Skip to Content

Apple Now Says It Meant to Open Up iPhone Code

The iPhone maker says it stopped obscuring crucial operating system code to boost performance—a change that could also improve device security.
June 23, 2016

On Tuesday, we reported security experts’ surprise that Apple had opened up some code at the heart of a forthcoming version of the mobile operating system that powers iPhones and iPads.

Security researchers told MIT Technology Review that the company might have decided not to obscure a component called the kernel as it usually did to encourage more people to report bugs in its software—or it had perhaps made an embarrassing mistake.

Apple declined to explain the change when contacted on Tuesday. But after the issue gained wider attention, the company released a statement Wednesday saying it had intentionally left the kernel unencrypted—but not for security reasons.

"By unencrypting it we’re able to optimize the operating system's performance without compromising security," an Apple spokesman said. He declined to elaborate on how exactly the performance of iOS would be improved.

That new detail doesn’t invalidate the observation by people familiar with iOS security that the change also invites greater scrutiny of Apple code that plays a central role in keeping devices secure by limiting what applications can do.

Previously the company wrapped the kernel in protections that had to be broken or worked around if a person wanted to properly inspect its internals. More people might examine Apple’s code now that less effort is required to do so.

Jonathan Zdziarski, an expert on iOS security, said Monday that change could mean more flaws get found—and fixed—in Apple’s operating system. “Opening up the OS might help other researchers to find and report bugs, by giving everyone just as much visibility as an advanced and well-funded research team might have,” he said.

If more people report bugs to Apple, it could make it harder for law enforcement and governments to use a tactic the FBI employed to get into an iPhone used by a perpetrator of last year’s mass shooting in San Bernardino, California (see “What if Apple Is Wrong?”).

The FBI paid an unidentified third party to provide a way to break through Apple’s security after the company refused to help the agency. If Apple is able to fix more bugs thanks to outside tip-offs, cops could find that shopping for iPhone hacking tricks gets more difficult or expensive.

Keep Reading

Most Popular

AV2.0 autonomous vehicles adapt to unknown road conditions concept
AV2.0 autonomous vehicles adapt to unknown road conditions concept

The big new idea for making self-driving cars that can go anywhere

The mainstream approach to driverless cars is slow and difficult. These startups think going all-in on AI will get there faster.

biomass with Charm mobile unit in background
biomass with Charm mobile unit in background

Inside Charm Industrial’s big bet on corn stalks for carbon removal

The startup used plant matter and bio-oil to sequester thousands of tons of carbon. The question now is how reliable, scalable, and economical this approach will prove.

AGI is just chatter for now concept
AGI is just chatter for now concept

The hype around DeepMind’s new AI model misses what’s actually cool about it

Some worry that the chatter about these tools is doing the whole field a disservice.

images created by Google Imagen
images created by Google Imagen

The dark secret behind those cute AI-generated animal images

Google Brain has revealed its own image-making AI, called Imagen. But don't expect to see anything that isn't wholesome.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.