Apple turned heads in June when it released a preview version of iOS 10 containing an unencrypted kernel cache, a significant shift in software security policy meant to streamline system performance, and analysis shows the company is building on those efforts with the second beta release.
In a tweet on Wednesday, security expert Jonathan Zdziarski noted that the second iOS 10 beta leaves even more OS components unencrypted than the first preview version, the MIT Technology Review reports. Researchers clarified much more than kernel cache unobscured.
According to a chart compiled by noted iPhone software expert "MuscleNerd," 32-bit bootloaders, all kernel caches and all RAM Disks (except for Apple TV) are unencrypted in iOS 10 beta 2. In comparison, no bootloaders or RAM Disks were left unencrypted in the first beta version.
The latest release aligns with what appears to be a shift in Apple's approach toward software security. Instead of keeping all aspects of its next-generation mobile operating system under lock and key, the company is opening up certain components to developer scrutiny. The unobscured iOS 10 kernel cache is a prime example.
Since the inception of iOS (previously iPhone OS), Apple has obfuscated the kernel to discourage illicit probing that could inherently weaken system integrity. With iOS 10, however, Apple is relaxing those strict policies by leaving the kernel cache unencrypted, a move it says optimizes system performance. As the cache does not include sensitive information, leaving it unobscured poses no risk to end users.
Researchers speculate the move also benefits Apple's bug reporting efforts. The more eyes on iOS 10, the higher the chance of fleshing out overlooked flaws that can be fixed prior to public release this fall.
Apple has not commented on its decision to expand system transparency, nor has it provided comprehensive list of newly unencrypted iOS 10 assets.
16 Comments
How does use of an unencrypted boot loader make a dent in system performance?
These are things typically not encrypted on other systems.
Maybe this will also be shift in how Apple deals with security. They might even start offering a bug bounty.