A security researcher claims changes Apple made to tighten its kernel security system in iOS 7 instead weakened the system, making it less secure than its iOS 6 counterpart. (Via CNET and ThreatPost) Azimuth Security researcher Tarjei Mandt discovered the flaw and presented his findings last week at CanSecWest.

The security flaw involves the random number generator Apple uses to secure its kernel. In iOS 6, the number generator that encrypted the kernel derived its values in part from the CPU clock counter. Because it was based on time, the encryption was only marginally secure as the output values were predictable, especially when examining successive numbers.

ios7-early-random-number
Apple was aware of the limitations in iOS 6 and attempted to tighten security in iOS 7 by changing the random number generator to a linear congruential generator, which is more susceptible to brute force attacks.

The problem with the new generator in iOS 7 is that it uses a linear recursion algorithm, Mandt said, which has "more correlation" between the values it generates. That makes them easier to extrapolate and guess, he said.

This flaw potentially allows a malicious hacker to gain kernel-level access to an iOS device via an unpatched vulnerability. The kernel is the base part of the iOS operating system and controls low-level functions such as security and resource allocation.

Apple approached Mandt about his findings and asked for his CanSecWest slide presentation.

Related Forum: iOS 7

Top Rated Comments

Calexander3103 Avatar
Calexander3103
154 months ago
Deliberate back door?

Couldn't have been an accident that someone missed, could it? Nah....everyone get your tin foil hats out cause everyone's out to get us.


In reality, props to white-hat hackers like Mandt
Score: 9 Votes (Like | Disagree)
C DM Avatar
C DM
154 months ago
I like how negative things like this never makes it to the Front Page and not many throwing a punch at Apple like they do for other companies. I am sure if it was any other company, this news would have been the first frontage news. I feel this is done deliberately by MacRumors for generating $$. Just pathetic.
I came across this story on the front page of MacRumors, as I'm sure many others did.
Score: 3 Votes (Like | Disagree)
Laird Knox Avatar
Laird Knox
154 months ago
Random Number Generators are a tricky business. The company I work for has a whole slew of patents and protected IP just for the RNG we use.
Score: 3 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
154 months ago
Modern Intel chips (made after 2008 I think) have ISK which produces actual random values rather than pseudo ones. I guess ARM lacks that right now.
Score: 3 Votes (Like | Disagree)
dumastudetto Avatar
dumastudetto
154 months ago
Deliberate back door?

No. Apple would never do this. They never compromise on customer security for anyone.
Score: 3 Votes (Like | Disagree)
gnasher729 Avatar
gnasher729
154 months ago
It's not in the slides but I'd be curious to know how much brute force is required?
It reads like a restart would require calculation to start again?

Could an app be crafted inside the sandbox to not only gather enough info but to also then have enough time to process that info to get the information it needs to launch an attack without highlighting is presents.

Yes "security by obscurity" = bad. Yes, could be better.
Still if attack needs more than minutes of full throttle processing it goes to take some fairly careful crafting to hid it. Putting more in "Alert but not Alarmed" territory.

It's very hard to say how much of a problem there actually is. My understanding - which may be wrong - is that this random number generator is used at the very early stages while iOS is booting, and is then replaced with something a lot stronger. There's the claim that the random number sequence could be predicted, but then I wonder which non-Apple software would be running on the device at the early stages when this random number generator is in use. Quite possibly none at all.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

samsung crease less foldable display ces 2026%402x

Foldable iPhone's Crease-Free Display Tech Spotted at CES 2026

Tuesday January 6, 2026 3:04 am PST by
CES 2026 has just provided a first glimpse of the folding display technology that Apple is expected to use in its upcoming foldable iPhone. At the event, Samsung Display briefly showcased its new crease-less foldable OLED panel beside a Galaxy Z Fold 7, and according to SamMobile, which saw the test booth before it was abruptly removed, the new panel "has no crease at all" in comparison. The ...
Read Full Article178 comments
iPhone Top Left Hole Punch Face ID Feature Purple

10 Reasons to Wait for This Year's iPhone 18 Pro

Thursday January 8, 2026 2:56 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article69 comments
Apple Card iPhone 16 Pro Feature

Apple Card Will Move From Goldman Sachs to JPMorgan Chase

Wednesday January 7, 2026 12:57 pm PST by
JPMorgan Chase has reached a deal to take over operation of the Apple Card, reports The Wall Street Journal. Barring any "last minute hiccups," the deal should be announced shortly after over a year of negotiations. Reports began circulating over two years ago that current Apple Card issuer Goldman Sachs was looking to end its partnership with Apple as part of an effort to scale back on...
Read Full Article138 comments
iOS 27 Mock Quick

Five New iPhone Features Rumored for iOS 27

Wednesday January 7, 2026 2:51 pm PST by
Though it's been just a few months since iOS 26 launched, we're already hearing rumors about the next-generation version of iOS, iOS 27. iOS 27 will be introduced at Apple's June WWDC 2026 event before it launches in September 2026. We don't know all of the details about iOS 27 yet, but we do have some information about what to expect. "Snow Leopard" Update iOS 27 will apparently focus...
Read Full Article126 comments
Logitech MX Master 3S

Logitech Blames 'Inexcusable Mistake' After Certificate Expiry Breaks macOS Apps

Wednesday January 7, 2026 5:27 am PST by
Logitech users on macOS found themselves locked out of their mouse customizations yesterday after the company let a security certificate expire, breaking both its Logi Options+ and G HUB configuration apps. Logitech devices like its MX Master series mice and MX Keys keyboards stopped working properly as a result of the oversight, with users unable to access their custom scrolling setup,...
Read Full Article123 comments
ChatGPT Health Integration Connectors Feature

OpenAI Launches ChatGPT Health With Apple Health Integration

Wednesday January 7, 2026 11:27 am PST by
OpenAI today announced the launch of ChatGPT Health, a dedicated section of ChatGPT where users can ask health-related questions completely separated from their main ChatGPT experience. For more personalized responses, users can connect various health data services such as Apple Health, Function, MyFitnessPal, Weight Watchers, AllTrails, Instacart, and Peloton. Last month, MacRumors discovere...
Read Full Article98 comments
iphone 17 models

No iPhone 18 Launch This Year, Reports Suggest

Thursday January 1, 2026 8:43 am PST by
Apple is not expected to release a standard iPhone 18 model this year, according to a growing number of reports that suggest the company is planning a significant change to its long-standing annual iPhone launch cycle. Despite the immense success of the iPhone 17 in 2025, the iPhone 18 is not expected to arrive until the spring of 2027, leaving the iPhone 17 in the lineup as the latest...
Read Full Article116 comments
AirPods Pro 3 Year of the Horse Feature

Apple Launches Year of the Horse AirPods Pro 3 for Lunar New Year

Monday January 5, 2026 11:28 am PST by
Apple has designed a limited edition version of the AirPods Pro 3 to celebrate Lunar New Year, and customers in select countries can purchase them starting today. The Year of the Horse Special Edition AirPods Pro 3 feature a unique horse emoji character that's otherwise unavailable. Customers in China, Hong Kong, Taiwan, Malaysia, and Singapore are able to buy the AirPods, and they'll be...
Read Full Article13 comments