Apple explains why the iOS 10 kernel was left unencrypted
Speaking to TechCrunch, an Apple spokesperson revealed that the kernel of the iOS 10 developer beta was left unencrypted simply because user information wasn't being exposed and an unencrypted system runs smoother.
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” the Apple spokesperson said.
A move like this is so untypical of Apple, that many security experts speculated that it might simply be a mistake, though such a glaring oversight would be even more untypical. Turns out, Apple might be shifting toward greater transparency with this move. The lack of encryption in the case of the developer beta does not equal less security. In fact, in the long run, it could mean the exact opposite.
Opening up the kernel like that would allow for security-conscious tinkerers and researchers to find potential weaknesses in the code early on in development which could make patching them easier in time for the final product. This makes even more sense in the light of what transpired earlier this year, with Apple resisting a court order to unlock the iPhone of the San Bernardino shooter which the FBI was able to do anyway, thanks to an exploit, allegedly provided to the FBI by Israeli company Cellebrite for some $15 000.
Whether this will pay off for Apple in the end remains to be seen. The company is notorious with its secrecy and such a move is a pleasant surprise for many. If flaws in beta versions of iOS 10 are widely revealed before the final release, this will shrink the black market for exploits and hacks significantly and would mean a more secure experience in the end.