You’ve probably heard it before, but we’ll say it again: Starting with iOS 10, Apple will not be encrypting the operating system kernel. OK, so the kernel won’t be encrypted — so what? Let’s sort out why this move made the news, and what it means for Apple users.
On June 13, Apple gave developers access to the iOS 10 beta. And for the first time in the history of the “fruit company,” the operating system kernel was not encrypted. Heated debates ensued: How is this possible? Was it someone’s epic fail, or did the company abandon encryption on purpose?
Last week, Apple dispelled the doubts: It was no accident; the company was intentionally abandoning encryption.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch.
If kernel encryption does not affect OS security, why did the company encrypt it for years? And why did Apple decide to change course?
— TechCrunch (@TechCrunch) June 23, 2016
What is the kernel, and what’s the purpose of encrypting it?
The kernel is a core part of the operating system that provides access to device hardware (processor unit, RAM, data storage) for system software and apps. Kernel security is critical to device security. Some security policies can be implemented in applications only if they are supported at the kernel level.
So, what’s the point of encrypting the kernel? It’s about privacy and security: Pretty much anybody can analyze an unencrypted kernel, whereas an encrypted kernel requires more work with reverse engineering. Although tablets and smartphones with iOS 10 won’t necessarily be more vulnerable than their ancestors, the final verdict depends on many factors. For the first time, developers, security experts, and even bad guys can explore the kernel and, if they’re lucky, find bugs.
— Kaspersky Lab (@kaspersky) March 16, 2016
This is both good news and bad news. If criminals are able to find vulnerabilities first, they will certainly use them against users. If security experts get there first, they will probably notify Apple, and the company will release a patch.
There’s a rivalry between the black hat and white hat hackers who search for vulnerabilities in operating systems, but this latest decision by Apple could have a big knock-on effect for its users.
Why did Apple do this, and how does Android enter the picture?
There is a huge market for vulnerabilities — tn fact, three markets, black, gray, and white. Apple’s isolation policy resulted in a situation where iOS vulnerabilities came at a particularly high cost because it’s particularly difficult to find them. For example, last year Zerodium paid a $1 million bounty to researchers who found a zero-day vulnerability in iOS 9. It’s a simple matter of supply and demand: More people looking for security holes equals more security holes found — and sooner — driving down the market cost of vulnerability information.
— Kaspersky Lab (@kaspersky) February 23, 2016
In addition, Apple gets the chance to patch holes in time. However, the company has no bug bounty program, and many hackers may not share their findings with Apple — selling vulnerabilities on the black and gray markets is much more profitable.
Apple’s decision has other consequences. For many years, Apple has been waging war with jailbreakers, and recently it almost won: We don’t have ready-made solutions for jailbreaking iOS 9.3.3 (the most recent iOS version today). Encryption abandonment simplifies jailbreaking, so we may see a solution released for iOS 10 rather soon.
An unencrypted kernel also sets free tinkerers — those who like to change everything. Many Apple users chafe at the company’s strict policies — they’d like to modify their operating system and install third-party apps and add-ons. Tinkerers are always looking for a way to bypass Apple’s restrictions.
How and why #Apple iOS is turning into #AndroidTweet
All in all, the more open iOS becomes for developers, the more it resembles Android, an OS that has been open from the very beginning (and, not coincidentally, an OS that has experienced security problems). It looks to be a transformation that will make many people happy.