Apple left iOS 10’s core code unencrypted on purpose
Apple is infamous for guarding its secrets tightly, so it came as a big surprise that the preview version of iOS 10 it released at WWDC has an unencrypted kernel. According to a spokesperson, though, Cupertino did it on purpose, because by leaving it unencrypted, the company was “able to optimize the operating system’s performance without compromising security.” The kernel is the heart of an operating system, and on iOS, it’s in charge of security and managing what parts of an iPhone or an iPad apps can access. Apple used to keep it under several layers of protection — now that security researchers can examine it more closely, bugs could come to light more quickly than before.
iOS security expert Jonathan Zdziarski told MIT Technology Review that “Opening up the OS might help other researchers to find and report bugs, by giving everyone just as much visibility as an advanced and well-funded research team might have.” Tech Review points out that this could prevent law enforcement agencies from exploiting flaws to crack locked devices, like what the FBI did to get into the San Bernardino shooter’s iPhone. After all, if there are more eyes looking for bugs, they can be found and patched much sooner. For the rest of us, this could translate to greater security and phones or tablets that run more smoothly.
(26)