According to MIT Technology Review, the kernel of iOS 10 beta is unencrypted, which allows anyone to examine the code. The unencrypted kernel makes it vulnerable to both security flaws and jailbreak. Previously, Apple had encrypted all the iOS kernels.
The goodies exposed publicly for the first time include a security measure designed to protect the kernel from being modified, says security researcher Mathew Solnik. “Now that it is public, people will be able to study it [and] potentially find ways around it,” he says […]
Jonathan Levin, author of an in-depth book on the internal workings of iOS. “It reduces the complexity of reverse engineering considerably” [and speculates that] someone inside the company “screwed up royally.”
iOS 10 Beta Has an Unencrypted Kernel That Makes It Easier to Jailbreak
Though it doesn’t compromise the security of the latest iOS ecosystem, it has both positive and negative aspects. Security experts are not sure whether Apple has intentionally released the unencrypted kernel of the first developer preview of iOS 10 or done it by mistake. The move has made a lot easier for those hunting for the weakness in the code.
iOS security expert Jonathan Zdziarski has stated that the tech giant may have done it intentionally in order to find out the potential vulnerabilities in the core code.
“Opening up its code would make sense in light of Apple’s recent faceoff with the FBI, Zdziarski notes. Originally the agency wanted Apple to help penetrate the San Bernardino iPhone, but it dropped that plan after finding a third party who could break into the device. It was the latest evidence of an expanding trade that sells software exploits to law enforcement. Opening up iOS for anyone to examine could weaken that market by making it harder for certain groups to hoard knowledge of vulnerabilities,” Zdziarski says.
The heat of any OS is a component named as the kernel. It’s equipped to control how programs are able to use a device’s hardware. Besides, it also enforces security.
Last year, FBI attempted to force the Cupertino-based company to help it in penetrating the device used by a perpetrator who had carried out a mass shooting in San Bernardino, California. The tech giant has hinted to beef up the privacy and security of its iOS device.