Apple leaves iOS 10 kernel wide open in hunt for flaws

By

Grouping would make iOS 10 notifications much better.
Or was it a mistake?
Photo: Zuno Young/Medium

Apple’s first iOS 10 beta ships with an unencrypted kernel that will make it easier to hunt down flaws in its code. This gives the company a greater chance of eliminating possible holes before the final version is made available to all this fall.

With public versions of iOS, the kernel is encrypted to make the operating system as secure as can be. It makes it all the more difficult for third-parties to create their own tweaks that could compromise the security of other users.

However, with the first iOS 10 beta, which was made available to registered developers last week, the kernel is left unencrypted. This will make it easier to weed out any flaws and give Apple the chance to fix them before they make it into the wild.

“That doesn’t mean the security of iOS 10 is compromised,” explains MIT Technology Review“But looking for flaws in this version of the operating system will be much easier.”

“It reduces the complexity of reverse engineering considerably,” adds Jonathan Levin, author of the book Mac OS X and iOS Internals.

If Apple can eliminate flaws in iOS 10 early, it will greatly reduce the possibility of a jailbreak after the software reaches the public later this year. However, Apple is taking a big risk by leaving its kernel open.

The “goodies” exposed by an unencrypted kernel include a security measure that is designed to prevent the kernel from being modified. With access to this, it could be easier for hackers to create tools that can get around it.

Of course, we’re assuming Apple left the kernel unencrypted intentionally, but there is a chance it was a mistake. A big mistake. We’ll have to wait and see whether it’s closed up again in iOS 10 beta 2, which should be available next week.