iOS 10 Leaves Kernel Unencrypted
After the release of the first beta of iOS 10, security experts cited by MIT Technology Review have found a very interesting surprise: Apple has not encrypted the kernel (the heart of iOS) as it did with previous iOS releases.
With iOS 10 (beta 1) “crucial pieces of the code destined to power millions of iPhones and iPads were laid bare for all to see”, the report says. This would aid anyone who’s looking for security bugs in iOS 10.
Security experts interviewed by MIT Technology Review say there are two possible reasons: (1) someone at Apple has made an embarrassing mistake or (2) Apple is adopting a new strategy encouraging people to report bugs in iOS.
The kernel controls how programs can use the iPhone’s hardware and enforces security. In previous iOS releases, Apple obscured the kernel, so researchers had to find a “way around or through it”.
Now, with the kernel unencrypted, doesn’t necessarily mean iOS 10 is less secure. Instead, finding bugs in the operating system will be easier, according to Jonathan Levin, author of an in-depth book on the internal workings of iOS. Security researcher Mathew Solnik says, “Now that it is public, people will be able to study it [and] potentially find ways around it.”
According to Levin, this move suggests Apple is switching strategies and is now simply encouraging people to pore over the code, which could result in more bug reports, a helping hand for Apple, who will fix them.
Jonathan Zdziarski, another iOS security expert, underpins the above theory and adds that Apple may be after weakening the market for iOS zero-day exploits. Whatever Apple’s strategy is, outside help has always been there, and the company has credited people for reporting security bugs.