Apple confirms iOS kernel code left unencrypted intentionally

by shriteshon 6/23/2016, 1:45:01 AM with 13 comments
  • by headShrinkeron 6/23/2016, 3:34:41 AM

    A move like this fits with a more general ideology Apple has been advocating for the last three years. Privacy, security, and ultruism. Tim Cook has put is mark on the company. One of the first things he did was apologize, (for maps) something unheard of in Apple's culture. I haven't drank the cool-aid and Apple has a lot of issues. I do see they however are making attempts at differentiating from the general corporate behavior of the telecoms and Google. Cook is differentiating from Jobs as well.

  • by gcron 6/23/2016, 2:15:57 AM

    Is there any modern kernel in widespread use that runs while encrypted in RAM?

    What kind of attacks would encrypting a running kernel prevent? The kernel and hardware work together to enforce memory safety, so it can't be to prevent a rogue process from reading kernel memory...

    Edit: Is this talking about encrypting the kernel image in permanent storage, or encrypting a running kernel in RAM? When booting Linux for example, the boot loader will load the Linux kernel image into memory as a gzip-compressed blob. The kernel's first instructions are a small decompressor program that unpack the rest of the kernel image into memory and then jumps into the uncompressed kernel. Did previous iOS versions do something similar to their saved kernel image?

  • by AdmiralAsshaton 6/23/2016, 1:53:35 AM

    I suppose this is the only way to definitively stop any three-letter agencies from asking you to backdoor your kernel.

  • by justinsaccounton 6/23/2016, 1:55:24 AM

    "The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security," an Apple spokesperson told TechCrunch.

    "Apple confirms iOS kernel code left unencrypted intentionally"

    Which is it, cache (of what?) or code?

  • by ericmsimonson 6/23/2016, 2:20:32 AM

    Could this be an invitation for researchers to find a backdoor the NSA required Apple to put in there? Or are they just utilizing the crowd to help secure against NSA attacks?

  • by comexon 6/23/2016, 2:44:38 AM

    The kernel and the root FS are now unencrypted - but not other things, such as the bootloaders (iBoot, LLB) and the firmware for the SEP (Secure Enclave Processor, used to handle things like Touch ID).

  • by gionnon 6/23/2016, 6:02:49 AM

    “The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,”

    This is probably the only true part of the article, it means that they disabled a kernel feature of cache encryption to speed-up performances.

    It has nothing to do with source code nor binaries of the kernel.

  • by fowl2on 6/23/2016, 3:53:59 AM

    Hopefully they didn't tie their integrity/authenticity enforcement to their encryption...

    Although I'm guessing the whole segment is loaded into ram and verified by the bootloader at boot then never touched again.

  • by peterkellyon 6/23/2016, 2:11:49 AM

    In other news: Google admits source code used in Android kernel can be accessed by hackers

  • by majewskyon 6/23/2016, 11:03:39 AM

    > This would have been an incredibly glaring oversight, like forgetting to put doors on an elevator

    You mean a paternoster? :)

  • by chronidon 6/23/2016, 7:11:07 AM

    > The kernel manages security and limits the ways applications on an iPhone or iPad can access the hardware of the device, making it a crucial part of the operating system.

    The kernel technically is the OS, TC! Come on... :)

  • by dguidoon 6/23/2016, 3:18:42 AM

    This is stupid. Anyone interested in writing jailbreaks for iOS would have already had access to these binaries. People are blowing this way out of proportion.

  • by NEDM64on 6/23/2016, 2:12:26 AM

    Must be a revolutionary new feature called "jailbreak bait"...