iOS 10 Beta Features Unencrypted Kernel Making it Easier to Discover Vulnerabilities
Apple's iOS 10 preview, seeded to developers last week, does not feature an encrypted kernel and thus gives users access to the inner workings of the operating system and potential security flaws, reports MIT Technology Review. It is not known if this was an unintentional mistake or done deliberately to encourage more bug reports.
Security experts say the famously secretive company may have adopted a bold new strategy intended to encourage more people to report bugs in its software--or perhaps made an embarrassing mistake.
In past versions of iOS, Apple has encrypted the kernel, aka the core of the operating system, which dictates how software uses the iPhone's hardware and keeps it secure. According to experts who spoke to the MIT Technology Review, leaving iOS unencrypted doesn't leave the security of iOS 10 compromised, but it makes it easier to find flaws in the operating system. Security flaws in iOS can be used to create jailbreaks or create malware.
The goodies exposed publicly for the first time include a security measure designed to protect the kernel from being modified, says security researcher Mathew Solnik. "Now that it is public, people will be able to study it [and] potentially find ways around it," he says.
Apple has declined to comment on whether the lack of encryption was intentional or a mistake, but security expert Jonathan Zdziarski believes it was done by choice because it's not a mistake Apple is likely to have made. "This would have been an incredibly glaring oversight, like forgetting to put doors on an elevator," he told MIT Technology Review.
He further suggests Apple may have chosen this route to prevent the hoarding of vulnerabilities like the one that was ultimately used by the FBI to break into the iPhone 5c of San Bernardino shooter Syed Farook and to have more people looking at the code to discover latent security flaws.
Popular Stories
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Top Rated Comments