Also for more info and a few videos demonstrating capabilities and performance check out the website: https://getutm.app/
Whilst most people are saying it's a bug on Apple's side I'm worried it's more than that. The removal of signed iPadOS/iOS 13.3 from their servers, along with the returned ability of flashing static lib'ed packages after all being blocked for a while seems more "on purpose" from Apple rather than "by accident". We gotta just wait and see, I guess.
This is a weird thing by the way. It seems to me like you should be able to debug or do VM syscalls against yourself because there is no escalation of privilege. Debugging another process makes much more sense to block. But maybe my opinion is invalid because I also happen to think disallowing jit with kernel permissions is very silly. (Maybe dropping ability to do this in the style of openbsd's pledge(2) would be appropriate, but only for a process that really wants extra security.)
Actual JITs (ones blessed by Apple, not hacks like these) possess the dynamic-codesigning entitlement, and can just make RWX pages.
> But maybe my opinion is invalid because I also happen to think disallowing jit with kernel permissions is very silly.
Your opinion isn't invalid, but it goes against Apple's security model of iOS (namely: apps should not be able to modify themselves).
And my position is this is a silly approach, or, maybe is ok but should be opt-in, or perhaps opt-out with third parties being automatically trusted to decide they want to use JIT without hoops.
W^X is good default policy but Apple's policy is unreasonable and paranoid.
There are two types of certificate – development certificates, which allow get-task-allow for debugging purposes and can be installed directly to a device; and distribution certificates, which do not allow get-task-allow and can be distributed through ad-hoc means, Test Flight, or the App Store.
If this app requires get-task-allow, then it needs to be signed with a development certificate to run. If it's signed with a development certificate, then it can't be distributed to other people.
Official description: https://github.com/tbodt/ish#a-note-on-the-jit
It's a full x86 emulator.
> IIRC the dev said he also wasn't allowed to publish it to the App Store
He didn't, it's just never been tested whether it could be on the store or not.
You can compile binaries on iSH and they'll run on the emulator just as all the other code does.
Edit: just tried it and indeed you are right, it works in a few cases now. Clang also works for basic test cases.
I will report back when I tried to install Win XP/7 (I desperately want to play Age of Empires 1 while on vacation since I saw this awesome app :D).
1. Install UTM
- harder than I thought now because of Apple enforcing very strict app signing rules etc. (why can't they just let us run our own code without paying or hacking? Ò.ó)
- jailbreak with checkra1n -> install AppCake -> trust certificates with help of "Apple Configurator" (device management was not in the iOS general settings until I accessed profile settings with the configurator) -> sign UTM with AppCake (Filza -> Open IPA with AppCake)
2. Setup VM with Windows XP
- copied ISO (WinXP SP3) to iPad with VLC "Sharing via WiFi" (awesome tool!)
- created a VM with a 5GB hdd and a CD/DVD with path set to the ISO
- could boot from the ISO and start installation but it crashed after the reboot. I tried again and again by opening UTM again, opening the VM settings (not doing so would instantly crash UTM when I tried to start the VM again)
- finally I realized assigning 1GB of RAM to the VM (iPad Air 2 has only 2GB total) was too much and I changed it to 512MB (default setting) which let me finish the installation of Win XP! :-D
No I will try to install Age of Empires 1 and when I get hands on adapter + keyboard + mouse I will try those with UTM as well.
It demands graphics with directdraw and will not start.
How did you get Halflife running?
Note: i use an iPhone and iPads. I do my hacking/customizing elsewhere.
There's that nagging feeling you're giving Apple too much mind share though.
>Why isn't this in the AppStore?
Apple does not permit any apps that has interpreted or generated code therefore it is unlikely that UTM will ever be allowed. However, there are various ways people on the internet have come up to side load apps without requiring a jailbreak. We do not condone or support any of these methods.
The rule changed, I think around the time that Swift Playgrounds came out, to add:
> Educational apps designed to teach, develop, or allow students to test executable code may, in limited circumstances, download code provided that such code is not used for other purposes. Such apps must make the source code provided by the Application completely viewable and editable by the user.
There are probably plenty of apps that do interpret downloaded code (the Frotz app to play old text adventures comes to mind) and fly under the radar. But Apple would surely be on the lookout for any kind of emulator, due to the legal risk.
The issue is that Apple wants a big profit cut on each app. If you were allowed to download & run applications on your own computer, then Apple wouldn't get its cut.
Microsoft "allows" people to install emulators in the same sense that Apple "allows" it on macOS, but a quick search confirms that Microsoft does not allow emulators on their app store, nor does Google. (These policies may specifically be for video game emulation, which is mostly what the legal grey area covers.)
It even has Bochs 
Or am I misunderstanding something?
Not sure how they're allowed to exist on the app store, but it's been solid for me for a while now.
Anyway; I don't know if these emulators maybe do not generate code or are written with Core JS (for the most part) which apparently is allowed.
Apple deserves to be disrupted.
That's what they mean by "no jailbreak required". Flipside is you gotta pay for a dev account to get your stuff signed to allow it to run.
This is arguable. The amount of CVEs is pretty high for a closed-source platform. Several of those CVEs were exploited in the wild for years before being fixed.
So to test this on my iPhone, I need 1. to buy a Mac and 2. pay for an annual Apple development permission subscription.
You really can’t make a platform worse than this, and I say that as an iPhone owner. It’s so frustrating!
Can’t they publish this as a “test-flight” beta like for instance iSH does?
A terrible decision. Users should always be allowed, at the very least, to build and sideload their own code.
You barely can anyway. Unless you pay $99/yr for a developer account, any self-compiled apps you install will expire after seven days. If you want your app to keep working, you need to plug your phone into a computer and recompile every single week. That's just not realistically usable for anything other than simple testing.
Yes, it should be allowed. But it's not. It's been this way for the entire history of iOS and it's awful.
You don't really:
. can't open it to access h/w, change battery, etc...
. can't choose what you run on it
. can't actually access all of the data that's stored on it
. most of the things you do with it are recorded by a remote entity.
. "for your own protection", here's a very long list of things we will not let you do with your device.
> can't open it to access h/w, change battery, etc...
We're necessarily moving closer and closer to monolithic ASICs that cover all functions of a phone, most likely encased in epoxy for complete waterproofing. Some guy with a screwdriver and multimeter will never be able to keep up with advancements in manufacturing/technology.
Substantial claims require proof, please show even one example where Apple stated this ever.
It appears to me that developers who are previously using dynamic libraries now have to invest in the effort to make them static libraries and link them to the main executable. So it seems like it can be overcome, but just more hassle. Am I correct?
Stifling peoples creativity for commercial reasons. It feels like instead of my own government, Apple/Google now dictate the new rules (for which there are no laws yet, and won't ever be since new laws are always 10 years behind the newest innovation.)
I'm assuming the SPICE referred to here is not the SPICE I know, unless they've gone the full video circuit emulation route, which I don't imagine being fast at all :)
Isn’t that what’s the “regular” QEMU setup always uses anyway?
Even without that, static binaries could run till some recent version. I have poked with dynamic loading and LD_PRELOAD to set up my own environment which could run most Debian packages using libfakechroot && libfakeroot.
People like to shit on Android. But in terms of power user freedom, apple doesn't even come near.
An interesting exception to this is Expo, an app that lets you load React Native apps built by other developers over the internet. Expo gets around this on Apple by forcing you to sign into that developer's account before downloading their app, so that it's plausibly "yours". I've used to distribute early builds of a React Native app really easily.
All of this to say, I wonder to what degree Apple's policy applies when it's "your" app, or you are the developer, or whatever. I suspect Expo, as a venture backed startup, has some kind of a working relationship with Apple that affords them a tiny amount more leeway than the average Github user.
This could actually be an incredibly useful application that many people pay lots of money for if were ever allowed on the market -- think of the combination of iPad + keyboard + Windows Remote Desktop. Really sad that Apple makes their platform so restrictive. (Yes, security issues, but still, seems like a good enough sandbox could overcome the danger of remote execution.)
They also get around the limitation of having half the screen showing the executed code by not letting users modify the code through their app.
> the limitation of having half the screen showing the executed code
I'm not aware of this limitation, could the QEMU port use this to show the ASM that's being executed to get around this?
It basically does the same thing Swift Playgrounds does where is compiles to LLVM machine code and runs it will LLVM compiled for iOS. And it is on the app store so IDK the rules at all apparently and why QEMU wouldnt be allowed.
Believe me, the engineers at Apple are well aware of them already.
Why not just install the free Microsoft RDP client for iOS? Seems like extreme overkill to use an x86 emulator with a full OS installed to do something that’s available for free in the AppStore.
PS: I'm using an iPad Pro 10.5 over LTE right now with an original Apple Wireless Keyboard 1 with proper arrow keys. I use Vim on it and can save to shared services. Heck, you can even fire-up the embedded python with :!python3<enter> It also redirects phone calls from my vintage unlimited data plan, so I don't need a phone... but it looks goofy talking into my iPad John Oliver-style. ;)
I fear this will also never reach its full potential... but it is great to see.
I currently use iPad Pro with Remotix to access OS X + Windows which works really well. If there was a Remotix for Linux, I would use Linux only, but there is no comparable VNC client for Linux. Compared the ones under Linux are unusable (and I did try them all).
If your want to do portable programming I would recommend a light 2 in 1 laptop. You can dual boot Windows and Linux on it (Windows for media consumption and Linux for programming). But it is bigger then a tablet.
Of course if you use a server you can use anything you want to do programming. But personally the latency is a dealbreaker for me.
> But personally the latency is a dealbreaker for me.
I had that issue too :) However that changed when remotemac (no affiliation) introduced me to Remotix; I live in the mountains and my internet is bad, and yet it has no latency with 4k screen transferring. Anything on Linux is just horrible compared. I develop apps on my iPad and it works really well like that.
My ‘dream’ (bit extreem but lets say preferred way of working) is to use my x220 with Linux to do that; then I can do all dev on that machine while doing iOS dev remotely. Now I still have to carry an Android tab, Windows laptop (I can do that on the x220 but I really do not like to dual boot) or iPad with me.
¹ — https://en.wikipedia.org/wiki/NX_technology
Try a non-systemd distro (e.g., MX linux, Devuan, slackware).
Printed on electrons from a cheap(er), used iPad Pro 10.5" over 4G LTE
Does to hard drive limitations in space might not be able to run Windows 10 on an iPad or Macbook Pro.
Staying with the same instruction set (e.g. x86 -> x86) does help with performance though.
There’s a discussion of this here: https://stackoverflow.com/questions/5806589/why-does-intel-h...
It’s slow because it’s emulating, period. CISC/RISC has little to do with it.
Edit: my bad, somehow I thought this was UAE the amiga emulator.