Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Encryption IOS Iphone Operating Systems Privacy Security Apple Your Rights Online

Kernel of iOS 10 Preview Is Not Encrypted -- Nobody Knows Why (technologyreview.com) 82

Security experts are claiming that iOS 10 preview, which Apple made available to enthusiasts last week, is not secure. iOS 10 is the latest version of Apple's mobile operating system. It will be available to standard customers later this year (likely around September). According to security experts, iOS 10's kernel is not encrypted. MIT News reports: Why Apple has suddenly opened up its code is unclear. One hypothesis in the security community is that, as author Jonathan Levin puts it, someone inside the company "screwed up royally." But he and security researcher Mathew Solnik both say there are reasons to think it may have been intentional. Encouraging more people to pore over the code could result in more bugs being disclosed to Apple so that it can fix them.
This discussion has been archived. No new comments can be posted.

Kernel of iOS 10 Preview Is Not Encrypted -- Nobody Knows Why

Comments Filter:
  • Not secure? (Score:5, Informative)

    by wiredog ( 43288 ) on Wednesday June 22, 2016 @09:03AM (#52366003) Journal

    How does "not encrypted" == "not secure" in this arena?

    FTA: "That doesnâ(TM)t mean the security of iOS 10 is compromised."

    • by Anonymous Coward

      Hell, how does "not encrypted" == "opening up the code"? The article talks like it being unencrypted means apple's giving out the source code, which is hilariously incorrect.

      I haven't read any other articles from "Technology Review", but just from this article, I have doubts about their knowledge of technology.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      If it was directly programmed in machine language, I suppose you have the source code.

      Nahhh. It's not 1960 anymore.

    • by Bert64 ( 520050 )

      Encrypting the kernel does nothing to improve security, as it's not true encryption but rather just obfuscation.
      The kernel has to be decrypted in order to execute, therefore every device must have the key so rather than cracking the encryption you just have to work out how to extract the key, or how to extract the decrypted kernel image.
      All it really does is create extra points of failure, waste resources and increase the risk of bugs.

      • It also ensures that the kernel on the device wasn't modified (think: desolder NVRAM, solder onto your own board, modify, replace).
        • It also ensures that the kernel on the device wasn't modified (think: desolder NVRAM, solder onto your own board, modify, replace).

          Exactly.

  • Just out of interest, how much codebase do they have in common, does anyone know? Is it the same mach kernal running on both for example?

  • by Anonymous Coward

    The article seems to react as if they gave the source code, which is not the same thing as being unencrypted. If it's just a binary blob it's not really "open". However, I guess that's still easier to find exploits than an encrypted kernel, though.

    I know the kernel is Darwin which IS open source. Does Apple modify it much without releasing their changes?

  • Ok? (Score:5, Informative)

    by LichtSpektren ( 4201985 ) on Wednesday June 22, 2016 @09:13AM (#52366057)
    iOS shipped unencrypted by default until v.8. The source code is freely available to view online: http://opensource.apple.com/so... [apple.com]
  • by i.r.id10t ( 595143 ) on Wednesday June 22, 2016 @09:14AM (#52366063)

    It is a limited preview release... not released to the masses. I would expect that some stuff will change between now and release day... including whether or not the kernel is encrypted or not...

    • by tlhIngan ( 30335 )

      I don't think it's even an issue - it's a limited developer preview. These are builds given to developers to load onto their devices so they can develop and test their apps running on the new OS ahead of time.

      It's not meant to be secure, it's not meant to be used in production, it's just so developers can test out the new APIs and start coding against them

      Hell, you're allowed to downgrade your device back to iOS 9 if you don't need it anymore.

      The public beta isn't until a month or more away

  • Time to compile the source and see what the difference will be against the binary?
    • by hlavac ( 914630 )
      And unencrypted kernel is a good thing. It just needs to be SIGNED, not encrypted.
      • Wouldn't encrypting it work sorta like a signature? If the boot loader is loaded with a key, and only that kernel - or kernels released as part of point releases/security updates - will decrypt with that key, isn't that equivalent to checking a signature?

  • by invictusvoyd ( 3546069 ) on Wednesday June 22, 2016 @09:26AM (#52366129)
  • Did encrypting it raise suspicion in countries like China?

  • by grc ( 52842 ) on Wednesday June 22, 2016 @09:56AM (#52366307) Homepage

    Maybe Apple is just trying to revive the JailBreak community. This community has contributed many innovative ideas that Apple eventually incorporated into newer versions of iOS. The JailBreak community is not what it once was, and maybe Apple is just trying to resuscitate it...

  • by account_deleted ( 4530225 ) on Wednesday June 22, 2016 @10:12AM (#52366401)
    Comment removed based on user account deletion
    • Sam Flynn was seen jumping off the Encom Tower . . .

      That would be the Shangri-La hotel in Vancouver on West Georgia St.

  • Maybe Apple's been forced to include some sort of backdoor that they can't talk about, and this is the only way it might be "exposed." Then again, I wouldn't expect Apple to give two shits if it had the potential to negatively impact sales, so maybe not...
  • Comment removed based on user account deletion
  • Somebody forced them to include something ugly, they are not allowed to tell and they really hope we'll find it now.

UNIX was half a billion (500000000) seconds old on Tue Nov 5 00:53:20 1985 GMT (measuring since the time(2) epoch). -- Andy Tannenbaum

Working...