IPhone's boot source code leaked online, raises security concerns

Angelica Greene
February 9, 2018

Apple would appear to have sent a DCMA takedown notice to Github, where the code was leaked, this indicating the code posted was of some large effect.

According to a report from Motherboard, an anonymous user has uploaded what appears to be the source code of iBoot - the iOS secure bootloader - on GitHub, and all evidence suggests the code is authentic. The source code could enable jailbreakers and hackers to discover vulnerabilities in iOS and gain new, unauthorized ways to access the system. However, the boot process iPhone source code contained in iBoot has remained private until recently. This component verifies that iOS is loaded correctly every time and if the kernel is signed by Apple. Moreover, the code can also allow developers to emulate iOS on non-Apple devices.

Apple is notorious for keeping its source code close to its chest, but someone just leaked a heap of very sensitive code online.

"This is the biggest leak in history", Jonathan Levin, the author of a series of books on iOS and Mac OSX internals, said.

Hatch supports ousted Trump aide amid domestic abuse allegations
Porter's role was under-the-radar, and Trump himself remained largely unfamiliar with him for weeks before his role was explained. Porter is one of the few senior White House staffers with past government experience, having served as chief of staff to Sen.

Switch rewards for My Nintendo are finally arriving next month
You can then cash in those Gold Points the next time you purchase an eligible Switch game or DLC from the Nintendo eShop or Nintendo.com.

49ers sign Jimmy Garoppolo to $137.5 million deal
Now, his salary has several zeroes to match the one in his career loss column. Jimmy Garoppolo was the New England Patriots backup quarterback.

Motherboard says no one knows who was behind the code leak. These types of jailbreaks used to be common on older versions of iOS, but as Apple has increased the security of their operating system with features such as the Secure Enclave Process chip, it's been more and more hard to unlock phones in this manner. By exposing this code, it also opens new avenues for Jailbreakers. iPhones and iPads used to be fairly easy to Jailbreak back in the day, but with the launch of TouchID on the iPhone 5s, Apple introduced the "Secure Enclave co-processor", which made exploits hard to uncover.

Is The Code Even Real?

The leaked source code originally came out in 2015, and wouldn't affect users on new devices, Apple said. "And now it's wide open in source code form", Levin continued. He added that Apple's probably not thrilled with the leak due to intellectual property concerns (see: the DMCA request referenced above), but this information ultimately won't have much if any impact on iPhone owners. These days, modders are more likely to sell the exploit than release it for free to the jailbreak community.

Other reports by GizPress

Discuss This Article

FOLLOW OUR NEWSPAPER