Apple Leaves iOS Kernel Unencrypted For The First Time: Why Is This Important?

In the preview version of iOS 10, which was released recently at the Apple Worldwide Developer Conference (WWDC), the kernel has been found to be unencrypted. Previous versions of iOS all featured an encrypted kernel, so for Apple to open iOS 10 up like this is a big deal and allows security researchers to take a deeper look inside the operating system to expose potential bugs. Some security pundits have claimed this move makes iOS less secure. Here's what you need to know.

When the news about iOS 10's unencrypted kernel first came out, there was speculation that Apple accidentally forgot to encrypt it. That's highly unlikely given that would have been too big an oversight for a company like Apple. This was confirmed by a company representative who told TechCrunch:

"The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security."

For those who are unfamiliar with what the kernel does, it's basically the gatekeeper to apps that want to access hardware on a given device and is a fundamental part of any computer operating system. While the knee-jerk reaction to iOS 10's lack of kernel encryption is to assume it would make the operating system less secure, it could be beneficial to protecting it in the long run.

Unencrypting the kernel cache gives people the opportunity to see how the kernel works without having a direct influence over it. By essentially opening up part of the operating system, it will make it easier for security researchers and developers to find flaws that can be patched up a lot faster. Even if it does give cybercriminals a bit of an edge in developing malware for iOS 10, the more professionals we have running their eye over the kernel cache the quicker security flaws are found and fixed up.

Also, as mentioned by Sophos senior security advisor Paul Ducklin:

"Is this a cunning plan by Apple to provide an unofficial way for interested parties to dig deeper into iOS of their own accord? If so, could this improve security by helping to dispel fears of 'deliberate backboors' after the FBI recovered data from an encrypted iPhone by undisclosed means?"

[Via TechCrunch]


Comments

    Just to clarify, it's the "kernel cache" not the "kernel code" that is unencrypted. No one is browsing their eyes over any kernel code as suggested.

      Hi eikcam,

      Thanks for flagging. "Kernel code" has been reported in a number of sources so apologies for the mistake. The line that mentioned "code" has been corrected to "cache".

      Cheers,

      Spandas

Join the discussion!

Trending Stories Right Now