“‘The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security,’ clarified an Apple spokesperson to TechCrunch,” Precious Valerie writes for Morning News USA. “This snuffed out the rumors that the company was lax over the matter.”
“However, this does not end the debate on whether the tech giant is making the right move,” Valerie writes. “Developers never had access to the decrypted version of the iOS kernel.”
Valerie writes, “Apple’s move to offer access to its unencrypted version of the beta iOS 10 kernel will supposedly open the OS to both good and bad guys.”
Read more in the full article here.
MacDailyNews Take: It’s good in every way. That it’s a stick in the eye of overreaching governments everywhere makes it all the more luscious!
SEE ALSO:
Apple: We intentionally left iOS kernel unencrypted – June 23, 2016
Apple exposes iOS kernel in what could be savvy strategy or major screwup – June 22, 2016
Makes the hair stand up on the back of my neck.
Shave your neck?
Eh, it’s not much of a security issue (technically) and it’ll make the new MacOS even more “snappy” 😉
Security has never been an issue with OS X because unix is fundamentally secure. And, as is the case with a bear; you don’t have to outrun the bear, you just have to outrun the others running from the bear. That’s why I love Windows and Android users, gives the hackers a nice big, easy to hit target.
If unencrypting operating systems is a good thing how many other companies have done the same?
How many other companies supply OSes? I’m sure Linux isn’t encrypted. Dunno about Windows. The idea of encrypting code is a pretty recent idea, and doesn’t really achieve much.
This is probably only during the beta phase, unless someone knows differently. It will probably be encrypted again when released this fall.
It’s hard to see what benefit there would be in encrypting the final, but not the beta. The beta is almost exactly the same, so any information to be gleened would be gleened anyway from the beta.
The way to feel about this goes back to how one feels about human nature. Are people generally good and ethical or bad and mercenary? I can see the unencrypted kernel resulting in vulnerability reports going to apple who would produce a more secure system for all. On the other hand I can see black hat hackers using the kernel to discover new zero day vulnerabilities, then sell them before presenting them in the open to Black Hat or Defcon attendees. Only the future will provide answers.
I suspect Apple wants the black hats to go nuts and find everything there is to find, then Apple can patch it all once and for all.
Unless the source is a total overhaul of the Mac OS, wouldn’t some of the vulnerabilities found also affect prior versions of the OS?