Apple Leaves iOS 10 Beta Kernel Unencrypted, On Purpose?
Whenever Apple releases a beta version of a major revamp of iOS following its WWDC keynote session, there’s an acceptance that developers and security researchers will take the opportunity to pull the firmware’s codebase apart to see what they can find.
That’s exactly what some security experts have done with the iOS 10 beta 1 release, and much to their delight, have found something that they probably didn’t expect to find; an unencrypted kernel. It has been discovered that the beating heart of Apple’s iOS platform has not been secured with advanced encryption methods in line with previous versions of iOS.
An unencrypted kernel may not immediately mean anything to the average iPhone and iPad users who simply use the devices for everyday tasks such as messaging, phone calls and sending and receiving emails, but from a security perspective, it makes things a lot easier for developers and hackers to find weaknesses in the iOS 10 codebase.
Of course, as we should all know by now, those weaknesses could eventually be exploited and used to produce a functioning iOS 10 jailbreak, such as the one Canadian developer iH8sn0w recently teased on an iPhone 5 running iOS 10 beta 1.
The fact that the kernel of the iOS 10 beta is entirely unobfuscated could be viewed in two ways. Jonathan Levin, who has authored a book on the internal workings of iOS, believes that there’s the potential someone within Apple has simply “royally screwed up” by pushing out a public facing version of iOS 10 without a secure kernel. On the other hand, there is a train of thought that suggests the move could be a deliberate one, ultimately allowing security researchers the ability to more easily discover bugs and vulnerabilities that could then be given back to Apple to fix ahead of an actual live release later this year.
It seems to be the general consensus amongst the security world that the latter could indeed be true. As security researcher Jonathan Zdziarski puts it, “this would have been an incredibly glaring oversight, like forgetting to put doors on an elevator.”
Knowing what we know about Apple, it’s highly unlikely that the company or one of its engineers would make such an elementary mistake. With the iOS 10 kernel unencrypted, for the time at least, the complexity of reverse engineering is hugely reduced, meaning that those developers and hackers involved in the jailbreaking world will most definitely be taking the opportunity to exploit the system.