The heart of an operating system is a component known as the kernel, which controls how programs can use a device’s hardware and enforces security. Apple has previously encrypted the kernel in iOS releases, hiding its exact workings and forcing researchers to find ways around or through it. But the kernel was left unobfuscated in the preview version of iOS 10 released to developers last week for the most recent Apple devices.
That doesn’t mean the security of iOS 10 is compromised. But looking for flaws in this version of the operating system will be much easier, says Jonathan Levin, author of an in-depth book on the internal workings of iOS. “It reduces the complexity of reverse engineering considerably,” he says.
The goodies exposed publicly for the first time include a security measure designed to protect the kernel from being modified, says security researcher Mathew Solnik. “Now that it is public, people will be able to study it [and] potentially find ways around it,” he says.
There is no way a company as large and focused as Apple accidentally left something as important as the kernel unobfuscated.
This was a strategic move, but to what end?