Last month we reported that Apple had surprised mobile security experts by making it easier to inspect the workings of a key piece of its mobile operating system in a preview release of a new version launching this fall. The change is seen as likely to lead to more security bugs getting found—and fixed —in Apple’s code.
Today Apple underscored its new policy in a second beta release of iOS 10. The first beta departed from past releases in leaving the kernel, which controls what applications on a device can do, available for all to see. Experts on iOS security report that the new beta leaves many other components unobscured, too.
Security researcher Mathew Solnik tells MIT Technology Review that represents a “huge change from past policies.” He and others say that the encryption Apple previously used to obscure iOS components increased the work required for anyone who wanted to inspect the workings of the company’s code. Removing it could mean more people will take a look, and hence that more bugs are discovered and reported to Apple.
Apple has long boasted of the security of its products. But the company’s mobile operating system is under much closer scrutiny since Apple’s standoff with the FBI this year after the agency demanded the company help unlock a device used by the perpetrator of a mass shooting in San Bernardino, California. The FBI dropped its attempt to legally coerce Apple after paying a third party to hack the device in question. Apple has said it is working to further strengthen its security features.
Despite that background, Apple has not said it stopped obscuring iOS code to help security researchers. The company initially declined to comment when the first iOS 10 preview release drew attention, and only later released a statement saying the policy change was for performance reasons. Apple declined to explain what those performance benefits might be. The company declined to comment today on the new, even more open iOS beta release.
(Read more: “Apple Opens Up iPhone Code in What Could Be Savvy Strategy or Security Screwup,” “Apple Now Says It Meant to Open Up iPhone Code,” “Apple Vows to Fight the Feds in Battle Over Encryption,” “What If Apple Is Wrong?”)
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.
A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate
Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.
10 Breakthrough Technologies 2023
These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway
Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.