Thursday, June 23, 2016

Apple intentionally leaves iOS 10 core unencrypted while keeping personal information safe


Apple’s new iOS 10 software made headlines yesterday after MIT Technology Reviewrevealed that the core at the center of the mobile operating system wasn’t encrypted. That seemed like a huge misstep, especially for a company that hasn’t stopped talking about user privacy. How could it have left the operating system wide open when other features like iMessage offer end-to-end encryption? Turns out it was by design.

First, let’s step back. In its article yesterday, MIT Technology Review said that experts it was working with found that Apple “had not obscured the workings of the heart of its operating system using encryption as the company has done before.” The article added that “crucial pieces of the code destined to power millions of iPhones and iPads were laid bare for all to see.” The article came to two conclusions, either this was a big folly or Apple did it for some other reason, knowingly.

Apple responded to The Loop and explained exactly what’s going on with the core encryption, or lack thereof, in iOS 10. “The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,” Apple explained. So, while it is indeed wide open, it isn’t storing personal information on the user, and therefore seems to be relatively unimportant data that’s exposed. Could this mean programmers and hackers can jailbreak newer iPhones quicker?

No comments:

Post a Comment