A week after the launch of the first beta of the next version of Apple's mobile operating system, MIT found that those in Cupertino had left the iOS 10 kernel unencrypted. From that moment, specialists and users began to speculate trying to guess the reason why Tim Cook and company had made this decision, coming to assess the possibility that someone had screwed up to the bottom, but this seemed unlikely because it would be a very serious mistake.
Yesterday, Wednesday, Apple spoke and gave the reasons why it left the kernel of iOS 10 unencrypted. The main reason is optimize system performance. And it is that iOS 9 is encrypted from head to toe and that makes the operating system suffer. Based on the comments and my own experience, iOS 1 beta 10 does move more easily than iOS 9.3.2, so it seems that what they are trying to do by not encrypting the iOS 10 kernel is working.
The iOS 10 kernel does not contain sensitive information
The second reason, which is an extension of the first, is that the iOS 10 kernel does not contain confidential information, so it does not need to be encrypted.
The kernel cache does not contain any user information, and by removing encryption we are able to optimize operating system performance without compromising security.
Until now, Apple has encrypted the kernel to protect its code from unwanted testing or reverse engineering, the latter being more likely to be done by law enforcement. The small risk, which Apple says does not exist, is far less than the potential benefit.
As security experts claim, Apple's latest move will allow security researchers to legitimately dive to the heart of iOS for the first time. The positive part is that the White Hat or White hat they will be able to find more vulnerabilities, report to Apple and those of Cupertino will know the failures sooner. Looking at it in perspective, even if this means that "the bad guys" can find these flaws too, malicious users probably won't have time to exploit a vulnerability that the "good guys" will also discover, perhaps even before them.
Moreover, this too will hurt the market for Gray hat, Neither good nor bad hackers who end up selling vulnerabilities to government agencies, precisely what happened in the case of the San Bernardino sniper's iPhone 5c. If the kernel of that iPhone had not been encrypted, it is likely that the exploit that the hackers used would have also been found by the Gray Hats and Apple would have corrected it before they used it.
As you can see, I am partly trying to find the positive part of this. If security experts and Apple say it's worth it, they must be right. Also, this week I read a comment in a medium that recalled that Ubuntu doesn't have kernel encryption either and it is one of the most secure operating systems in the world. How do you see it?
