Massive online leak reveals iPhone’s deepest secrets

By

iPhone boot up
"The biggest leak in history."
Photo: Ste Smith/Cult of Mac

Source code for a core component of the iPhone’s software has appeared online in what is described as “the biggest leak in history.”

iBoot, a part of iOS that ensures the device is booting a trusted operating system, was posted to GitHub anonymously. The code could be used by hackers to find vulnerabilities in Apple’s software. The company has already filed a copyright take-down request to have it removed.

iOS as a whole isn’t open source software like Android, its biggest rival, which means Apple doesn’t distribute its code to anyone. It’s top secret, and keeping it that way makes it even more difficult for hackers to exploit potential holes. But leaks happen.

iBoot ends up on GitHub

iBoot, an integral part of iOS, ended up on GitHub this week. The code’s legitimacy hasn’t been completely confirmed, but Jonathan Levin, an author of books on iOS and macOS development, told Motherboard that it “aligns with code he reverse engineered himself.”

The code can’t be compiled since bits of it are missing, and it is believed to be from iOS 9. Parts of it are likely still present in more recent versions of iOS, however — including iOS 11 — and the code could be used to find security vulnerabilities in iPhone and iPad software.

It “could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve,” explains Motherboard.

iBoot is what loads iOS. It’s the first process that runs when you turn on your iPhone or iPad. It verifies that the kernel is signed by Apple — and not unauthorized software — then executes it. It’s easy to see why finding a hole in iBoot could allow iOS devices to run modified or third-party software.

“This is the biggest leak in history,” Levin added. “It’s a huge deal.”

Apple has already had it pulled

Unfortunately for those who didn’t get their hands on the code earlier, it’s no longer available on GitHub. Apple sent a DMCA legal notice forcing the site to take it down. Now that iBoot is out there, however, it shouldn’t be too difficult to find it you really want it.

It’s thought the same code has previously appeared on Reddit, but because the poster was a new user without a lot of karma, his post was buried and no one took a great deal of notice. Its appearance on GitHub could mean that iBoot is being circulated again.

Newsletters

Daily round-ups or a weekly refresher, straight from Cult of Mac to your inbox.

  • The Weekender

    The week's best Apple news, reviews and how-tos from Cult of Mac, every Saturday morning. Our readers say: "Thank you guys for always posting cool stuff" -- Vaughn Nevins. "Very informative" -- Kenly Xavier.