A change that Apple imposed to make iOS 7 more secure instead has dramatically weakened the security of devices running that mobile operating system, a security researcher has charged. At the CanSecWest conference here last week, Azimuth Security researcher Tarjei Mandt said that Apple made a major mistake when it changed its random-number generator to make its kernel encryption tougher in iOS 7. The kernel is the most basic level of an operating system and controls things like security, file management, and resource allocation. “In terms of security, it’s much worse than iOS 6,” Mandt said. Soon after his presentation Wednesday in the Grand Ballroom of the Sheraton Wall Centre, he published his presentation slides (PDF) and supporting whitepaper (PDF) as evidence.
