Last week Apple cleared the air as to whether or not it intentionally released an unencrypted version of its iOS 10 beta kernel to the developer community, stating the move was intentional.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch, snuffing out rumors that it was an uncharacteristic flub by company.
But of course, Apple’s clarity on the topic didn’t dampen the debate as to whether Apple made the right move. Developers have never been given access to a decrypted version of the iOS kernel. The iOS kernel is the heart of the iPhone and iPad and grants third-party apps access to, and limits use of, Apple hardware assets.
By delivering an unencrypted version of the beta iOS 10 kernel, some argue, Apple is opening its cherished OS to both the good guys and black hat hackers.
Some say the lack of encryption opens up iOS to outside scrutiny by bad guys who until now could only dream of reverse engineering the kernel to write malicious code against it.
“(Encrypting the kernel) is not just about keeping the kernel secret but more importantly, it’s about keeping the kernel from being changed. Any hack or subversion on the kernel would be immediately apparent so this is very powerful. Imagine if the key used to encrypt and sign the kernel was misused…that’s what I call a real cyber weapon,” said Kevin Bocek, VP of security strategy and threat intelligence at Venafi.
Bocek and others point out, just because the kernel doesn’t contain any user info doesn’t mean the unencrypted code couldn’t be used to hack the kernel as part of a way to carry out key OS security breaches.
“Now that it is public, people will be able to study it [and] potentially find ways around it,” said Mathew Solnik, a earlier this month.
when speaking with MIT Tech ReviewThe flip side of argument is that Apple now has more white-hat hacker eyeballs poring over its iOS code helping identify vulnerabilities. That serves the dual purpose of hardening the iOS defenses with more vulnerability feedback and takes the wind out of the sails of the grey-market for iOS exploits.
“Of course, this unencrypted kernel is also a good thing since it allows for the identification of more vulnerabilities and bugs in the open, instead of a government finding and hoarding them (as is the case with FBI that won’t tell Apple and the world about the vulnerability exploited in the San Bernardino case),” Bocek said.
He argues, by decrypting the kernel, Apple is throwing the FBI and law enforcement outside the U.S. a bone. “This is of course what the FBI wanted from Apple and what UK and France law enforcement teams can show up and demand,” Bocek said.
Obviously, at the same time Apple is generating unobscured iOS 10 beta kernel cache data it’s hardening its encryption of its default messaging app iMessage including. Apple states unequivocally: “We also refuse to add a ‘backdoor’ into any of our products because that undermines the protections we’ve built in. And we can’t unlock your device for anyone because you hold the key — your unique password.”
Security experts concede there are risks to having unencrypted kernel, but the benefits outweigh the small amount of risks.