It's called finder's reward...yes they should pay a reward to those that bring them vulnerabilities.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Confirms Unencrypted Kernel in iOS 10 Beta is Intentional
- Thread starter MacRumors
- Start date
- Sort by reaction score
It's called finder's reward...yes they should pay a reward to those that bring them vulnerabilities.
1) Unencrypted is much different than open source. 2) Android's security vulnerabilites have nothing to do with it being open source.
Give apple a break. They are focusing on earth, environment, recycling, equal right and watch band. How could they find time for less important issue like product bugs or security.
Yep, his psychosis.
[doublepost=1466699072][/doublepost]
And the Reach of the Day award goes to this guy.
For every "conscious" person that chooses to help MS instead of wanting the FBI/NSA's money, there are likely far more that choose the other route. You just wouldn't likely ever hear about it, as its not in the government's interest to reveal it. Just look at the recent exploit that they paid over a million for. Was that person(s) not conscious?
Apple's concience about earth, environment and recycling is one of the brightest points it has regarding its corporate image above other companies. Those aspects are as important as the products themselves, but sadly, underlooked as hell because you earn more money by contaminating and polluting like a weed addict on payday.
Let me guess: Global Warming is still a myth for you, isn't it?
Sorry that iOS isn't bugless and securely perfect, but it will never be. But with them NOT FINDING TIME FOR BUGS AND SECURITY and focusing only on earth as you state, Apple is doing well above Android security and giving a decen number of critical and minor updates. In fact, it's doing fine on the OS overall, even though they can't please everyone. So much sadness for an unattended os...
Who said the OS X kernel was encrypted?
It's not, at least not by default, unless you turn on FileVault 2, which encrypts the whole disk (kernel binaries included--and, technically speaking, excluding a small boot partition so you can authenticate when the machine is powered up). iOS basically did something akin to FileVault 2 by default before (actually I'd compare it more to BitLocker plus TPM), except now they're encrypting only user data (sort of like the original version of FileVault did, though presumably with a better encryption method).I don't think it really matters much whether the kernel is encrypted. Encryption makes it more difficult to read the data, but most people care more about user data than about the kernel, which is more or less the same on every device. Encryption is probably the best way to make user data secure, besides perhaps physical security of the device itself--certainly a problem with portable (or Internet-connected) devices. If you're asking whether encryption incurs a performance penalty, the answer is yes--the stored data must be decrypted/encrypted a the time of reading/writing, though dedicated hardware (like Apple has) can speed this up compared to using the main processor (which might noticeably degrade the performance of phones and hardware with similar processors).
But people think it's innovation instead of it being a deal with the Feds... People would never believe their believed Apple could ever lie to them!
People like to say stuff like that, but I dont recall Apple ever mentioning this at all - neither in the marketing-heavy keynote nor the technical developer talks. They don't consider it innovation; it's a minor performance tweak.
[doublepost=1466706723][/doublepost]Also, the system data such as the kernel
Doesn't need encryption. It doesn't matter at all if anybody reads it, because it's a standard file shipped by Apple, and nobody can tamper with it because of codesigning.
That post 70 is just a bunch of hand waving. Apple would not have encrypted it in the first place if it did not matter. And post 70 does says exactly that it makes it easier to find security vulnerabilities. Now I understand "security by obfuscation", but encryption and obfuscation are different. If that statement in post 70 were true then we would not need encryption, but of course it is not true and we do need encryption.
[doublepost=1466713063][/doublepost]
So what keeps someone from just changing the signature? Once the kernel is decrypted, it would not be too hard to figure out where it is stored. The signature is not stored in silicon, so in spite of the handwaving by the know-it-alls it is still less secure than it was. Now I wonder what the reason was for the reduction in security. Makes me go "Hmmmm".
[doublepost=1466715998][/doublepost]
That post 70 is just a bunch of hand waving. Apple would not have encrypted it in the first place if it did not matter. And post 70 does says exactly that it makes it easier to find security vulnerabilities. Now I understand "security by obfuscation", but encryption and obfuscation are different.
In fact, I see 200MB space bump after installing iOS 10 beta 1.
For news: I know nothing about it. But if this move can lead to a safer iOS then I welcome.
I am the one being educated.
The users do but eh these are the Feds who basically say screw the people so are we really surprised this happened? The Feds were gonna find a win somehow even if they had to make Apples lives pure ***** for the remainder of cooks life with the company and possibly beyond
[doublepost=1466731605][/doublepost]
Going to ask the obvious question here since the site says you're a "newbie"
So here goes
You are aware that early iOS Beta or versions in a life cycle ( ex 9.0 to 9.2.3 )
tend to be larger than later versions?
In short the space required could drop by more than half by the time iOS 10 goes full on public or by 10.1
The users do but eh these are the Feds who basically say screw the people so are we really surprised this happened? The Feds were gonna find a win somehow even if they had to make Apples lives pure ***** for the remainder of cooks life with the company and possibly beyond
[doublepost=1466731605][/doublepost]
Going to ask the obvious question here since the site says you're a "newbie"
So here goes
You are aware that early iOS Beta or versions in a life cycle ( ex 9.0 to 9.2.3 )
tend to be larger than later versions?
In short the space required could drop by more than half by the time iOS 10 goes full on public or by 10.1
Yes, it's a common phenomenon, right: from one generation to the next, iOS takes up more and more space.
Thing is, this time, Apple itself advertises that the firmware should take LESS space than its predecessor, so I'm inclined to think that some cleaning up wasn't performed when iOS 10 Beta 1 installed on my iPhone 6.
I just can't seem to reclaim the lost space, is all...
The bootloader decrypts it while loading it into memory for execution, which is why Apple's claim that this improves performance is silly. At best it will improve boot-up times by maybe 1 second or less.
Oh, that's it? Yeah, I agree, sounds like not a real improvement.
Not if the person believes in the government.
It is hard to tell what is the real reasoning for Apples (un)deliberate decision. But as several time iterated, the kernel is opensource (or will be when Apple releases the newest sources), but the source is without the ARM parts. The first beta iOS 10 runs on XNU 3705 which is the same as MacOS Sierra. While it is tedious to go through the compiled kernel, it is not impossible and having the XNU source readily available will help you.
User data is still encrypted.
[doublepost=1466959736][/doublepost]
That article lacks so much logic, it's sad.