XPost: misc.phone.mobile.iphone   
   From: marianjones@helpfulpeople.com   
      
   Marian wrote:   
   > Speaking only about the delta is like talking about how small the diff is   
   > while ignoring that the system still has to rebuild the whole image from   
   > scratch. The diff size is not the architecture.   
      
   So what's DIFFERENT about iOS from almost all other common consumer OS's?   
      
   The way Apple delivers iOS updates is fundamentally different from Android,   
   Linux distributions, Windows, and even macOS. The differences come from how   
   the operating system is packaged, how it is signed, and what parts of the   
   system are allowed to change independently.   
      
   iOS uses a sealed and signed system image. The core of iOS is a single,   
   monolithic, cryptographically sealed system volume. The seal covers the   
   entire OS filesystem. Any change to any file on that sealed volume requires   
   Apple to rebuild, re-seal, and re-sign the entire OS image. This is true   
   even for a one-line fix. Because the system volume is sealed as a whole,   
   partial updates to system components are not possible. Before Rapid   
   Security Responses (RSRs), every change to system code required a full OS   
   update.   
      
   Android does not use a single sealed system image. Android is modular. The   
   OS is split into multiple partitions: boot, system, vendor, product, odm,   
   and others. Many components can be updated independently. Modern Android   
   also uses Project Mainline, which delivers updates to system components   
   through the Play Store as modular APKs or APEX packages. This means Google   
   can update things like media codecs, networking stacks, DNS resolvers, and   
   security libraries without shipping a full OS update. Android OEMs can also   
   update vendor partitions separately. In short, Android is designed for   
   partial updates; iOS is not.   
      
   Linux distributions are even more modular. Linux systems use package   
   managers (apt, rpm, pacman, etc.). Every library, binary, and subsystem is   
   a separate package. Updating a single library does not require rebuilding   
   the entire OS. The kernel itself can be updated independently of userland.   
   Even the kernel can receive live patches (kpatch, ksplice) without   
   rebooting. Linux is the opposite of iOS in terms of update granularity.   
      
   Windows is also modular. Windows Update can deliver patches to individual   
   DLLs, drivers, subsystems, and frameworks. Microsoft can patch a single   
   file without rebuilding the entire OS image. Windows also supports   
   component-based servicing (CBS), which allows extremely fine-grained   
   updates. Windows is not a sealed monolithic image; it is a large collection   
   of independently updatable components.   
      
   macOS is closer to iOS, but still more flexible. Modern macOS uses a sealed   
   system volume similar to iOS, but macOS still allows more modularity. Many   
   system apps and frameworks live outside the sealed volume and can be   
   updated independently through the App Store or standalone updates. macOS   
   also supports Rapid Security Responses, which apply small patches on top of   
   the sealed system volume without resealing it. iOS is stricter: far more of   
   the OS lives inside the sealed volume, so fewer components can be updated   
   independently.   
      
   The key difference: iOS is the only major OS where almost all system   
   components live inside a single sealed system image that must be rebuilt   
   and re-signed as a whole. Before RSRs, this meant every system fix required   
   a full OS update. Android, Linux, Windows, and even macOS can update   
   individual components without rebuilding the entire OS. iOS could not do   
   that until RSRs were introduced, and even now RSRs only patch a small   
   subset of components.   
      
   The result: Talking about the size of the delta downloaded by a device   
   misses the architectural point. The delta is just a bandwidth optimization.   
      
   Regardless of delta size, the device still reconstructs a complete new   
   sealed system image. Other operating systems do not work this way. They   
   patch individual components directly. iOS rebuilds the entire OS image.   
      
   For years, I tried to get people like nospam to understand how iOS works.   
   All he could ever talk about, was the delta, which is wholly meaningless.   
   Sure, Apple ADVERTISES the delta - but that's not the important factor.   
      
   Speaking only about the delta is like arguing about how many bricks were   
   delivered to the job site while ignoring that the entire wall had to be   
   torn down and rebuilt. The brick count is irrelevant to the construction   
   method.   
      
   Anyone who can only talk about individual delta's, doesn't understand iOS.   
   --   
   I am not here for my ego; nor for my amusement; but to teach & learn.   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)