Apple Unveils iOS 10 sans an Encrypted Kernel
In a surprising turn of events, Apple brings out the latest version of its ubiquitous operating platform without an encrypted kernel. Synonymous to the developer preview of iOS 10, the final version also allows developers to delve deep into the detailed codes— mainly for determining and mitigating the potential security flaws or kernel security failure.
All the previous iterations came with encrypted cores and the developers weren’t allowed access into the world of codes— instrumental in creating the functional system components of the iOS. That said, a kernel is similar to the heart of an OS— including codes and other software essentials.
photo cultofmac.com
Apple hasn’t officially commented on this surprising change but by keeping the kernel unencrypted, the company has made quite a brave if not a desperate move. Moreover, the developer documentation hasn’t even mentioned this curious case of iOS 10. According to reports, this move might be to look in for security hacks residing inside the iOS kernel. On exposing the kernel to developers, the potential vulnerabilities can be easily detected. Then again, Apple can fix the issues right before the official release.
However, better security isn’t the only theory on display and some believe this move to be dedicated towards finding entry-points into a hacked system. This takes us back to the San Bernardino shooting where the FBI broke into an iPhone while interrogating a high-profile gunman. The FBI, however, didn’t share details with Apple— keeping the findings extremely secretive. If the developers can help find entry-points into the iOS 10— Apple might just get to know about FBI’s way of opening up the OS. BBC might have had a few scoops, via the insider which still show Apple’s reluctance to incorporate researchers for finding security flaws. This way only the second theory would hold true.
Insights into the unencrypted core revealed interesting results. In comes a mechanism that would prevent the kernel from being modified by an external code. Apple might have included this for additional security. However, there is a minor bug which could bring in an invasion and via the developers, Apple is trying its best to fix the same. The company doesn’t want people to find ways around the code.
Some believe this to be an accidental release— reason which Apple hasn’t announced anything officially. However, this seems improbable as a company this big wouldn’t allow an accidental version to stay on-board for such a long time. Most importantly, this release is more of a motivation with a few points of contention. Therefore, some do believe this to be an intentional move.
Without encryption, iOS will definitely be an easy nut to crack. It will be much easier to study and after the ‘San Bernardino’ lawsuit things are definitely pointing towards a more discoverable approach from Apple, strengthening a few loopholes against the prying governments eyes. Moreover, FBI was successful in decrypting the iOS— showing that Apple’s pride can certainly be unraveled. By releasing the unencrypted version, the playing field has been levelled by the company and it will curb the growth of individuals who sell exploit kits to organizations.
It would be interesting to see how apps like YouTube and Cinemabox work on this new version of iOS and whether the unencrypted kernel will show up during the official release. Once the issues are resolved and Apple gets to the entry-points, the kernel might just be locked up, all over again. At the end, developers will surely rejoice this momentary peek into the detailed codes.
Update: Recent reports reveal that Apple has unintentionally left the kernel unencrypted, stating transparency as the foremost reason.
Guest Author: Richard Smith
Tips on How to Choose the Best App Designer to Design an Enterprise App
