Last month we reported that Apple had surprised mobile security experts by making it easier to inspect the workings of a key piece of its mobile operating system in a preview release of a new version launching this fall. The change is seen as likely to lead to more security bugs getting found—and fixed —in Apple’s code.
Today Apple underscored its new policy in a second beta release of iOS 10. The first beta departed from past releases in leaving the kernel, which controls what applications on a device can do, available for all to see. Experts on iOS security report that the new beta leaves many other components unobscured, too.
Security researcher Mathew Solnik tells MIT Technology Review that represents a “huge change from past policies.” He and others say that the encryption Apple previously used to obscure iOS components increased the work required for anyone who wanted to inspect the workings of the company’s code. Removing it could mean more people will take a look, and hence that more bugs are discovered and reported to Apple.
Apple has long boasted of the security of its products. But the company’s mobile operating system is under much closer scrutiny since Apple’s standoff with the FBI this year after the agency demanded the company help unlock a device used by the perpetrator of a mass shooting in San Bernardino, California. The FBI dropped its attempt to legally coerce Apple after paying a third party to hack the device in question. Apple has said it is working to further strengthen its security features.
Despite that background, Apple has not said it stopped obscuring iOS code to help security researchers. The company initially declined to comment when the first iOS 10 preview release drew attention, and only later released a statement saying the policy change was for performance reasons. Apple declined to explain what those performance benefits might be. The company declined to comment today on the new, even more open iOS beta release.
(Read more: “Apple Opens Up iPhone Code in What Could Be Savvy Strategy or Security Screwup,” “Apple Now Says It Meant to Open Up iPhone Code,” “Apple Vows to Fight the Feds in Battle Over Encryption,” “What If Apple Is Wrong?”)
Anti-aging drugs are being tested as a way to treat covid
Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.
A quick guide to the most important AI law you’ve never heard of
The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.
It will soon be easy for self-driving cars to hide in plain sight. We shouldn’t let them.
If they ever hit our roads for real, other drivers need to know exactly what they are.
Crypto is weathering a bitter storm. Some still hold on for dear life.
When a cryptocurrency’s value is theoretical, what happens if people quit believing?
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.