
|
||||
VA Video Acceleration; AppleGVA.framework, AppleVA.framework, AppleVPA.framework
|
||||
Viceroy video conferencing used by FaceTime and ReplayKit
|
||||
VSDB volume status database; /var/db/volinfo.database; command line tool: vsdbutil
|
||||
Waldo VPN key management? location aware? seen in NSP, server: waldo.apple.com
|
||||
Widgets content excerpt from apps; provided via a timeline of views, configuration uses Intents
|
||||
Willow HomeKit; end-to-end-encrypted communication protocol and API for IoT-accessories; pairing with SRP using code printed on device, credential sync using SOS, transported over Alloy, remote access using Apple TV as proxy; launchd service: com.apple.homed
|
||||
XCS Xcode Server; continuous integration server; command line tools: xcscontrol, xcsdiagnose
|
||||
Reference in New Issue
Block a user