Tom Simonite, writing for the MIT Technology Review:
Some security experts who inspected that new version of iOS got a
They found that Apple had not obscured the workings of the heart
of its operating system using encryption as the company has done
before. Crucial pieces of the code destined to power millions of
iPhones and iPads were laid bare for all to see. That would aid
anyone looking for security weaknesses in Apple’s flagship
Security experts say the famously secretive company may have
adopted a bold new strategy intended to encourage more people to
report bugs in its software — or perhaps made an embarrassing
mistake. Apple declined to comment on why it didn’t follow its
My understanding is that the reason was something else entirely:
Streamlining the operating system.
Since it contains only the kernel, device drivers, and
configuration files — and absolutely no user data — the iOS 10
kernel cache can be left unencrypted without any concerns over
security or privacy.
Rene’s understanding of things is usually very well-informed. This strikes me as highly unlikely to be a mistake.
Update: Just got this from an Apple spokesperson:
“The kernel cache doesn’t contain any user info, and by unencrypting it we’re able to optimize the operating system’s performance without compromising security.”
So: definitely not a mistake.
★ Wednesday, 22 June 2016