Apple Confirms Unencrypted Kernel in iOS 10 Beta is Intentional
Yesterday it was discovered that iOS 10 does not feature an encrypted kernel, allowing users and researchers access to the core of the operating system and its inner workings. It was unclear at the time whether the lack of encryption was an accident or intentional, but today Apple confirmed to TechCrunch that the company did not encrypt the kernel for a reason.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch.
The kernel, which dictates how software can use hardware and keeps the device secure, is unencrypted so that developers and researchers can "poke around" and find potential security flaws. Because the kernel is easier to access and flaws may be easier to find, Apple can more easily and more quickly patch potential issues.
The move is a shift for Apple, who had encrypted the kernel in past versions of iOS, leaving developers and researchers out of the loop on the inner workings of the operating system. As noted by security expert Jonathan Zdziarski, it's likely that Apple has made this shift to prevent groups from "hoarding" vulnerabilities in Apple's software, like the vulnerability used by the FBI to break into the iPhone 5c of the San Bernardino shooter.
Popular Stories
Apple is ending its credit card partnership with Goldman Sachs, according to The Wall Street Journal. Apple plans to stop working with Goldman Sachs in the next 12 to 15 months, and it is not yet clear if Apple has established a new partnership for the Apple Card. Apple and Goldman Sachs will dissolve their entire consumer partnership, including the Apple Card and the Apple Savings account....
Apple is wrapping up development on iOS 17.2, with the update expected to come out in December. While we're getting to the end of the beta testing period, Apple is still tweaking features and adding new functionality. We've rounded up everything new in the fourth beta of iOS 17.2. Default Notification Sound Under Sounds & Haptics, there's a new "Default Alerts" section that allows you to ...
Apple with iOS 17.1 and watchOS 10.1 introduced a new NameDrop feature that is designed to allow users to place Apple devices near one another to quickly exchange contact information. Sharing contact information is done with explicit user permission, but some news organizations and police departments have been spreading misinformation about how NameDrop functions. As noted by The Washington...
At WWDC in June 2022, Apple previewed the next generation of CarPlay, promising deeper integration with vehicle functions like A/C and FM radio, support for multiple displays across the dashboard, increased personalization, and more. Apple's website still says the first vehicles with support for the next-generation CarPlay experience will be announced in "late 2023," but it has not shared...
Apple will likely release iOS 17.1.2 this week, based on mounting evidence of the software in our website's analytics logs in recent days. As a minor update, iOS 17.1.2 should be focused on bug fixes, but it's unclear exactly which issues might be addressed. Some users have continued to experience Wi-Fi issues on iOS 17.1.1, so perhaps iOS 17.1.2 will include the same fix for Wi-Fi...
Apple is discontinuing in-house modem development after several unsuccessful attempts to perfect its own custom 5G modem chip, according to unconfirmed reports coming out of Asia. According to the operator of news aggregator account "yeux1122" on the Naver blog, supply chain sources related to Apple's 5G modem departments claim that the company's attempts to develop its own modem have...
As the end of 2023 nears, now is a good opportunity to look back at some of the devices and accessories that Apple discontinued throughout the year. Apple products discontinued in 2023 include the iPhone 13 mini, 13-inch MacBook Pro, MagSafe Battery Pack, MagSafe Duo Charger, and leather accessories. Also check out our lists of Apple products discontinued in 2022 and 2021. iPhone Mini ...
Google Drive users have been warned not to disconnect their account within the Google Drive for desktop app, after a spate of reports of files going missing from the cloud service. Alarm bells began ringing last week on Google's community support site when some users reported files mysteriously disappearing from Google Drive, with some posters claiming six or more months of data had...
Top Rated Comments
By contrast Microsoft offers $100,000 for a unique kernel level exploit, $15,000 for a Edge browser exploit and $100,000 for a unique solution to a presented exploit that they have yet to come up with / implement.
So if you were to find an Edge browser exploit in Windows 10 and another exploit that allowed you to jump the sandbox and gain root access to the operating system and then figured out a solution to stop the attack that is safe and implementable you could earn yourself $215,000.
Find the same in iOS, macOS, watchOS or tvOS and earn $0. It's about time Apple got serious and offered their own bug bounty program. It's the most meaningful way to get serious vulnerabilities reported.
And remember the FBI and NSA are paying upwards of $1 Million dollars (as shown in congress reports) for root level attacks on iOS, macOS and Windows. That is the competition. If you're a security researcher who're you gonna tell? Apple and earn nothing or the NSA/FBI and change your entire life?
You are calling it innovation, and then snickering at the "Apple marketing" in your mind for calling it innovation.
Well done.
Apple PR's statement that "[t]he kernel cache doesn't contain any user info" is ridiculously obvious to anyone with technical knowledge in this area. That statement is clearly only intended to placate the non-technical masses who might hear "Apple" and "unencrypted" in the same sentence and get worried about the privacy battle.
Secondly, what sort of performance improvement can this possibly make? Even assuming the kernelcache has to be decrypted once per boot, that must take what, a couple hundred milliseconds for the hardware-accelerated AES engine to do its thing?
I am really baffled by Apple's response. If it was indeed intentional, it must have been for reasons other than what they are saying.