A security researcher claims changes Apple made to tighten its kernel security system in iOS 7 instead weakened the system, making it less secure than its iOS 6 counterpart. (Via CNET and ThreatPost) Azimuth Security researcher Tarjei Mandt discovered the flaw and presented his findings last week at CanSecWest.

The security flaw involves the random number generator Apple uses to secure its kernel. In iOS 6, the number generator that encrypted the kernel derived its values in part from the CPU clock counter. Because it was based on time, the encryption was only marginally secure as the output values were predictable, especially when examining successive numbers.

ios7-early-random-number
Apple was aware of the limitations in iOS 6 and attempted to tighten security in iOS 7 by changing the random number generator to a linear congruential generator, which is more susceptible to brute force attacks.

The problem with the new generator in iOS 7 is that it uses a linear recursion algorithm, Mandt said, which has "more correlation" between the values it generates. That makes them easier to extrapolate and guess, he said.

This flaw potentially allows a malicious hacker to gain kernel-level access to an iOS device via an unpatched vulnerability. The kernel is the base part of the iOS operating system and controls low-level functions such as security and resource allocation.

Apple approached Mandt about his findings and asked for his CanSecWest slide presentation.

Related Forum: iOS 7

Top Rated Comments

Calexander3103 Avatar
Calexander3103
143 months ago
Deliberate back door?

Couldn't have been an accident that someone missed, could it? Nah....everyone get your tin foil hats out cause everyone's out to get us.


In reality, props to white-hat hackers like Mandt
Score: 9 Votes (Like | Disagree)
C DM Avatar
C DM
143 months ago
I like how negative things like this never makes it to the Front Page and not many throwing a punch at Apple like they do for other companies. I am sure if it was any other company, this news would have been the first frontage news. I feel this is done deliberately by MacRumors for generating $$. Just pathetic.
I came across this story on the front page of MacRumors, as I'm sure many others did.
Score: 3 Votes (Like | Disagree)
Laird Knox Avatar
Laird Knox
143 months ago
Random Number Generators are a tricky business. The company I work for has a whole slew of patents and protected IP just for the RNG we use.
Score: 3 Votes (Like | Disagree)
ArtOfWarfare Avatar
ArtOfWarfare
143 months ago
Modern Intel chips (made after 2008 I think) have ISK which produces actual random values rather than pseudo ones. I guess ARM lacks that right now.
Score: 3 Votes (Like | Disagree)
dumastudetto Avatar
dumastudetto
143 months ago
Deliberate back door?

No. Apple would never do this. They never compromise on customer security for anyone.
Score: 3 Votes (Like | Disagree)
gnasher729 Avatar
gnasher729
143 months ago
It's not in the slides but I'd be curious to know how much brute force is required?
It reads like a restart would require calculation to start again?

Could an app be crafted inside the sandbox to not only gather enough info but to also then have enough time to process that info to get the information it needs to launch an attack without highlighting is presents.

Yes "security by obscurity" = bad. Yes, could be better.
Still if attack needs more than minutes of full throttle processing it goes to take some fairly careful crafting to hid it. Putting more in "Alert but not Alarmed" territory.

It's very hard to say how much of a problem there actually is. My understanding - which may be wrong - is that this random number generator is used at the very early stages while iOS is booting, and is then replaced with something a lot stronger. There's the claim that the random number sequence could be predicted, but then I wonder which non-Apple software would be running on the device at the early stages when this random number generator is in use. Quite possibly none at all.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

Generic iOS 19 Feature Mock Light

iOS 19 Rumored to Include These New Features for Your iPhone

Saturday March 1, 2025 11:00 am PST by
iOS 19 is still around three months away from being unveiled, but there are plenty of rumors about the upcoming update. Below, we recap iOS 19 rumors so far. Redesigned Camera App A leak earlier this year allegedly revealed a redesigned Camera app coming with iOS 19. On his YouTube channel Front Page Tech in January, Jon Prosser shared a video showing what the new Camera app will...
Read Full Article130 comments
iOS 18

Apple Says iOS 18.4 Will Be Released in April With These New Features

Wednesday February 26, 2025 7:15 am PST by
In a recent press release, Apple confirmed that iOS 18.4 will be released in April. From the Apple News+ Food announcement:Coming with iOS 18.4 and iPadOS 18.4 in April, Apple News+ subscribers will have access to Apple News+ Food, a new section that will feature tens of thousands of recipes — as well as stories about restaurants, healthy eating, kitchen essentials, and more — from the...
Read Full Article44 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Latest iPhone 17 Series CAD Images in Line With Redesign Rumors

Friday February 28, 2025 2:51 am PST by
Apple is expected to embrace a new camera system design for some models in its upcoming iPhone 17 series, and the latest purported CAD images don't deviate from what we have been hearing lately about Apple's new lineup. If you do not like the sound of an iPhone with a Google Pixel-style camera bar, look away now. Seasoned leaker Sonny Dickson shared the following images in a post on X...
Read Full Article107 comments
apple intelligence black

These New Apple Intelligence Features Are Coming in iOS 18.4

Friday February 28, 2025 3:17 pm PST by
iOS 18.4 was supposed to bring new Apple Intelligence Siri features, but Apple ended up needing to pull those capabilities from the update to continue testing. There are fewer new Apple Intelligence additions now, but there are still some new features that will make the update worth installing when it comes out in April. Priority Notifications Apple introduced Priority Notifications back at ...
Read Full Article72 comments
iphone 16e usb c feature

Apple Provides Reason for iPhone 16e's Lack of MagSafe

Friday February 28, 2025 4:39 am PST by
Apple has offered a reason why the iPhone 16e doesn't include MagSafe, one of the more notable omissions from its latest entry-level smartphone. According to Apple representatives who spoke to Daring Fireball's John Gruber, MagSafe is not included in the iPhone 16e because "most people in the iPhone 16e's target audience exclusively charge their phones by plugging them into a charging...
Read Full Article366 comments
Apple MacBook Air 2 up hero 240304 feature

New MacBook Air Announcement Reportedly 'Imminent' — Here's When

Sunday March 2, 2025 5:40 am PST by
With the iPhone 16e now in the hands of customers, Apple reportedly plans to move on to its next product announcement in the coming days. Apple plans to announce new MacBook Air models with the M4 chip "as early as this week," according to Bloomberg's Mark Gurman. "I expect the M4 MacBook Air to be introduced as early as this week," said Gurman, in a post shared on X today. "Inventory has ...
Read Full Article104 comments
Apple AirPort Routers

Apple's Discontinued Line of AirPort Wi-Fi Routers Could Return in an Unexpected Way

Saturday March 1, 2025 10:00 am PST by
Throughout the 2000s and 2010s, Apple offered a line of Wi-Fi routers that it referred to as AirPort base stations. There was a standard AirPort Express, a higher-end AirPort Extreme with more advanced networking features, and an AirPort Time Capsule that doubled as an external storage drive for backing up a Mac with Time Machine. Apple discontinued the AirPort line in 2018, but the company...
Read Full Article171 comments
apple c1

How Fast is Apple's First-Ever 5G Modem? The Results Are Surprising

Friday February 28, 2025 10:08 am PST by
iPhone 16e reviews are now out, and Apple's custom-designed C1 modem has been put to the test. The results so far are quite surprising, as the C1's speeds are not as slow compared to Qualcomm modems as originally expected. While the C1 does not support ultra-fast mmWave 5G in the U.S., it appears to offer comparable 5G performance to Qualcomm's Snapdragon X71 modem found in the iPhone 16,...
Read Full Article146 comments
airpods pro purple

Here's When AirPods Pro 3 Are Rumored to Launch

Monday February 24, 2025 9:14 am PST by
According to a post on X today from a leaker known as Kosutami, Apple plans to launch AirPods Pro 3 in May or June this year. The leaker also claimed that an AirTag 2 will launch around the same time. Kosutami is best known as a collector of prototype Apple hardware, but they have occasionally shared accurate information about Apple's future product plans. For example, they accurately...
Read Full Article