iOS 10 Kernel Intentionally Left Unencrypted, Apple Reveals

Following this week’s discovery that the kernel – the core – of the preview version of iOS 10 is unencrypted, Apple has now confirmed to TechCrunch that it was left so intentionally.

“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson explained. Previous iOS versions have concealed the kernel code from the view of developers and researchers.

Though the kernel enforces security and limits how apps can access the iPhone or iPad hardware, Apple’s decision to do away with encryption for the kernel does not leave iOS 10 any less secure. Instead, it simply allows developers and researchers to more easily find security flaws in the code.

While it had previously been speculated that leaving the kernel unencrypted could have been unintentional on Apple’s part, iOS security expert Jonathan Zdziarski told the MIT Technology Review that this “would have been an incredibly glaring oversight, like forgetting to put doors on an elevator”.

Apple’s move could help it to more quickly learn of and patch security holes in iOS, like the one used by the FBI to hack into the iPhone 5C of a terrorist involved in last year’s San Bernardino shootings.

Tagged:
Newsroom
About the Author

News content on AppleMagazine.com is produced by our editorial team and complements more in-depth editorials which you’ll find as part of our weekly publication. AppleMagazine.com provides a comprehensive daily reading experience, offering a wide view of the consumer technology landscape to ensure you're always in the know. Check back every weekday for more. Editorial Team | Masthead – AppleMagazine Digital Publication