I don't think there's any API for that, but I'm not entirely sure (sso don't count on this). But either way, the sensor fusion algorithms are there to improve it, so I'm not sure if you would get better results from that. and fails in low light conditions Do you think raw depth data would be better than the sensor fusion-processed data?

I think I figured why this happened, but I believe the UI/UX could be improved. It appears that I did not click the "Done" button and just closed the app, so the key did not get saved. I think it would make sense if this info was automatically saved, especially since there is a "delete" button on the exact same page. I think this behavior may confuse users.

Regarding your first question: [quote='761970021, lhj0880, /thread/761970, /profile/lhj0880'] Does the Secure Enclave utilize its own independent memory for storing keys and other sensitive data? [/quote] As described in the Apple Platform Security guide: Although the Secure Enclave doesn’t include storage, it has a mechanism to store information securely on attached storage separate from the NAND flash storage that’s used by the Application Processor and operating system.

For anyone who stumbles upon this thread, the vulnerability has been fixed in macOS 14.6.

[quote='760976021, rene.lv.cs, /thread/760976, /profile/rene.lv.cs'] My guess I think when the transition to the next screen happens, the reference to some critical information for save password gets deallocated and then some Apple Api tries to show the action sheet but this does not work because some Information is missing. This seems to prevent the userinteraction and some code runs in an endless loop which would explain the memory raising quickly (our production build runs normally between 30 MB and 80 MB Memory). [/quote] I'm not sure, but that sounds pretty plausible, imo. Make sure to file a bug for this and link it here.

Mac users can run unnotarized apps, but in macOS Sequoia there have been some changes that make it slightly more complex. Instead of control-clicking, you'd need to go to System Settings and allow the app to run. From what I know, you need to enroll in the developer program to notarize and distribute your apps (not necessarily via the App Store), but correct me if I'm wrong.

The key to your problem is likely code signing, but you might've figured that out already. From your description, I suspect the issue is related to this, since you're essentially not changing any code, so this is the only other thing that could fail. And indeed, we can also see that in your Console Logs: default 10:22:09.228811+0100 kernel AMFI: code signature validation failed.

You should report this to Common App too, as they might be able to address it if it's an app issue. It might be related to a null pointer dereference due to some concurrency issues (hence KERN_INVALID_ADDRESS at 0x0000000000000000 and 0 libsystem_kernel.dylib 0x00007fff206689ce __ulock_wait + 10), but I'm not entirely sure... From what I see, it seems that these concurrency issues arise when WebKit tries to load some system preferences. I noticed both of you use macOS 11.7.10 (20G1427), so perhaps it's also related to this. I did a quick search on the internet and found that other people are experiencing the same issue on the same macOS version.

Filed FB14686829. Thanks! I noticed all links in the email used df-webapp-dr-ause1.apple.com instead of developer.apple.com. Perhaps it stands for "developer forums webapp disaster recovery AU server 1" or something similar.

Sure, I will file a bug when I can. Strangely enough though, the button worked for your reply on this thread and another one I received today, so the issue might be fixed already 🤔

Are you sure you used the #if os(watchOS) condition everywhere you use CMBatchedSensorManager? I'm pretty sure that it should've removed all references. Do you use the shared class somewhere in your iOS code? Maybe that's part of the issue - perhaps a method of that class that you use on iOS uses the CMBatchedSensorManager.

I used this API a few months ago in a macOS app and yes, it had a rate limit of 50 searches per minute. That means that, after 50 searches are done in less than a minute, you'll have to wait in order to send the next requests (I believe all your other requests within that minute will fail). I haven't found any mentions of the actual rate limit value in the docs, so you should experiment with it yourself. I believe this might be the error you'll get if you exceed the rate limit.

@YoshiakiK you can file feedbacks and bug reports using the Feedback Assistant.

Maybe apple allows his own softwares Indeed, I believe that's what's going on. Safari has some special entitlements, you can see them if you run the following command in Terminal: codesign -dv --entitlements - /System/Volumes/Preboot/Cryptexes/App/System/Applications/Safari.app. The special entitlement that allows this kind of behaivor is com.apple.private.tcc.allow: [Key] com.apple.private.tcc.allow [Value] [Array] [String] kTCCServiceAddressBook [String] kTCCServiceCamera [String] kTCCServiceListenEvent [String] kTCCServiceMicrophone [String] kTCCServiceScreenCapture [String] kTCCServiceSystemPolicyDownloadsFolder [String] kTCCServiceCalendar [String] kTCCServiceSystemPolicyAppData [String] kTCCServiceAppleEvents I hope it is not the same behaviour for full disk access grant... There is another simillar full disk access entitlement value, kTCCServiceSystemPolicyAllFiles, but Safari doesn't have this. but this is not good for security... While these Apple apps have these entitlements, other apps cannot obtain them without explicit permission from Apple. They need to be signed by Apple in order to receive these entitlements. So, generally speaking, there is no way for them to access these permissions without prompting the user, unless they exploit some sort of vulnerability. If you find such a vulnerability, you should report it to the Apple Security Research website.

How do we stop users from disabling the permission incase the user has admin rights? Usually, any admin user should be able to change these kind of settings, so if you want an user to be unable to do that, they shouldn't have admin rights. Perhaps you can do something with the MDM APIs for that. Regarding your other questions, I'm unsure, but: In particular, do both the client and server need to be in the same private subnet range for the prompt to be shown? My guess is they shouldn't be on the same private network range (not necessarily subnet), but I haven't tested that. a VPN is not really a local network Perhaps the machine should still see it as a local network, especially if your machine is residing on a private network range through the VPN.