April 26, 2018

Apple's Core iOS Source Code Leaked on GitHub, Could Reinvigorate Jailbreaking

09 February 2018, 01:59 | Rudolph Thomas

iPhone iBoot Source Code Leaked Online Sparking Security Headache For Apple

“Biggest iPhone Code Leak?” — Source Code Of The Most Critical Part Of iOS Dumped On GitHub

Here's hoping Apple is right, because the code was up long enough for it to spread far beyond GitHub.

An anonymous user reportedly posted top secret iPhone source code on GitHub in what is being called the "Biggest Leak In History". The leak could pave way for jailbreakers and hackers to break more easily into iPhones, explore its vulnerabilities and compromise a device or possibly contribute to a jailbreak.

Apple has shot down the significance of an apparent source code leak for the iPhone's iBoot bootloader which loads the operating system.

iBoot is the first program that boots when an iPhone is turned on.

iBoot's role is to verify that the kernel is signed by Apple during bootup and it is very integral to the iOS security system.

While the leak will probably not have any widespread repercussions for the vast majority of Apple device users, it will be of interest to those who want to sift through firmware code looking for unexplored ways to fiddle with iPhones and iPads.

Even though one cannot compile the source code due to missing files, it can however be analyzed to find any vulnerabilities, say security researchers.

The code was put on Github anonymously, and it's not clear who smuggled it out of Apple headquarters. While the code was for iOS 9, parts of it could still be used in iOS 11. The latest iOS versions have better security tools that make it hard for even highly skilled researchers to look for bugs, since they need to jailbreak the smartphone first before inspecting the device.

He continued on to suggest that the code appeared to be real iPhone source code because it aligned with the code he had reverse engineered himself.

Apple has been pretty secretive with its codes and has avoided releasing it to the public, although it has made certain parts of iOS and MacOS open source in the past few years. So, Apple must own the copyright of the code in order to have it removed. Apple has yet to comment on the issue. It's likely we'll see some changes in the source code moving forward in order to address some of the damage that is now possible at the hands of enterprising hackers.

Other News

Trending Now

2 people killed, 116 injured in SC trains collision
At least 89 people were taken to hospitals, and three were admitted, hospital officials said. It is not known how many people were inside the goods train, run by freight operator CSX.

Donald Trump says newly released Federal Bureau of Investigation text messages are 'BOMBSHELLS'
Some of Strzok and Page's texts have drawn concern over what looks like more than general anti-Trump sentiment. Strzok and Page's also provide some insights into their handling of the Clinton and Trump investigations.

India vs South Africa 3rd ODI, Cape Town
Chahal finished with 5-22 in 8.2 overs, tearing apart South Africa after India won the toss and opted to put the hosts to bat. Van Niekerk, who is the ninth-ranked bowler in the world, further said: "It is a fresh start for us as a very tight unit".

Syrian Army deploys new air defenses in north
The Syria Civil Defence, whose rescue workers are commonly known as the White Helmets, earlier put the death toll at about 30. Two barrels containing chemical gasses had been dropped from helicopters on Sunday night, Saad said.

Found: 100-Million-Year Old Arachnid with a Tail Encased in Amber
Amber is nature's time capsule , providing a glimpse of whatever plants or animals became trapped in resin before it fossilized. The scientists think it lived on or around tree trunks, perhaps under bark or in the moss at the foot of a tree.

No. 5 Ohio State Slips Past Spartans, 4-2
Penn State competed without national champ Jason Nolf (knee) and the Lions also did not have Matt McCutcheon available at 197. The 174-pound bout was a rematch of last year's NCAA final between Penn State's Mark Hall and Bo Jordan of the Buckeyes.

White House Plays Down Stock Market's Bad Day
The Dow, however, is still 23% higher than when Trump was inaugurated in January 2017. "We broke it 84 times this year". With stock markets declining again, the White House on Monday said the fundamentals of the US economy are "strong".

How to Watch Espanyol vs. Barcelona
Espanyol will be roared on by their own fans, but they know that the visitors are the favourites to win this game. He then ran to the home supporters and raised his finger to his lip in a "shushing" motion.

Nigeria's 2018 World Cup Gear Is As Dope As It Gets
Meanwhile, the away kit is a classic two-tone red and white effort alluding to the Three Lions' 1966 World Cup victory. Four days later, the Eagles will also wear the new kits for another World Cup warm-up game against Serbia in London.

China says Rex Tillerson is demonstrating United States 'disdain' and 'paranoia'
Washington may increase political pressure on the Venezuelan government by imposing a ban on oil imports from the country. Maduro shot back, in a video on Facebook , saying that Tillerson "has just threatened us with an oil boycott".