Earlier today we reported that the kernel of the first developer preview of iOS 10 is unencrypted – a first for any iOS version. At the time, we weren’t entirely sure if Apple had deliberately done this or if was an error and would get reverted in the next beta of the operating system. Apple has confirmed to TechCrunch, however, that making the kernel unencrypted was an intentional move.
Ecobee HomeKit Thermostat
In a statement, an Apple spokesperson explained that the kernel cache does not contain any user information and by unencrypting it, performance can be better optimized and security is not compromised.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch.
As we explained earlier today, the kernel is responsible for things like security and how apps are capable of accessing the device’s hardware. By opening it up, developers and researchers can look more closely at the kernel’s code and discover security flaws. While there’s some room for malicious actions, by having more people looking for security flaws, Apple can be faster at patching said flaws.
iOS security expert Jonathan Zdziarski explained that Apple’s recent battle with the FBI could be partial reasoning for the decision to open the kernel. He explains that by allowing more people to look more closely at the kernel’s code, the market for groups like the one the FBI interacted with to unlock the San Bernardino device would weaken.
Originally the agency wanted Apple to help penetrate the San Bernardino iPhone, but it dropped that plan after finding a third party who could break into the device. It was the latest evidence of an expanding trade that sells software exploits to law enforcement. Opening up iOS for anyone to examine could weaken that market by making it harder for certain groups to hoard knowledge of vulnerabilities.
Nevertheless, it’s a surprisingly transparent move by Apple to open up the kernel and one that will hopefully lead to performance and security improvements across the board.