You’ve probably heard it before but we’ll say it once more: Apple does not encrypt the kernel starting from iOS 10. Well, OK, the kernel is not encrypted, so what? Let’s sort out why this step has hit the news, and what it means for Apple users.
On June 13 Apple gave developers access to iOS 10 beta. It turns out that, for the first time in the history of the ‘fruit company,’ the operating system kernel was not encrypted. There were heated debates on this fact — how is that possible? Was it someone’s epic fail or did the company abandon encryption on purpose? Last week Apple dispelled the doubts: encryption was abandoned intentionally.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” an Apple spokesperson told TechCrunch.
So, if kernel encryption does not affect OS security, why did the company encrypt it for years? And why did Apple decide to abandon it after all?
— TechCrunch (@TechCrunch) June 23, 2016
What is the kernel and what’s the purpose of encrypting it?
The kernel is the core part of the operating system that provides access to device hardware (processor unit, RAM, data storage) for system software and apps. Kernel security is critical to the device security at large. Some security policies can be implemented in applications only if they are supported at the kernel level.
So what’s the point of encrypting the kernel? It’s secrecy and safety — pretty much anybody can analyze an unencrypted kernel, while the encrypted kernel requires more work with reverse engineering. Though tablets and smartphones with iOS 10 won’t necessarily be more vulnerable than their ancestors, the final result depends on many factors. For the first time developers, security experts and even bad guys can explore the kernel and find some bugs if they are lucky.
— Kaspersky Lab (@kaspersky) March 16, 2016
This is both good and bad news. If criminals are able to find vulnerabilities first, they will certainly use them against users. If security experts will be the first, they will probably notify Apple and they will release a patch.
There’s a common rivalry between ‘black’ and ‘white’ hackers who search for vulnerabilities in operating systems, but this latest decision by Apple could have a big knock on effect for its users.
Why did Apple set the course for transparency and how does Android come into the picture?
There is a huge market for vulnerabilities. In fact, three of them — black, grey and white. Apple’s isolation policy resulted in a situation where iOS vulnerabilities cost more than others as it’s difficult to find them. For example, last year Zerodium paid one million dollar bounty to researchers who found zero day vulnerability in iOS 9. Having abandoned encryption, Apple appreciably strikes vulnerability dealers: the more people look for security holes the sooner they are found and the less they cost on the market.
— Kaspersky Lab (@kaspersky) February 23, 2016
In addition, Apple gets the chance to patch holes in time. However the company has no Bug bounty program and many hackers would not share their findings with Apple — selling vulnerabilities on the black and grey markets is much more profitable.
Apple’s decision has other consequences. For many years Apple has been waging war with jailbreakers and recently it almost won. Today we don’t have ready-made solutions for jailbreaking iOS 9.3.3 (the newest iOS version for now). Encryption abandonment simplifies jailbreak so we can see it released for iOS 10 rather soon.
Unencrypted kernel also lets loose those who like to change everything. Many Apple users disapprove its strict policies — they’d like to modify their operating system and install third-party apps and add-ons. They always look for a way to bypass these restrictions.
How and why #Apple iOS is turning into #Android
All in all, the more open iOS becomes for developers, the more it resembles Android, the OS that is open from the very beginning (and for this reason experiencing security problems). And it looks like many people like this transformation.