mirror of
https://github.com/mroi/apple-internals.git
synced 2026-02-12 17:12:44 +00:00
8d62d3e215
• move internals.txt to internals.tsv (bonus: GitHub built-in rendering) • add a header in the first line • ignore first line for sort checking • ignore first line for HTML rendering
46 KiB
46 KiB
| 1 | Term | Description |
|---|---|---|
| 2 | 1TR | One True Recovery; booting into macOS recovery on Apple Silicon by holding the power button to verify physical presence; enables interaction with SEP to change Boot Policy |
| 3 | AA | Apple account |
| 4 | AAC | Automatic Assessment Configuration; AutomaticAssessmentConfiguration.framework; puts device in a locked mode for exam-style test applications |
| 5 | AAT | Apple Advanced Typography; font format and rendering engine |
| 6 | Accounts | launchd service: com.apple.accountsd; /System/Library/Accounts |
| 7 | ACDE | Apple Connect Device External? ACDEClient.framework, old two-step verification, derived from a company-internal AppleConnect system? server: appleconnect.apple.com |
| 8 | ACFS | Apple Clustered File System; deprecated file system for Xsan; acfs.framework |
| 9 | Acoustic ID | Siri feature to recognize songs |
| 10 | Activation | cryptographic check-in with iCloud to lock devices reported by the user as lost; verified by iBoot; MobileActivationMacOS.framework; launchd service: com.apple.mobileactivationd; servers: humb.apple.com, albert.apple.com |
| 11 | Activity | jobs, coarse-grained work units of applications; tracked by the system across XPC, bears a QoS class for scheduling; low-level mechanism not to be confused with User Activity |
| 12 | AE | Apple Events; messaging system to invoke application functionality; CoreServices.framework/AE.framework; launchd services: com.apple.coreservices.appleevents, com.apple.AEServer (AE over network) |
| 13 | AEA | Apple Encrypted Archive; command line tool: aea |
| 14 | AGC | Apple Graphics Control, management of multiple displays and display port connections; launchd service: com.apple.displaypolicyd |
| 15 | AIR | Apple Intermediate Representation; synthetic bytecode architecture target for GPU binary toolchain |
| 16 | ALF | Application-Level Firewall, launchd service: com.apple.alf (socketfilterfw) |
| 17 | Alloy | substrate for communication between user devices over Bluetooth and devices to iCloud, implemented over IDS; /System/Library/IdentityServices/ServiceDefinitions; launchd service: com.apple.identityservicesd |
| 18 | ALS | Ambient Light Sensor, AmbientDisplay.framework |
| 19 | Amber | Swift UI; SwiftUI.framework |
| 20 | AMFI | Apple Mobile File Integrity, checks code integrity based on code signature, stronger enforcement with hardened runtime, validates entitlement restrictions; launchd service: com.apple.MobileFileIntegrity (amfid, invoked by kernel through host special port 18); disabled by setting amfi_get_out_of_my_way=0x1 in boot-args |
| 21 | AMP | Apple Media Protocol? former parts of iTunes for iPod and iOS device access in Finder, Home Sharing; AMPDevices.framework, AMPSharing.framework; launchd services: com.apple.AMPDeviceDiscoveryAgent, com.apple.AMPDevicesAgent, com.apple.amp.mediasharingd |
| 22 | AMP | Asynchronous Multiprocessing; performance and power-efficiency cores on Apple Silicon |
| 23 | AMS | Apple Media Services; formerly the iTunes stores and media services: App Stores, Apple Music, Apple TV, iCloud media library, Apple Podcasts, Podcast sync, Books Store, Books sync; AppleMediaServices.framework; server: phobos.apple.com |
| 24 | AMX | Apple Matrix Extension; ARM instruction set extension for matrix operations |
| 25 | Anisette | two-factor authentication creates security codes on trusted devices using TOTP, probably using Circle keys, checked by HSA; AuthKit.framework; launchd service: com.apple.akd |
| 26 | AOP | Always On Processor, part of Apple SoCs, runs RTKit as operating system |
| 27 | AOS | Apple Online Services? historical name for iCloud |
| 28 | Apache | built-in web server; command line tool: apachectl |
| 29 | APFS | Apple File System; copy-on-write file system with support for volume space-sharing, per-file encryption, and snapshots |
| 30 | APNS | Apple Push Notification service, server infrastructure for remote push notifications over a single connection, clients subscribe to push topics, can be authenticated by app (remote notifications), device (Find My …), or Apple ID login (DSID); credentials in apsd keychain; launchd service: com.apple.apsd; server: push.apple.com |
| 31 | App Nap | quiescence detection for applications and corresponding self-demotion in scheduler parameters, implemented within application frameworks and RunningBoard, listens for occlusion notifications from WindowServer |
| 32 | App Sandbox | Seatbelt-based sandbox for apps; /System/Library/Sandbox/Profiles/application.sb; enabled with com.apple.security.app-sandbox entitlement; launchd service: com.apple.secinitd |
| 33 | AppleCare | extended warranty; NewDeviceOutreach.framework; launchd service: com.apple.ndoagent |
| 34 | APT | Adaptive Picture Timing? ProMotion; dynamic screen updates with 120Hz base frequency; AppleDisplayTCONControl.framework |
| 35 | ASL | Apple System Logger, superseded by Unified Logging; /etc/asl; stored in /var/log/asl; launchd service: com.apple.syslogd; command line tool: syslog |
| 36 | ASR | Apple Software Restore; restore entire volumes from sources like disk images (HDI, SIU), also restores based on APFS snapshots and snapshot deltas; command line tool: asr |
| 37 | Assertions | power state management allowing applications to prevent sleeping; launchd service: com.apple.powerd; command line tools: caffeinate, pmset |
| 38 | Assessment | checking of System Policy; term also used for AAC |
| 39 | Asset Cache | discretionary caching server for Mobile Assets, Packages, iOS updates, App Store content, ODR, MMCS data; launchd services: com.apple.AssetCache.builtin, com.apple.AssetCacheLocatorService, com.apple.AssetCacheManagerService, com.apple.AssetCacheTetheratorService; command line tools: AssetCacheLocatorUtil, AssetCacheManagerUtil, AssetCacheTetheratorUtil |
| 40 | Assistant | Siri; dictation and semantic understanding, Intent is communicated to and enacted on the client, uses TTS; /System/Library/Assistant, AssistantServices.framework; server: *.siri.apple.com |
| 41 | ATS | App Transport Security, sandbox mechanism only allowing TLS-secured connections |
| 42 | ATSUI | Apple Type Services for Unicode Imaging; rendering engine superseded by CoreText.framework, font management; ApplicationServices.framework/ATS.framework; launchd service: com.apple.xtyped (fontd); command line tools: atsutil |
| 43 | ATT | App Tracking Transparency; apps declare user tracking on app store |
| 44 | Attestation | cryptographic proof of a genuine SEP; used for web authentication and app attestation; DeviceCheck.framework; online service signs a GID-based challenge response? used to pair RemoteXPC channel? stripped down variant used to securely identify Touch ID keyboards |
| 45 | Authorization | discretionary access control policies for high-level services; similar to PAM; policy stored in /var/db/auth.db |
| 46 | Avatar | Memoji and Animoji (face tracking); AvatarKit.framework |
| 47 | AVB | Audio Video Bridging, low-latency audio over Ethernet; launchd service: com.apple.avbdeviced; command line tool: avbdiagnose, avbutil |
| 48 | AWD | Apple Wireless Diagnostics, sends system telemetry to Apple; CoreAnalytics.framework, WirelessDiagnostics.framework; launchd services: com.apple.awdd, com.apple.analyticsd |
| 49 | AWDL | Apple Wireless Direct Link; secondary WiFi interface that runs in parallel to an active WiFi access point connection, similar to WiFi Direct (p2p interface), uses a randomized MAC, used for peer-to-peer networking: AirDrop, AirPlay; DeviceToDeviceManager.framework |
| 50 | Bezel | on-screen overlays for hardware volume buttons, screen brightness, Bluetooth HID, and others; /Library/Application Support/Apple/BezelServices, launchd services: com.apple.loginwindow, com.apple.OSDUIHelper |
| 51 | Biome | CloudKit-based datastream and sync engine; BiomeStreams.framework, BiomeSync.framework; launchd services: com.apple.BiomeAgent, com.apple.biomesyncd |
| 52 | Blast Door | sandboxed sanitization process for untrusted iMessage input; BlastDoor.framework |
| 53 | BOM | Bill of Materials; format to store contents of installer Packages; command line tool: lsbom |
| 54 | Bonjour | mDNS; launchd service: com.apple.mDNSResponder.reloaded; command line tool: dns-sd |
| 55 | Boot Cache | disk cache pre-heating at boot time with typically loaded applications; /var/db/BootCaches; launchd service: com.apple.warmd |
| 56 | Boot Policy | decides by signature check which OSes can be booted, boot-time equivalent for System Policy; LocalPolicy stores user settings, configurable from 1TR, stored by SEP, enforced by iBoot; command line tools: bputil, kmutil (to enroll custom kernels) |
| 57 | BPR | Boot Progress Register; set-only flags to track boot mode (normal, DFU, recovery), part of Keybag class key derivation within SEP, so passcode-protected keys are inaccessible in DFU and recovery |
| 58 | Bridge | T2 ARM CPU in Intel Macs to drive Touch Bar and Boot Policy; runs bridgeOS, a derivative of watchOS; boots the platform and the Intel CPU, communication from macOS uses RemoteXPC; launchd service: com.apple.multiversed; /System/Library/MultiversePlugins |
| 59 | Brook | hand washing encouragement on watch; BrookServices.framework |
| 60 | Bulletin Board | application push notification management, aggregates local and remote push notifications; BulletinBoard.framework |
| 61 | Cache Delete | cleanup for various caches; /System/Library/CacheDelete; launchd service: com.apple.cache_delete (deleted) |
| 62 | CAML | Core Animation Markup Language; XML file format for layers, shapes and animations |
| 63 | Carousel | derivative of SpringBoard for Watch home screen, watch face, and notification center |
| 64 | Celestial | media streaming used by ReplayKit for game broadcasts; Celestial.framework |
| 65 | Certificates | validity checked using CRLs, OCSP stapling, and transparency logs; /System/Library/Security/Certificates.bundle; launchd services: com.apple.trustd, com.apple.trustd.agent, com.apple.ocspd; command line tool: crlrefresh |
| 66 | Circle | cryptographic primitive to exchange public keys of all trusted devices of one user, signed by all Circle peers; iCloud identity keypair as an additional Circle peer, triggers countersigning from all trusted devices, private key synced across all trusted devices, new devices can pull this key from Secure Backup to join the Circle; used by CKKS; KeychainCircle.framework; command line tools: tpctl, otctl (Octagon trust is newer?) |
| 67 | CKKS | CloudKit Key Sync, end-to-end secure syncing for credentials, seeded by Circle, transferred items stored ephemerally using OTR protocol; currently includes ApplePay, AutoUnlock, CreditCards, DevicePairing, Engram, Health, Home, Manatee, SOS, WiFi and other keys; launchd service: com.apple.secd; command line tool: ckksctl |
| 68 | Classroom | launchd service: com.apple.studentd |
| 69 | Cloud Pairing | part of Alloy, Bluetooth out-of-band pairing over iCloud for Continuity; launchd service: com.apple.BTServer.cloudpairing (cloudpaird) |
| 70 | CMAS | Commerial Mobile Alert System, now known as Wireless Emergency Alerts (WEA) |
| 71 | Commpage | user-mapped kernel data, like vdso/vsyscall on Linux; mapped at 0x7fffffe00000 |
| 72 | Communications Filter | recipient blocking for iMessage, FaceTime, Mail; launchd service: com.apple.cmfsyncagent |
| 73 | Companion | iPhone that is paired with Watch; communication uses Alloy over IPsec over Bluetooth |
| 74 | Continuity | umbrella term for Handoff, Sidecar, SMS relay, Universal Clipboard, Watch unlock, WiFi call relay and others; SMS relay works by proxying to iMessage, other services use Alloy |
| 75 | Control Center | icons in menu/status bar and Bento Box controls UI, gradually replaces SystemUIServer on macOS; handles incoming AirPlay content; launchd services: com.apple.controlcenter, com.apple.SystemUIServer.agent |
| 76 | CPML | CorePrediction Machine Learning; CPMLBestShim.framework |
| 77 | CRD | Conference Room Display; Apple TV mode |
| 78 | CTK | Crypto Token Kit; smart card management, also for the Secure Element on iOS? launchd service: com.apple.ctkd; command line tool: sc_auth |
| 79 | CTS | Centralized Task Scheduling; execution of DAS tasks; /System/Library/UserEventPlugins/com.apple.cts.plugin |
| 80 | CVMS | Core VM Server/Service? compilation of GPU shaders; launchd service: com.apple.cvmsServ |
| 81 | DAAP | Digital Audio Access Protocol; used by Home Sharing (with Rapport token) and by the Remote app to control Apple TV (with pairing token); payload unencrypted; DAAPKit.framework; Bonjour services: _atc._tcp, _home-sharing._tcp, _mediaremotetv._tcp, _touch-able._tcp |
| 82 | Daily Briefing | Siri giving an overview of information for the day; SiriDailyBriefingInternal.framework |
| 83 | DART | DMA Address Relocation Table; IOMMU implementation in Apple silicon, positioned in front of peripheral devices, offers sub-page protection; SART: streaming variant for high-throughput devices (like NVMe) |
| 84 | DAS | Duet Activity Scheduler; scheduling policy engine behind NSBackgroundActivityScheduler and XPC activities; /System/Library/DuetActivityScheduler; launchd service: com.apple.dasd |
| 85 | Data Detectors | text analysis to highlight phone numbers, street addresses, and the like; DataDetectors.framework |
| 86 | Data Vault | directories with the UF_DATAVAULT special flag; CSR limits access to one application |
| 87 | DAV | Distributed Authoring and Versioning; network protocol on top of HTTP for syncing calendars (CalDAV), contacts (CardDAV), and formerly also bookmarks (BookmarkDAV) |
| 88 | DEP | Device Enrollment Program; devices check in with Apple during Setup Assistant to query for their enrollment status, retrieve MDM server URL to fetch initial configuration profile |
| 89 | DFR | Dynamic Function Row?, TouchBar; /System/Library/CoreServices/ControlStrip.app; DFRFoundation.framework |
| 90 | DFU | Device Firmware Update; special boot mode where iOS has not booted and the system can be installed over the Lightning connection |
| 91 | Differential Privacy | crowdsourcing without user tracking; privacy budget for management of anonymity set; used for keyboard words, emoji, Spotlight searches, Parsec deep links, HealthKit usage, Safari telemetry; /System/Library/DifferentialPrivacy; stored in /var/db/DifferentialPrivacy; launchd service: com.apple.dprivacyd |
| 92 | DND | Do Not Disturb |
| 93 | Domain Association | signed files in .well-known directory on websites; equivalent to Entitlements for websites |
| 94 | DSID | Destination Signaling Identifier, unique ID for IDS login on a specific device |
| 95 | DTrace | system-wide tracing infrastructure, command line tools: dtrace, *.d, dappprof, dapptrace, dtruss, errinfo, execsnoop, fddist, fs_usage, imptrace, iopattern, iopending, iosnoop, iotop, lastwords, latency, opensnoop, plockstat, rwsnoop, sampleproc, sc_usage, topsyscall, topsysproc |
| 96 | Duet | telemetry collection engine for system and user events, forecasting by machine learning, backend for DAS, Proactive, Relevance, Screen Time, thermal and battery management; /System/Library/DuetKnowledgeBase; CoreDuet.framework, CoreKnowledge.framework, CorePrediction.framework; launchd services: com.apple.coreduetd, com.apple.knowledge-agent |
| 97 | Dyld Shared Cache | dynamic linker cache, stores all system libraries in prelinked form, original library files are removed; /System/Library/dyld; command line tool: update_dyld_shared_cache |
| 98 | EAS | Exchange Active Sync; network protocol for accessing Microsoft Exchange servers |
| 99 | EDR | Extended Dynamic Range; rendering with transfer function extending beyond sRGB white; implemented natively on XDR displays and by backlight modulation on others; HDRProcessing.framework |
| 100 | Energy Impact | unitless metric for per-application energy consumption, machine-specific coefficients; /usr/share/pmenergy, /usr/share/kpep; launchd services: com.apple.sysmond, com.apple.thermald; command line tool: powermetrics |
| 101 | Engram | Messages in iCloud; devices store received iMessages in CloudKit; Engram.framework |
| 102 | Entitlements | capability-like attributes bound to executables by code signing; some entitlements like App Sandbox restrict ambient authority, some gradually relieve those restrictions (using Seatbelt), some services or system calls grant privilege based on caller entitlements |
| 103 | ESS | IDS user directory, public key distribution for iMessage and CloudKit sharing, uses Transparency; server: *.ess.apple.com; launchd service: com.apple.identityservicesd |
| 104 | Event Monitor | simple rules engine for running commands on various systen events; apparently not used by default; /etc/emond.d, /var/db/emondClients; launchd service: com.apple.emond |
| 105 | FaceTime | video calls, employs the ICE (establishing peer-to-peer connection), STUN (session credential exchange) and SRTP (encrypted media streaming) protocols; FTServices.framework; launchd services: com.apple.videoconference.camera (avconferenced) |
| 106 | FairPlay | DRM system used by app and media stores; CoreADI.framework, CoreFP.framework, CoreLSKD.framework; launchd services: com.apple.adid, com.apple.fairplayd (invoked by kernel through host special port 17), com.apple.lskdd; credentials stored in /var/db/fpsd |
| 107 | Family Circle | Family Sharing; launchd services: com.apple.familycircled, com.apple.askpermissiond |
| 108 | FDE | Full Disk Encryption, FileVault; command line tool: fdesetup, sysadminctl |
| 109 | FDR | Factory Data/Device Reset? ensures that no downgrades are performed? servers: skl.apple.com, gg.apple.com; /System/Library/FDR |
| 110 | Feldspar | Apple News; Silex.framework |
| 111 | FiDES | Fi? Distributed Evaluation Service? aggregates Differential Privacy data for unlinkability? maybe private federated learning? used for emoji, Suggestions, Dictation; /System/Library/DistributedEvaluation; DistributedEvaluation.framework; server: fides-pol.apple.com |
| 112 | Find My … | location sharing by explicitly querying devices remotely or collateral beacon detection using Search Party; FMCore.framework, FMF.framework; launchd service: com.apple.icloud.fmfd (find my friends) |
| 113 | Firmlink | bi-directional non-symbolic link between the read-only system volume and the data volume, additional symlinks and mountpoints in the root directory are virtually allocated; /usr/share/firmlinks, /etc/synthetic.conf |
| 114 | Focus | restriction modes for notification presentation; Focus.framework, DoNotDisturb.framework; local settings in ~/Library/DoNotDisturb |
| 115 | FollowUp | user interaction for Secure Backup wrapping with device passcode, CoreFollowUp.framework; launchd service: com.apple.followupd |
| 116 | FoundationDB | fundamental iCloud storage database, marketed as CloudKit, separated into containers; records, blobs, and large asset storage with MMCS, server-side continuous queries can trigger push notifications, user management by IDS, sharing between users; PCS keys used for hierarchical zone, record, and asset encryption; CloudKitDaemon.framework; launchd service: com.apple.cloudd; locally stored in ~/Library/Caches/CloudKit, ~/Library/Containers/*/Data/CloudKit; command line tool: cktool |
| 117 | FPR | Fast Permission Restrictions; Apple CPU registers to downgrade (old APRRs do bitmasking) or remap (SPRRs since M1) actual permissions of memory pages per thread; used for JIT protection and by AMFI to freeze user code after checking |
| 118 | FUD | Firmware Update Daemon; /var/db/fud; launchd service: com.apple.MobileAccessoryUpdater |
| 119 | GID | group ID key, shared across all devices of the same SoC generation, derived keys are used to prove device type over the network, only accessible by SEP |
| 120 | Gizmo | Apple Watch; watch settings managed by Companion; /Applications/Bridge.app, /System/Library/BridgeManifests |
| 121 | Group Activities | SharePlay; sharing of media content and programmatic state over FaceTime calls; GroupActivities.framework, CopresenceCore.framework; launchd service: com.apple.telephonyutilities.callservicesd |
| 122 | GSS | Generic Security Service; part of Kerberos; GSS.framework; launchd service: com.apple.gssd (invoked by kernel through host special port 19); command line tool: gsstool |
| 123 | GXF | Guarded Execution Feature/Fault, additional exception levels on Apple Silicon, lateral to the usual exception levels; page tables remain the same, but interpretation of permission bits changes by way of FPR, genter and gexit instructions; implements lightweight intra-address-space protection contexts |
| 124 | HAP | Home Automation Protocol; CoreHAP.framework |
| 125 | HDA | High Definition Audio; HDAInterface.framework |
| 126 | HDI | Hard Disk Image; command line tool: hdiutil |
| 127 | HeadBoard | derivative of SpringBoard for tvOS home screen; /Applications/HeadBoard.app, /Applications/PineBoard.app |
| 128 | HLS | HTTP Live Streaming |
| 129 | HSA | Hardware Security Architecture; version 1 used for two-step verification, SOS with iCSC; version 2 for two-factor authentication, CKKS and Secure Backup with iCDP |
| 130 | HSM | Hardware Security Module; HSM fleet runs escrow service for Secure Backup; public keys for authenticating the HSM services in /System/Library/Security/Certificates.bundle/Contents/Resources/AppleESCertificates.plist |
| 131 | Hyperion | iCloud Photos, uses CloudKit; launchd service: com.apple.cloudphotod; command line tool: cpldiagnose |
| 132 | IAP | iPod Accessory Protocol; IAP.framework |
| 133 | iBoot | boot loader stage after boot ROM or UEFI (macOS on Intel); intermediate Low-Level Bootloader (LLB); DFU mode is implemented here; /System/Library/CoreServices/boot.efi |
| 134 | iCDP | iCloud Data Protection, codename for a set of enhancements to iCloud privacy: device passcodes used as iCSC for Secure Backup, root keys for CKKS-enabled services only synced between devices and not stored at Apple; launchd service: com.apple.cdpd |
| 135 | iCloud | umbrella term for a conglomerate of services, consists of FoundationDB containers with PCS views for key management, supported by CKKS; uses IDS and APNS; some services under the iCloud name are actually served by AMS, IMAP, or DAV |
| 136 | iCSC | iCloud Security Code, credential wrapping for Secure Backup, previously used a separate code, with HSA2/iCDP uses device passcodes |
| 137 | IDAM | Inter-Device Audio and MIDI; audio connection between devices |
| 138 | IDS | Identity Service, also IDMS, Apple ID identity management for all of Apple’s online services; APNS topics for signaling and messaging, see also Alloy, ESS, FaceTime, iMessage; authentication to services with Kerberos |
| 139 | IM | Instant Messaging; usually means iMessage and FaceTime |
| 140 | IMG4 | boot files (Mach-O binaries or configuration data) with ASN.1 signature, contains RemotePolicy certificate constraints to restrict Boot Policy evaluation |
| 141 | Intent | use-case-driven interaction with 3rd-party apps from a host app; used for Siri, Maps, Widgets (configuration); extension points: com.apple.intents-service, com.apple.intents-ui-service |
| 142 | IOKit | device driver subsystem for in-kernel and DriverKit drivers, command line tool: ioreg |
| 143 | Ironwood | dictation, customized on server with selected user data (contacts, app names, music titles, HomeKit names, Siri Shortcut phrases), not tied to Apple ID; SpeechRecognitionCore.framework; server: guzzoni.apple.com |
| 144 | ISP | Image Signal Processor; camera imaging circuit in iPhones |
| 145 | ITML | iTunes Markup Language; metdata tagging for media services; ITMLKit.framework |
| 146 | ITP | Intelligent Tracking Prevention, cross-site tracking defenses in Safari, statistics and user interaction classify sites, cookies are partitioned and access is restricted |
| 147 | JARVIS | Just A Rather Very Intelligent Scheduler, Mesos cluster manager for Siri, iCloud, AMS |
| 148 | Jellyfish | Animoji |
| 149 | Jetsam | reclaiming of purgeable memory and termination of apps during memory pressure |
| 150 | JSC | JavaScript Core; JavaScriptCore.framework; command line tool: jsc |
| 151 | Kalamata | codename for the transition from x86 to ARM-based Apple Silicon |
| 152 | Kerberos | single-sign-on mechanism; Heimdal.framework; command line tools: kinit, ktutil |
| 153 | Kext | kernel extension mechanism, loaded at boot time as part of a Kext Collection; /Library/Extensions, /Library/StagedExtensions (for user approval), /System/Library/Extensions; command line tool: kextutil (manages deprecated runtime loading) |
| 154 | Kext Collection | prelinked sets of kernel extensions; /System/Library/KernelCollections (for boot and system kexts), /Library/KernelCollections (for auxiliary third-party kexts); the latter is only loaded at a lower-security Boot Policy; launchd service: com.apple.kernelmanagerd (invoked by kernel through host special port 15); command line tool: kmutil |
| 155 | Keybag | storage of protection class keys for Keychain and filesystem, protected by SEP using SKP; stored in user.kb; launchd services: com.apple.mobile.keybagd, com.apple.securityd_service, com.apple.secd |
| 156 | Keychain | storage for credentials; launchd service: com.apple.securityd; command line tools: certtool, security, systemkeychain |
| 157 | KIP | Kernel Integrity Protection, locking of physical memory pages to prevent changes to kernel |
| 158 | Launch Services | management for application launches, association of UTIs to apps, uses Spotlight to update cached info; launchd services: com.apple.coreservices.launchservicesd, com.apple.lsd; CoreServices.framework/LaunchServices.framework; command line tools: lsappinfo, lsregister |
| 159 | Liverpool | PCS codename for CloudKit |
| 160 | LKDC | Local Key Distribution Center, Kerberos on client machines |
| 161 | LSM | Latent Semantic Mapping, text analysis, used for spam filtering, command line tool: lsm |
| 162 | Mac Buddy | historic name for Setup Assistant |
| 163 | MAC Policy | Mandatory Access Control subsystem in XNU, based on TrustedBSD, implements policy hooks for restricted kernel operations; current policies: AMFI, Seatbelt, Quarantine, CSR |
| 164 | Machine Learning | Vision.framework, Espresso.framework, Futhark.framework, PhotoAnalysis.framework |
| 165 | Madrid | iMessage; /System/Library/Messages |
| 166 | Manatee | PCS key for some CloudKit containers are synced via CKKS, so data is unreadable to Apple (credential management codenames: Plesio, Stingray, Cuttlefish) |
| 167 | Mangrove | transfering UI tiles over XPC; Mangrove.framework, IOSurface.framework |
| 168 | Marco | Marco.framework, something about IDS and communication (iMessage, Calls), logging? |
| 169 | Marklar | codename from the PowerPC era for the port to x86, served the transition to Intel CPUs |
| 170 | Marzipan | Catalyst; port of iOS frameworks to macOS, Catalyst apps are iOS apps with additional API to adapt macOS UI idioms; /System/iOSSupport; integration using UIKit system process; launchd service: com.apple.uikitsystemapp; input remapping by /Library/Apple/Library/Bundles/InputAlternatives.bundle |
| 171 | MCX | Managed Client for OS X, preference management for settings from configuration profiles, /Library/Managed Preferences, command line tools: mcxquery, mcxrefresh |
| 172 | MDM | Mobile Device Management; server software to manage fleets of iOS and macOS devices; uses configuration profiles to manage preferences; ConfigurationProfiles.framework |
| 173 | MDS | Module Directory Services, ancient part of the old security APIs (CSDA, CSSM) |
| 174 | Memory Debugging | uses Taskport; command line tools: heap, leaks, malloc_history, stringdups, vmmap |
| 175 | Mesa | Touch ID; /Library/Catacomb; /var/db/bkad.db |
| 176 | Metadata | Spotlight; file indexing on macOS; CoreServices.framework/Metadata.framework, CoreServices.framework/SearchKit.framework; stored in .Spotlight-V100; launchd service: com.apple.metadata.mds; command line tools: mddiagnose, mdfind, mdimport, mdls, mdutil; in addition to auto-indexing, apps can explicitly register searchable items; CoreSpotlight.framework; launchd service: com.apple.corespotlightd |
| 177 | MMCS | MobileMe Chunk Storage, used by iCloud, splits blobs into chunks and stores them at Apple/AWS/GCP with convergent encryption (content hash as key); MMCS.framework |
| 178 | Mobile | prefix for iOS |
| 179 | Mobile Assets | demand-downloaded system components like fonts, dictionaries, linguistic data; stored in /System/Library/Assets; launchd services: com.apple.languageassetd (language-dependent assets), com.apple.mobileassetd; server: mesu.apple.com |
| 180 | Mobile Device | connectivity to iOS devices over USB or WiFi (AirTrafficHost) for syning, development, and debugging; MobileDevice.framework; launchd service: com.apple.usbmuxd; Bonjour service: _apple-mobdev2._tcp |
| 181 | MOC | Managed Object Context; Core Data object space |
| 182 | Mondrian | photo collage arrangement in Photos.app; Mondrian.framework |
| 183 | MRT | Malware Removal Tool; /Library/Apple/System/Library/CoreServices/MRT.app |
| 184 | Multipeer Connectivity | ad-hoc networking; Bonjour for discovery; WiFi, AWDL, Bluetooth, or Ethernet as transport; optional encryption and certificate-based authentication; MultipeerConnectivity.framework |
| 185 | Nano | prefix for watchOS |
| 186 | Neural Engine | hardware accelerator for neural network operations; ANECompiler.framework, ANEServices.framework; launchd service: com.apple.aned |
| 187 | Newton | fall detection on watchOS |
| 188 | NLP | Natural Language Processing; NLP.framework; related to mecabra libraries, a linguistic engine for Chinese and Japanese; /usr/share/mecabra, /usr/share/tokenizer |
| 189 | Notarization | app security scan by Apple; cryptographic proof stapled to code signature, tested at launch by System Policy; for non-notarized apps sends code hash to Apple; command line tools: altool, notarytool, stapler |
| 190 | Noticeboard | User Notifications for Software Update and App Store, Noticeboard.framework; launchd services: com.apple.noticeboard.state (nbstated), com.apple.noticeboard.agent (nbagent) |
| 191 | Notifications | system notification bus, unrelated to the local/remote push notifications; launchd service: com.apple.notifyd, com.apple.kuncd (invoked by kernel through host special port 10); command line tool: notifyutil; complemented by framework-level notification system (CFNotification, NSNotification); launchd services: com.apple.distnoted.xpc.daemon, com.apple.distnoted.xpc.agent |
| 192 | NSP | Network Service Proxy; per-app VPN and proxy settings, implements Private Relay; launchd service: com.apple.networkserviceproxy |
| 193 | OAH | Rosetta; /usr/libexec/rosetta |
| 194 | ODR | On-Demand Resources; loaded from App Store; launchd service: com.apple.appstored |
| 195 | Onboarding | data protection splash screen shown by service-connected apps; /System/Library/OnBoardingBundles; OnBoardingKit.framework |
| 196 | Open Directory | directory service for user, group, and machine management; plugin-based to use different backend stores (LDAP, Active Directory), local accounts in /private/var/db/dslocal; launchd service: com.apple.opendirectoryd; command line tools: dscacheutil, dscl, dsconfigad, dsconfigldap, dseditgroup, dsenableroot, dserr, dsexport, dsimport, dsmemberutil, odutil |
| 197 | Opus | create slide shows from photos; Slideshows.framework |
| 198 | OSA | Open Scripting Architecture; scripting of applications from different fontend languages (currently AppleScript and JavaScript); backed by Apple Events; command line tools: osacompile, osadecompile, osalang, osascript, sdef, sdp |
| 199 | OTUT | One-Time Unlock Token; security mechanism to allow keybag unwrapping after updates |
| 200 | PAC | Pointer Authentication Codes; pointers signed in unused bits to prevent ROP attacks |
| 201 | Packages | unit of software installation; command line tools: pkgutil, installer, softwareupdate; launchd services: com.apple.softwareupdated, com.apple.bootinstalld, com.apple.installd, com.apple.system_installd, com.apple.uninstalld; /var/db/softwareupdate, /Library/Apple/System/Library/Receipts (system), /System/Library/Receipts (read-only), /private/var/db/receipts (App Store) |
| 202 | Parsec | Spotlight web results and searching of crowdsourced User Activity deep links; server: *.smoot.apple.com; launchd services: com.apple.parsecd, com.apple.parsec-fbf (Feedback Flush to Differential Privacy) |
| 203 | Password Breach | monitoring of Keychain passwords against a breach database; round-robin matching in fixed-size batches, local match against common leaks, remote match using hash prefix; launchd service: com.apple.Safari.passwordbreachd |
| 204 | Pasteboard | storage for cut, copy, and paste; type of content remembered as UTI; launchd service: com.apple.pboard; command line tools: pbcopy, pbpaste |
| 205 | PCS | Protected Cloud Storage; key management for separate iCloud storage compartments (PCS calls them views), each can contain FoundationDB plus bulk data stored by MMCS; see also iCDP, CKKS, Manatee; ProtectedCloudStorage.framework; /System/Library/Preferences/ProtectedCloudStorage; command line tool: pcsstatus |
| 206 | PCSC | Personal Computer Smart Card; PCSC.framework, uses CTK |
| 207 | PDE | Print Dialog Extension; old name, not a proper Extension |
| 208 | Pegasus | picture-in-picture video playback; Pegasus.framework (iOS), PIP.framework (macOS) |
| 209 | Pepper | UI elements for Watch home screen and Chat, like Quickboard (canned replies), Animoji; PepperUICore.framework |
| 210 | Persona | separation of sub-user-identities, like when using a private and managed Apple account; PersonaKit.framework; ~/Library/Personas; /System/Library/UserManagement; command line tool: umtool |
| 211 | PHASE | spatial audio processing; PHASE.framework |
| 212 | Piano Mover | Mail Drop; bulk mail attachments transfered over PCS; not to be confused with storage for iMessage attachments, which uses a CloudKit container |
| 213 | Plugin | Extensions, XPC services bundled with apps or frameworks, discovery by Launch Services; launchd service: com.apple.pluginkit.pkd; command line tool: pluginkit |
| 214 | PMP | Port Mapping Protocol; Apple alternative to UPnP, Bonjour service: _acp-sync._tcp |
| 215 | PowerUI | battery management like smart charge and power save, learns from Duet and other data; PowerUI.framework; /var/db/PowerUI; launchd service: com.apple.PowerUIAgent |
| 216 | Preferences | storage for user-configurable settings; launchd services: com.apple.cfprefsd.xpc.daemon, com.apple.cfprefsd.xpc.agent; stored in Library/Preferences, command line tool: defaults; interaction with Synced Defaults per /System/Library/DefaultsConfigurations |
| 217 | Private Relay | two-hop onion routing with one entry and one exit node; Apple operates entry, third-party services operate exit nodes; approximate IP geolocation via Waldo |
| 218 | Proactive | umbrella term for suggestions and completions based on Duet forecasting and User Activity context, also marketed as Siri features; PersonalizationPortrait.framework |
| 219 | QoS Classes | inheritable property for Activities; semantic priorities, influences scheduling parameters; initially set at user-level, priority inheritance within GCD queues and across XPC in kernel? |
| 220 | Quagga | framework for QR and barcode decoding; Quagga.framework |
| 221 | Quick Action | extension type for quick interaction with foreign content within a host app; extension points: com.apple.services, com.apple.ui-services |
| 222 | Quick Look | file preview and thumbnail generation; comand line tool: qlmanage |
| 223 | RAOP | Remote Audio Output Protocol, AirPlay; Bonjour service: _raop._tcp |
| 224 | Rapport | device pairing by proximity using Alloy, with PIN entry, or using iCloud; once paired, devices can access services; used for HomeKit, HomePod, AirPlay, Home Sharing, SideCar; Rapport.framework; launchd service: com.apple.rapportd; Bonjour service: _companion-link._tcp |
| 225 | Recents | recently used items (not files) in various applications, synced with Synced Defaults; CoreRecents.framework, /System/Library/Recents; launchd service: com.apple.recentsd |
| 226 | Relevance Engine | backend for Siri suggestions (for example of Siri Shortcuts), Widget smart stacks (also Siri watch face); consumes Duet knowledge and app-provided timelines with relevance hints; /System/Library/RelevanceEngine; launchd service: com.apple.relevanced |
| 227 | RemoteXPC | connection to a non-SoC-integrated SEP like Bridge; uses HTTP/2 over a network interface, Bridge connected over USB, secured using Attestation; RemoteServiceDiscovery.framework, TrustedAccessory.framework; launchd service: com.apple.remoted, com.apple.tracd; command line tool: remotectl |
| 228 | Revisions | document autosave and auto-versioning; stored in .DocumentRevisions-V100; GenerationalStorage.framework; launchd service: com.apple.revisiond |
| 229 | Routine | frequently visited locations on iOS, interacts with Duet; launchd service: com.apple.routined |
| 230 | RTC | Real-time Telemetry and Crash reporting; RTCReporting.framework; launchd service: com.apple.rtcreportingd |
| 231 | RunningBoard | runtime management of apps, paradigm: app as service process invoked by system, check-in by frameworks, handles process assertions (frontmost app, see App Nap), memory pressure (see Jetsam) and compute resources (GPU), replacement for TAL?; launchd service: com.apple.runningboardd; /System/Library/LifecyclePolicy, /System/Library/RunningBoard |
| 232 | SBPL | Sandbox Profile Language; a TinyScheme-based embedded DSL for Seatbelt profiles |
| 233 | SCIP | System Coprocessor Integrity Protection; like KIP, but for SEP, ISP, Motion coprocessor |
| 234 | Screen Reader | VoiceOver and Braille; /System/Library/ScreenReader; ScreenReader.framework |
| 235 | Screen Time | digital wellbeing and parental controls system, uses Device Management as policy engine, self-enforced within the application by frameworks; DeviceActivity.framework, ManagedSettings.framework, FamilyControls.framework; launchd services: com.apple.ScreenTimeAgent, com.apple.dmd |
| 236 | SDB | SQL Database; CoreSDB.framework, used by iCloud communication |
| 237 | Search Party | portion of Find My service for offline devices; devices emit public part of rotating key pair via Bluetooth LE, other devices encrypt current location with this key and send to Apple, private key shared over CloudKit |
| 238 | Seatbelt | process sandbox by filtering system calls; profiles written in SBPL; /System/Library/Sandbox/Profiles, /usr/share/sandbox; default file access policy asks for TCC confirmation before access to folders with user data (like Documents) is allowed; command line tool: sandbox-exec; launchd service: com.apple.sandboxd (invoked by kernel through host special port 14 for logging) |
| 239 | Secure Backup | escrow part of CKKS; escrow key individually wrapped with passcodes of trusted devices, stored in HSM to prevent brute forcing, uses SRP so passcodes are not visible to iCloud, limited number of recovery attempts; protocol called Lakitu, uses FollowUp; launchd service: com.apple.SecureBackupDaemon (com.apple.sbd); CloudServices.framework |
| 240 | SEP | Secure Enclave Processor; dedicated ARM core for security services, runs L4/Darbat-based sepOS, inline encryption to DRAM, manages AES keys in storage DMA engine, factory-paired channels to Touch ID/Face ID hardware, Secure Element, Neural Engine; SEP can use but not read UID and GID keys; credential verification performed by hardware lockbox with retry count enforcement |
| 241 | Seymour | Apple Fitness+; workout videos integrated with Watch sensors; SeymourCore.framework |
| 242 | Sharing | umbrella term for wireless proximity services: AirDrop, Continuity, Instant Hotspot, WiFi sharing; used by loginwindow for Watch unlock; Sharing.framework; launchd service: com.apple.sharingd; also serves connection sharing and remote disk |
| 243 | Shazam | music recognition service; ShazamKit.framework; launchd service: com.apple.shazamd |
| 244 | Shoebox | Passbook |
| 245 | Sidecar | using iPhone/iPad as Mac accessory: camera for photos and scanning, annotations, external display over low-latency WiFi (llw interface) using avconferenced encoding; SidecarCore.framework; launchd services: com.apple.sidecar-display-agent (SidecarDisplayAgent), com.apple.sidecar-relay (SidecarRelay) |
| 246 | Signpost | telemetry API to report points of interest in code; launchd service: com.apple.signpost.signpost_reporter |
| 247 | Simulator | running an iOS/tvOS/watchOS personality on macOS, uses sandboxing and a separate Mach bootstrap namespace for container-like isolation, command line tool: simctl |
| 248 | SIP | System Integrity Protection or rootless mode; collection of kernel-level security restrictions regarding file system modification, unsigned Kexts, Taskport access, NVRAM access, DTrace; /System/Library/Sandbox/rootless.conf; command line tool: csrutil, rootless-init |
| 249 | SKP | Sealed Key Protection; measurement of system state (boot chain IMG4 manifests, BPR, Boot Policy data, UID key, user passcode) to derive Keybag keys |
| 250 | SKS | Secure Key Store; handling of keybag keys within the SEP |
| 251 | SkyLight | WindowServer; SkyLight.framework |
| 252 | Skywalk | network subsystem in XNU, links together actual technologies (Bluetooth, WiFi, Thunderbolt) and interfaces/tunnels; transacts in nexus (for conduits) and agent (for endpoints) objects; DriverKit network drivers use Skywalk; command line tool: skywalkctl |
| 253 | Social Gaming | Game Center; multiplayer gaming services on top of CloudKit, shared storage and low-latency multicast for multiplayer sessions; launchd service: com.apple.gamed |
| 254 | Sock Puppet | Watch interaction that requires Companion device |
| 255 | SOS | Secure Object Sync; syncing backend for iCloud Keychain, not to be confused with the emergency call feature; transferred items previously staged in Synced Defaults, now uses CKKS; launchd services: com.apple.secd (access to local keychain), com.apple.security.cloudkeychainproxy3 (connects to Synced Defaults), com.apple.security.keychain-circle-notification |
| 256 | SPI | System Private Interface; /System/Library/PrivateFrameworks |
| 257 | SpringBoard | iOS home screen; like Dock (Launchpad, Mission Control, desktop picture), Control Center, SystemUIServer (menu extras icons), loginwindow (lock screen), and WindowServer (compositor) on macOS; /System/Library/CoreServices/SpringBoard.app, /Applications/PreBoard.app, BaseBoard.framework, FrontBoard.framework, SplashBoard.framework; launchd service: com.apple.backboardd (compositor) |
| 258 | SPRR | Shadow Permission Remap Register? feature of Apple Silicon to dynamically reintepret page permissions |
| 259 | SRP | Secure Remote Password; standard cryptographic protocol for proving knowledge of a secret such that attackers cannot brute-force the secret; AppleSRP.framework |
| 260 | SSO | Single Sign-On |
| 261 | SSV | Signed System Volume, als called Authenticated Root Volume (ARV); macOS boots from blessed read-only APFS snapshot, merkle-tree and root-hash stored in Preboot volume; modifications require disabling root authentication with csrutil from recovery, then the live filesystem can be mounted, modified, and re-blessed; command line tools: apfs_systemsnapshot, bless, csrutil |
| 262 | Stark | CarPlay |
| 263 | Stockholm | Secure Element in Apple SoCs, a processor running crypto protocols on keys it protects; used for Apple Pay and Car Key; related codenames: Icefall, Warsaw |
| 264 | Storage Management | freeing up disk space by managing bulky items; UI in System Information.app; StorageManagement.framework; launchd service: com.apple.diskspaced; extension point: com.apple.storagemanagement; extends Cache Delete service |
| 265 | Suggestions | semantic analysis of mails and websites to suggest contacts, calendar events and the like; launchd services: com.apple.suggestd, com.apple.reversetemplated; custom JavaScript parsers in /System/Library/AssetsV2/com_apple_MobileAsset_CoreSuggestions |
| 266 | Symbols | debug symbols for backtraces; CoreSymbolication.framework; launchd services: com.apple.coresymbolicationd; command line tools: symbols, symbolscache |
| 267 | Symptoms | network diagnostics; Symptoms.framework; /var/networkd/db/netusage.sqlite; launchd service: com.apple.symptomsd (invoked by kernel through host special port 27) |
| 268 | Synced Defaults | simple key-value store for applications, no user control over data; can use iCloud key-value backend (old) or Manatee container (new, marked as com.apple.kvs) as storage; launchd service: com.apple.syncdefaultsd; locally stored in ~/Library/SyncedPreferences |
| 269 | System Configuration | SystemConfiguration.framework; launchd service: com.apple.configd; command line tool: scutil |
| 270 | System Extension | user-level components formerly in the kernel; currently either a DriverKit, Network, or Endpoint Security extension; /System/DriverKit, /System/Library/DriverExtensions; command line tool: systemextensionsctl; launchd services: com.apple.sysextd, com.apple.nesessionmanager, com.apple.endpointsecurity.endpointsecurityd |
| 271 | System Policy | Gatekeeper; policy engine for application launches and kext loading, malware signatures from /Library/Apple/System/Library/CoreServices/XProtect.bundle; /var/db/SystemPolicy; launchd service: com.apple.security.syspolicy (invoked by kernel through host special port 29); command line tool: spctl |
| 272 | TAL | Transparent App Lifecycle; process for macOS apps started and stopped independently of the user launching and quitting app; also handles session restore across reboots; ~/Library/Saved Application State; launchd service: com.apple.talagent |
| 273 | Taskport | Mach kernel concept for ptrace-like access to task internals; access policy implemented by daemon; launchd service: com.apple.taskgated (invoked by kernel through task special port 9); command line tool: DevToolsSecurity |
| 274 | TCC | Transparency, Consent, and Control; user control over app access to privacy-related services (kTCCService*); TCC.framework; launchd services: com.apple.tccd, com.apple.tccd.system; command line tool: tccutil; stored in /Library/Application Support/com.apple.TCC, ~/Library/Application Support/com.apple.TCC, /var/db/locationd (for kTCCServiceLocation) |
| 275 | Time Machine | automatic backup service, command line tools: tmdiagnose, tmutil |
| 276 | Tin Can | Walkie Talkie on watchOS |
| 277 | Tones | ringtones; ToneLibrary.framework |
| 278 | Translocation | app binary copied on launch to dedicated location; initiated by Launch Services for security (prevents path traversal for apps quarantined by System Policy) or path normalization (iOS apps do not expect to be moved, but can be moved on macOS) |
| 279 | Transparency | key transparency for ESS keys? Transparency.framework; launchd service: com.apple.transparencyd; server: init-kt.apple.com |
| 280 | TTS | Text To Speech, command line tool: say; /System/Library/Speech; synthesizer engines: MacinTalk (historic), Polyglot (phoneme-based?), Gryphon (current, DNN-based?) |
| 281 | TVML | TV Markup Language; declarative UI language for TV apps; TVMLKit.framework |
| 282 | Ubiquity | iCloud Drive; codename Bladerunner, uses CloudKit; CloudDocs.framework; command line tools: fileproviderctl; launchd service: com.apple.bird (iclouddrive-agent); locally stored in ~/Library/Mobile Documents (was supposed to move to Library/CloudStorage/iCloud Drive and iclouddrivectl but this was reverted) |
| 283 | UID | unique ID key, used as root key for cryptographic subsystems, generated during manufacturing by SEP and fused into hardware, only accessible by SEP |
| 284 | Unified Logging | system-wide logging and Activity tracking; launchd service: com.apple.logd, com.apple.diagnosticd; command line tool: log; /dev/oslog; data stored in /var/db/diagnostics, support files in /var/db/uuidtext |
| 285 | User Activity | abstraction behind deep-linking into apps with structured context data (people, places); used for Universal Links (with schema.org on websites), Handoff, Parsec, Siri Shortcuts, Proactive; UserActivity.framework; launchd service: com.apple.coreservices.useractivityd |
| 286 | User Notifications | user interface for notification center; launchd service: com.apple.usernoted |
| 287 | UTI | Uniform Type Identifiers; system for document types; file extensions and MIME types are mapped to UTIs, UTIs form a conformance graph, apps register their UTIs with Launch Services; /System/Library/CoreServices/CoreTypes.bundle; also Apple’s hardware devices are represented as UTIs |
| 288 | VA | Video Acceleration; AppleGVA.framework, AppleVA.framework, AppleVPA.framework |
| 289 | Viceroy | video conferencing used by FaceTime and ReplayKit; ViceroyTrace.framework |
| 290 | VSDB | volume status database; /var/db/volinfo.database; command line tool: vsdbutil |
| 291 | Waldo | selects edge servers based on approximate location, part of Private Relay, seen in NSP |
| 292 | WFS | WebDAV File Sharing; built-in file sharing with Apache; /etc/wfs; command line tool: wfsctl |
| 293 | Widgets | content excerpt from apps; provided via a timeline of view hierarchies, configuration uses Intents, technically very similar to complications on watch face; extension point: com.apple.widgetkit-extension |
| 294 | Willow | HomeKit; end-to-end-encrypted communication protocol and API for IoT-accessories; pairing with SRP using code printed on device, credential sync by CKKS, transported over Alloy, remote access using Apple TV as proxy; launchd service: com.apple.homed |
| 295 | Workflow | Shortcuts; user-programmable system-wide automation, built-in triggers and actions, extensible with User Activities and Intents; WorkflowKit.framework, ActionKit.framework; locally stored in ~/Library/Shortcuts; launchd service: com.apple.siriactionsd (voice-triggered shortcuts); command line tool: shortcuts |
| 296 | xART | eXtended Anti-Replay Technology; persistent storage for SEP, used by Mesa; /System/Volumes/xarts; launchd service: com.apple.xartstorageremoted; command line tool: xartutil |
| 297 | XCS | Xcode Server; continuous integration server; command line tools: xcscontrol, xcsdiagnose |