Apple says it purposely didn’t encrypt kernel cache in iOS 10

Apple deliberately claims not to have encrypted the kernel cache in iOS 10. Until now, the company has applied encryption to that portion of its mobile operating system, but Apple says it isn’t necessary because the kernel cache doesn’t contain any user data.

As a result, the privacy of users is not at risk, Apple claims in a statement to TechCrunch. Apple has focused heavily on encryption in recent years to promote user privacy. Therefore, the mobile operating system encrypts user data.

Not encrypting the kernel cache in iOS 10 gives Apple the ability to optimize the performance of the mobile operating system. In addition, security researchers can now more easily rummage through the code, detect any vulnerabilities and report them to Apple. On the other hand, criminals can do the same, TechCrunch notes.

Until now, Apple has invariably encrypted the kernel cache of its mobile operating system, and the iOS 10 test version is the first time it hasn’t happened. The kernel cache is a file in img4 format, consisting of the kernel itself and all extensions.

The fact that the kernel cache is now no longer encrypted does not mean that users will automatically see all the info. The Joker tool, which has been used for years to view the kernel cache of iOS devices, notes in the changelog for the iOS 10 version that simply exporting the unencrypted kernel cache still doesn’t show elements. Contrary to some media reports, Apple has not opened up the kernel or made it open source. It’s just about not encrypting the already compiled kernel cache, which is in the form of an img4 file in iOS.