Apple Inc. last week announced a new version of its mobile OS. The tech giant talked about features like improved copy and paste and a smarter Siri. Further, they announced that the software developers will be able to download a preview version of the software ahead of its fall release.
And, the security experts were quite surprised when they found that the smartphone maker had not obscured the workings of the center of its OS by using encryption as it did before. The essential parts of the code, which are intended to power millions of iPads and iPhones, were laid bare for all to see, said a report from MIT Technology Review.
Is the security compromised?
The heart of an OS that controls how programs can use hardware of a device and enforce security is a component called the kernel. In previous iOS release, the tech giant encrypted the kernel, and hid its exact workings that compelled the researchers to find ways around or through it. But, in the preview version of iOS 10 released to the developers last week, the kernel was left open.
But, this does not mean that the security of the iOS is compromised. However, Jonathan Levin – author of an in-depth book on the internal workings of the iOS – says looking for flaws in this version of the OS will be much easier. “It reduces the complexity of reverse engineering considerably,” the expert says.
Security researcher – Mathew Solnik – says the parts exposed include a security measure that protects the kernel from being modified. “Now that it is public, people will be able to study it [and] potentially find ways around it,” he says.
Why Apple open up its code?
It is unclear, why Apple Inc. suddenly opened up its code. As per Levin, one hypothesis in the security community is that someone inside the company “screwed up royally.” While many believe, it could have been intentional to motivate people to pore over the code to disclose of more bugs.
Some users disclose the bugs to companies when they find them so that they can be fixed, but they can be used to create malware and develop “jailbreaks” as well. And, if it’s a mistake, it would be an incredibly glaring oversight, like forgetting to put doors on an elevator, says Jonathan Zdziarski – another iOS security expert.
Apple Inc. , the famously secretive smartphone maker, may have adopted a new strategy destined to motivate more people to report bugs in its software, say some experts. The Cupertino-based firm refused to comment on why it did not follow its usual procedure.
Since the FBI attempted to compel the iPhone maker to assist penetrate a device used by a San Bernardino, California mass shooting culprit, the security of Apple’s software has been under additional scrutiny.