hoakley April 6, 2022 Macs, Technology

triald is all about Machine Learning

I’ve recently drawn attention to a new service introduced in Big Sur which can, at times, consume high CPU and disk space: Trial, seen through its background service triald and its frequent appearance in the log. I’m very grateful to all those who have provided information to help discover what this is doing and why. I think I’m much closer to understanding what’s going on.

While Apple now documents precious little about macOS internals, it does provide developers with tantalising glimpses inside. In this case, I refer to its documentation on Core ML, a suite of frameworks to support Machine Learning (ML). The way this works is that a developer creates a model based on a set of training data, such as a large collection of images or words. The model is made using an ML algorithm or method, most commonly neural networks these days, and is then built into an app which might sort images into categories, recognise objects within them, or analyse text. Domains supported by Core ML and its tools include:

Images (Vision)
Text (Natural Language)
Speech (conversion of audio to text)
Audio analysis
Numbers (numeric analysis and prediction).

Once the user has installed an app using Core ML on their Mac (or device, as this is supported by iOS and iPadOS too), its developer has two ways for refining and changing the model: Core ML can be used on-device with that user’s data, or they can update the model remotely, outside of a conventional app update.

Apple explains how third-party developers can get their apps to download and compile models with that app instead of bundling them within the app. It suggests this could be a good plan to reduce the size of the app on the App Store, to pick the ‘right’ models for that particular user, or simply to update the model.

These models, compiled on-device by Core ML, are then stored in “a temporary location”, but Apple recommends using permanent storage in a folder within Application Support.

There are fuller details for deploying Model Collections, which Apple specifically touts as sending “models to users’ devices without submitting an app update”. When a developer does this, “the operating system on each user’s device automatically downloads the model collection from the deployment in the background.” While they can notify the app user of the deployment, that doesn’t appear to be recommended by Apple.

Currently, the major supplier of apps using Core ML is Apple. Trial, and possibly a sibling going under the name of Biome which also has its own root directory in ~/Library, appears to be Apple’s system for deploying new and updated models for use in Siri, Photos image analysis and recognition, Visual Look Up, Live Text, and other features in Big Sur and Monterey.

Security is clearly a concern here. These late-deployed models don’t pass through any App Store approval process, nor the malware checks involved in notarization. They aren’t executable code in the normal sense, but it’s unclear whether malicious code of any form could be embedded within them. There seems little to stop a malware developer from selling or giving away an innocuous app through the App Store and using deployment of models to distribute malicious content under the radar.

I have seen both XProtect and MRT run at the same time as triald activity in the log, and it’s likely that Apple has anticipated some security concerns over this mechanism. However, that only helps for malware which can be detected by Apple’s tools, and on-device processing by Core ML could even be exploited to help avoid detection.

More to the point is that deployment of changes to an app, whether it’s built into macOS or created by a third-party developer, take place without the user even being informed, let alone given the option to not receive them. In this sense, parts of macOS are now automatically updated regardless of your settings in Software Update.

It still remains strange that Apple should use terms like trial and experiment, if these are just model updates. Despite what some may think, ML doesn’t normally proceed by running large-scale trials or experiments across user systems. The normal sequence of events runs:

developers build libraries of training and test data
the ML model is built using the training data to train the chosen ML algorithm
that model is validated against test data (a step often omitted it seems)
the model is deployed to user systems.

Training, sometimes known as learning but never trialling or experimenting, is normally the most demanding step, as it involves both questions (raw data) and answers (what the algorithm is supposed to detect or predict). Once that’s complete, the algorithm should perform very well against samples of that training data. That’s why validation testing is so important, as it assesses the algorithm’s performance on unseen data, comparing its results against those obtained by some gold standard method.

Although Apple rightly considers that on-device training is valuable, it’s demanding and normally impossible to validate. I don’t recall any on-device training being used by Apple’s software. It’s easily recognised, as it requires the user to assess whether the algorithm has obtained the ‘correct’ answer. For example, in object recognition the user would need to confirm whether the algorithm has recognised the object(s) correctly by marking the results. So when using Visual Look Up, the user would have to be able to tell the app whether its answer was correct, a requirement for either training or testing phases.

I don’t think for a moment that Apple is actually using our Macs and devices to augment its training and testing datasets. Doing so without informing users would open it to severe criticism. How Trial came to be so named, and why experiments I’ll never fathom.

17Comments

Add yours

1

Joff Day on April 6, 2022 at 7:16 am

I could be wrong but think apps like Topaz Labs Gigapixel and Adobe’s Photoshop neural filters use this. Both boast of using ‘AI’ and both send data back to their mothership for processing.

In the case of Gigapixel, if I am checking 4 possible models of enlargement at the same time, my (albeit a mid-2014 MBP) can slow right down and pretty much make other apps running unusable.

On my next Gigapixel enlargement I will have Activity Monitor open and see whether triald is running. It would explain a lot.

LikeLiked by 1 person
- 2
  
  coxorange on April 6, 2022 at 9:05 am
  
  Which version of Photoshop? Thanks.
  
  LikeLiked by 1 person
  - 3
    
    joffday on April 6, 2022 at 10:01 am
    
    2022
    
    LikeLiked by 1 person
- 4
  
  hoakley on April 6, 2022 at 2:29 pm
  
  Thank you.
  Although it will be very interesting to know whether triald is involved, I wouldn’t be surprised if the software was doing its own management, rather than using macOS. I also don’t know yet whether triald is only used by macOS itself, or whether it’s used when third-party apps use Core ML, and interesting question.
  Howard.
  
  LikeLike
  - 5
    
    joffday on April 6, 2022 at 2:32 pm
    
    Made no difference to triald, so pretty sure is the Topaz app that is eating the processing power.
    
    LikeLiked by 1 person
    - 6
      
      hoakley on April 6, 2022 at 2:49 pm
      
      Thank you. If you’re interested, you could look in the log for com.apple.espresso, which is the subsystem controlling neural network support in macOS.
      Howard.
      
      LikeLike
    - 7
      
      joffday on April 6, 2022 at 7:34 pm
      
      Hmm… tha tmay be beyond my Mac pay grade. Looked in Console and Log reports and couldn’t find com.apple.espresso anywhere – or, in fact, on my Mac – I’m still on Big Sur version 11.6.5 (20G527). New MBP doesn’t arrive until the end of the month.
      
      LikeLiked by 1 person
    - 8
      
      hoakley on April 6, 2022 at 8:21 pm
      
      Thank you for trying.
      Howard.
      
      LikeLike
9

Norm on April 6, 2022 at 9:58 am

Good questions you are raising. What you have uncovered so far, with no help from Apple, is rather concerning, don’t you think? Just another reason not to trust Craig Federighi, Apple’s Sr. VP of Software. I’m not a fan of Craig, but Tim Cook likes him, so that is all that matters.

I am still dealing with my Mac throttling. What I have uncovered is rather interesting. It isn’t high temperatures causing the throttling, and it isn’t kernel-task doing it either.

Just like the secrets about trials, there is some process in Apple’s innards that is moving the CPU frequency from its nominal 2.6 Ghz down to as low as 1 GHz, literally freezing my computer. Keys and the mouse stop responding, and after a period of time, I get control of my computer back. And the frequency goes back up. I can be in my bed, with the computer doing nothing and I hear the fans crank up and go down.

And NO it is not my many applets running in the background unless Apple is counting the number of them and not the actual processor load. My computer throttles based on processor load yet the load isn’t bumping the temperatures up at all. Meaning the load isn’t much of a real load, but a computed load.

Apple will tell me nothing. But I tested with a Safe Boot and get the same results. Hundreds of help requests online taking about Monterey, high CPU usage, high RAM usage, lots of Apple System processes running and throttling.

If I were more paranoid, I’d believe that Apple was doing to Mac OS what they did to iOS, as every update to iOS added new features but also degraded the performance, and used up the battery faster. Apple got sued in class action and Apple lost. So, yes, if they did it once, why wouldn’t they do it again and make users of MacBooks with Intel processors hate their computer and rush out to buy an M-1?

Shocking myself, I thought I’d try getting rid of Firefox, as it was always running high CPU and delivering choppy audio and frozen video when streaming. I tried out Microsoft Edge. Yes, Microsoft Edge runs on Mac OS!

Now I am not a fan of Microsoft, but I actually love Edge. I can load Extensions from the Chome library, they still have Speed Dial FVD, something Mozilla killed in a fit of rage. The translation is built-in, so no third-party app is needed. Location Guard runs. Social Fixer runs. Download Manager S3 runs. I haven’t found any extension or add-on that ran on Firefox that doesn’t run on Microsoft Edge. I am shocked but all is good so far.

Meanwhile, I changed VPN vendors and now every Google search is interrupted by blocking software and a Captcha with grainy photos of fire hydrants to identity. Screw that. So, in addition to dumping Google Voice, and Google Fi, I now dumped Google Search and am using Bing!. No blocking, no Captchas, no Google BS. Still use Google Maps though.

My throttling isn’t solved yet, but my Macbook Pro is running a lot better with Edge than with Firefox.

It seems even bad coy-cat software companies like Microsoft can evolve.

LikeLiked by 1 person
- 10
  
  Tony on April 6, 2022 at 10:39 am
  
  As an old-school suggestion, are your fans/filters/grilles clogged with dust?
  
  Fans spinning up should indicate rising temperatures yet your machine is lightly loaded so perhaps the fans are not able to do their job efficiently.
  
  LikeLiked by 1 person
- 11
  
  hoakley on April 6, 2022 at 2:27 pm
  
  Two other key steps over fans:
  – reset the SMC. This is one of the most successful manoeuvres for dealing with inappropriate fan use, and by that I mean the fans running up without good cause.
  – ensure that you aren’t using any third-party software which might have any effect on the fans or thermal control. If you are, chance are that what is occurring is the result of that software, not macOS.
  I wish you success.
  Howard.
  
  LikeLike
12

spiralganglion on April 6, 2022 at 2:02 pm

Is the face detection feature in Photos (which requires the user to assess the algorithm’s work and point out mistakes) an example of ML training running on device?

LikeLiked by 1 person
- 13
  
  hoakley on April 6, 2022 at 2:24 pm
  
  Yes, it is. And a very successful one, which is well-known not to backload any personal data to Apple.
  Howard.
  
  LikeLike
14

Paul Rockwell on April 6, 2022 at 2:50 pm

You make a good comment on asking why did they choose “trial” and “experiment” nomenclatures. I’m personally simultaneously amazed and puzzled at the names that the Linux/UNIX community choose for application names (witness one of the answers to your last Saturday puzzle)…

LikeLiked by 1 person
- 15
  
  hoakley on April 6, 2022 at 3:27 pm
  
  Yes, a very good example!
  Howard.
  
  LikeLike
16

Ralph Martin on April 12, 2022 at 4:58 pm

One example of where training could be done on the device: misspelled words. A spelling checker decides a word you have typed is not in its list of known words, and offers you possible correct words (using surround words as context). You might decide you didn’t want any of them, but actually what you typed (or something else). This is quite possible if e.g. you are a botanist and they are Latin plant names, a doctor and they are medical terms, etc. The algorithm could incrementally learn about such new words in context, and update its model for making suggestions appropriately.

On device validation is possible in that the system suggests a replacement word, and the user either accepts it, or types what they really wanted instead. Indeed, validation is (almost) always performed in this example.

Another example of on-device validation – some mail gets put in a junk folder, and the user can mark it as not junk, which is at least a form of negative validation.

LikeLiked by 1 person
- 17
  
  hoakley on April 12, 2022 at 9:12 pm
  
  Thank you.
  Howard.
  
  LikeLike