by Dan Moren
iOS 10 beta’s kernel not encrypted
In an unusual move, the iOS 10 beta’s kernel—i.e. the core of the operating system—is not encrypted, possibly to make it easier for security researchers to find vulnerabilities and report them to Apple, reports Technology Review:
Opening up its code would make sense in light of Apple’s recent faceoff with the FBI, Zdziarski notes. Originally the agency wanted Apple to help penetrate the San Bernardino iPhone, but it dropped that plan after finding a third party who could break into the device. It was the latest evidence of an expanding trade that sells software exploits to law enforcement (see “The Growing Industry Helping Governments Hack Terrorists, Criminals, and Political Opponents”). Opening up iOS for anyone to examine could weaken that market by making it harder for certain groups to hoard knowledge of vulnerabilities, Zdziarski says.
It’s a bold move, and I agree with Zdziarski that it’s like to be on purpose, since it being an accident is, as he puts it, a bit like “forgetting to put doors on an elevator.” This could also make it easier for folks to create jailbreaks, but in theory those same vulnerabilities should be easy for others to find as well.
Either way, I’m guessing we’ll know soon enough, depending on the state of the kernel in the next beta. Either way, it’s sure to be encrypted once again when the full version is released this fall.