Looks like iPhone 16 models have a new security feature called ‘exclaves’. I found a lot of references to them in the system files, but they don’t seem to be in iPhone 15.
It seems there’s a ‘secure exclave’ that runs cL4, similar to Secure Enclave, and several processors connect to it—like ANE, ISP, AOP, FaceID, display signal processor, and audio processors.
There’s also an exclave kernel, root task, shared libraries, scheduler, and more. But it’s not clear if this secure exclave is a separate core or just a secure mode on existing cores, kind of like ARM TrustZone.
I haven’t seen much discussion about this. The only mention I’ve seen is about the secure indicator lights on M4 MacBooks, which might use exclaves, but no one has talked about how much of iOS references them. A blog post a few years ago speculated that exclaves were what SPTM used, but this seems different. Another blog suggested exclaves might be used for virtualization in macOS, but the way iPhone 16 is using them seems to go beyond that.
Anyone have more info? Would love to hear what others think.
Didn’t the iPad Pro have a patent or an actual feature for the hardware-controlled sensor indicator light?
Seems like Apple is working on a way to control certain pixels on the display for mic and camera access lights so that they can’t be overridden by software. Basically, if the mic or camera is powered on, a part of the screen lights up to show the status.
Wouldn’t it have been easier to just put a physical LED linked directly to the mic and camera power? But I guess a software-based solution can work across all their devices.
@Teo
I’m not saying software solutions shouldn’t exist for older devices. Exclaves and similar improvements are great.
What I’m saying is that new hardware should have a hard-wired visual indicator for the mic and camera that no software—malware, AI, or anything else—can control.
People are used to new hardware getting new features. Eventually, most will upgrade anyway.
A software-based approach secured with isolated hardware is easier to roll out than adding a separate LED.
With this method, Apple can move the indicator anywhere, adjust it for different devices, and keep everything looking sleek. They don’t want extra lights messing with their designs.
This works fine, so they don’t need a physical light connected to the power circuit. I used to think adding a hardware LED would be simpler, but with Apple’s design choices, it’s really not.
@Rory
Good point. If it’s always on, it kind of defeats the purpose.
Maybe it could be a dim light instead? Or it could turn off when the user says something like ‘Siri, stop listening’.
Actually, this might be where a secure exclave could help. Maybe a dedicated chip listens for wake words and only then allows the mic to connect to the CPU. That way, it’s not always on, but it still works instantly when needed.