> "Some features, including image generation, have daily usage limits because they rely on powerful server models. Increased access is available with most iCloud plus subscription plans".
Start at 1:07:00 in their announcement video. Craig is absolutely talking about "Apple Intelligence" as a whole in this segment.
Pragmatically, of course they'd need to add metering to any cloud available APIs that rely on large models. There's no way they will eat the cost of serving unlimited access to a cloud LLM to end users if they won't eat the cost of an image generation model.
Part of the pitch of AI companies is that they mediate and provide a new surface for ads, for taking an affiliate cut of sales, etc.
But it isn't like this hasn't been the long-running strategy for Google as well - provide more results on search so that people don't go to the site with ads, provide paid product results for shopping, to offer more services to keep people providing personal/behavioral queues to Google and more opportunities for ad placement.
If anything, AI turned up the heat such that the frog noticed what temperature the pot was. But that doesn't really put them in a better position to execute than Google.
> Force you to use email or SMS as a "second factor" to unlock changing password even if you know the old password
Apple has detectors for codes sent via email or SMS, if your email account is one that is configured with the OS mail client.
> A stupid idea of password complexity usually requiring one of a finite set of 5-8 "special characters" which is often only revealed after you've chosen a password that doesn't have them. Or in some cases even banning characters other than the ones they check for. There's a standard for this where you put a regex on the password field, which a good password manager will always use, but the kind of idiots who think limiting the entropy of passwords to increase security is the correct way to do things almost NEVER implement this.
An AI agent can read the failure message and craft a new password
> A maximum password length, even as short as 16 characters in many cases
Same deal
> CAPTCHA etc.
While there's always the complex solution of scanning the image and trying to detect what is going on or slide the puzzle with enough of a curve to act like the motion of a human limb, there's also Private Access Tokens, supported by both Cloudflare and Google-provided captcha systems now IIRC. The OS uses an anonymous system to assert a single bit that there's proper browser chain-of-custody.
> Any effort spent on this would be better spent elsewhere, including even educating other companies on how passkeys should be used.
There are proposals as well to provide API to do upgrades from passwords to passkeys as well automatically. Nobody said the feature has to always use AI - but it may help the feature be robust enough for people to seek it out and try it.
Apple splits processing between an on-device and cloud-hosted model. As time goes on, devices will be more capable of doing more processing locally, and it would be expected that the cloud-hosted model gets more sophisticated.
Your 15 Pro Max supports Apple Intelligence. Newer phones can answer more questions without going to cloud infrastructure.
The design is that there is always a local model capable of forming a remote query with just the subset of local data on your phone needed to answer that query.
They may have decided that local processing was a MVP feature either for faster responsiveness or to reduce cloud cost. It may have been additional memory pressure or a limitation in processing on the previous A-series chip. Or they may have simply decided it wasn't worth creating and validating Yet Another model.
> Apple allowing third party access doesn't automatically mean user data gets hoovered up by OpenAI, Anthropic, etc. It just means users now get the choice, if they want to make that choice.
Apple is also restricted in the sort of consent prompts they give the user. That could matter when a non-technical users is prompted by a third party app to effectively allow unfettered access to all user personal data on the device.
Sometimes when you look at the functional requirements for a feature it turns out to be a bad idea. In the EU, functional requirements can come after-the-fact from regulator interpretation of the DMA. Until Apple determines what those requirements actually are going to be, releasing a potentially harmful feature is irresponsible.
My limited understanding is that it would be a local model that exists only to determine a limited set of local information necessary to answer the user's request. This request and information would then be shared with the third party. Third parties would otherwise not have access into the local semantic model based on user personal data.
Does apple's own siri need to pass requests through their gatekeeper AI? I bet it doesn't. Personally, I'm generally happy with any answer apple comes up with so long as they're bound by the same set of restrictions as 3rd party companies. I feel like that's the only way to make sure apple won't "accidentally" hobble their competitors. (Like they did with their ridiculous 50c per app install fee for 3rd party app stores).
I want Claude and OpenAI to be able to compete with Siri on an equal footing. Just like Apple maps has to compete with google maps. Competition pushes companies to make better products.
Hm, I didn’t even consider that it could be an “agent” in the AI sense. I assumed this meant a service that runs on the device and interposes on requests to access privileged resources and enforces permissions checks on them. That is, the classical sense of the word agent in computing. Perhaps you’re right; in any case I don’t think there is really enough detail here to go off of.
> This feels like it could be solved with a list of permissions that the user has to turn on when using 3rd party AI.
The device won't be able to ask for significantly more permissions than Apple asks for their own model for regulatory reasons, nor will it be able to convey the seriousness of granting the permission (e.g. immediately give unrestricted access to the vast majority of personal information/documents stored on the device).
But Apple also architected their system to justify not having constant permission prompts for access to sensitive data. And for regulatory reasons they also can't mandate that competing models have the same architecture.
The regulators and Apple (along with hopefully other AI companies) will need to work together to determine longer-term stable path forward.
Apple could have the same kind of permission dialogues with their own models (and they actually should). Each and every (first-time) use of a feature should:
1) ask for permission explaining the scope
2) warn you about the dangers with a confirmation / nevermind option
Putting this in practice:
1) Acme AI requires access to your email provider in order to execute this request. Grant / Deny
2) You're about to let Acme AI read and send emails on your behalf, this might be dangerous due to X and Y. Do you want to continue? / Nevermind.
In this case:
1) Asks for access to a service
2) Asks for a specific use-case of the service
1 is access to data, you might want to give broad access to some applications and input data
2 is permission to act, but you might want to deny access to some parts such as sending email and scope to summarization
reply