Apple reveals potential iOS security flaws in unencrypted kernel release

Apple's Tim Cook at WWDC 2016
Apple's Tim Cook at WWDC 2016

Apple has released an unencrypted version of its latest operating system for iOS 10, giving security researchers an unprecedented opportunity to scour the kernel for security flaws. 

The preview version of iOS 10 was released at Apple's WWDC event in San Francisco. 

The company may have adopted this new approach to encourage the reporting of more bugs, but so far it has not commented on this.

MIT Technology Review speculated that it could even have been an embarrassing mistake.

Apple has previously encrypted the kernel when it has released previous versions of iOS, making the work of security researchers much harder as they sought to reverse engineer certain features to look for potential flaws.

This doesn't mean that the security of iOS 10 is compromised, according to Jonathan Levin, who wrote “Mac OS X Internals: To the Apple's core”.

While opening up the kernel for inspection will make it easier for blackhat hackers and governments to find security flaws, it will also help the whitehat community find and report the flaws to Apple, leading to quicker discovery and remediation.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS