iOS 10’s Kernel isn’t encrypted

Tom Simonite, MIT Technology Review (via. The Loop):

The heart of an operating system is a component known as the kernel, which controls how programs can use a device’s hardware and enforces security. Apple has previously encrypted the kernel in iOS releases, hiding its exact workings and forcing researchers to find ways around or through it. But the kernel was left unobfuscated in the preview version of iOS 10 released to developers last week for the most recent Apple devices.

That doesn’t mean the security of iOS 10 is compromised. But looking for flaws in this version of the operating system will be much easier, says Jonathan Levin, author of an in-depth book on the internal workings of iOS. […]

Jonathan Zdziarski, another iOS security expert, favors that hypothesis, because accidentally forgetting to encrypt the kernel would be such an elementary mistake. “This would have been an incredibly glaring oversight, like forgetting to put doors on an elevator,” he says.

Gruber’s piece came out while I was reading this article. I’m presuming iOS 10’s kernel being unencrypted as an intentional decision. The question in my mind was: “Why not announce it at WWDC?”.

If Apple does want the right eyes looking through the kernel for possible fixes or a general betterment, I suppose it worked with the assumption that only people with relevant knowledge would have a look at the innards and pursue it to productive conclusions. Announcing it may have caused a stir in the media, probably questioning Apple’s ‘dwindling competence’ in the process. I have a feeling the iOS 10 Public Beta’s kernel may be encrypted.

In Uncategorized by Mayur Dhaka