Apple Confirms It Has Left iOS 10 Kernel Unencrypted On Purpose
Apple’s surprise move to leave the iOS 10 kernel unencrypted was deliberate, as it doesn’t compromise user privacy, a company spokesperson confirmed to TechCrunch.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch.
Shortly after the first beta of iOS 10 was released to developers, security researchers discovered that, for some reason, Apple had left the heart of the mobile operating system, the kernel, unencrypted. This is a rare move from the company, as in previous versions of iOS the kernel was obfuscated by encryption.
This prompted security researchers speaking with MIT Technology Review to speculate that either someone at Apple may have made a rookie mistake, or that Apple is taking an important step toward transparency.
Turns out, as expected, this move was deliberate. By doing so, Apple could weaken the market for security flaws such as the one the FBI used to crack the security of iOS. You may recall that the FBI paid a hefty sum to gain access to the iPhone 5c used by the San Bernardino shooter.
By leaving the kernel unencrypted, security researchers are able to discover security bugs more quickly and report them to Apple. It could also mean quicker security fixes for Apple customers.