How top secret iPhone code ended up on the web

By

iPhone boot up
"The biggest leak in history."
Photo: Ste Smith/Cult of Mac

A low-level Apple employee leaked the secret iPhone code that ended up on GitHub.

iBoot, a part of iOS that ensures the device is booting a trusted operating system, surfaced online last week in what was described by one security expert as “the biggest leak in history.”

Here’s how and why the code got out.

Apple keeps much of its iOS source code a closely-guarded secret, so a leak of this nature is big news. The role iBoot plays in iOS made it even more significant. Despite being three years old, it could help hackers find vulnerabilities in iOS that lead to new jailbreaks and more.

How iBoot leaked out

Apple confirmed the code was genuine, but insisted its exposure isn’t a security concern.

“There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections,” it said in a statement.

But how did the code get out? According to a new report from Motherboard, it was leaked by an Apple employee.

“A low-level Apple employee with friends in the jailbreaking community took code from Apple while working at the company’s Cupertino headquarters in 2016, according to two people who originally received the code from the employee.”

The employee, who wants to remain anonymous for obvious reasons, shared iBoot and “all sorts of Apple internal tools and whatnot,” a source added. The code, much of which has not yet been shared widely, was never supposed to leave the circle of friends.

But over time, parts of it were shared more widely and the group lost control of it. No one knows who was first to share the code outside of the original group, but it is believed it began circulating more widely in 2017.

“I personally never wanted that code to see the light of day,” one person said. “Not out of greed but because of fear of the legal firestorm that would ensue. The Apple internal community is really full of curious kids and teens. I knew one day that if those kids got it they’d be dumb enough to push it to GitHub.”

The code could be dangerous

Apple is confident that our devices remain secure. It’s unclear how much of the leaked code is still used in iOS today. But one source claims that it can be “weaponized.” They warn it could be used by malicious actors to create exploits to attack iPhone users.

Apple filed a copyright takedown request to have the code removed from GitHub, but now that it’s out there, it wouldn’t be too difficult to obtain if you really wanted it. Apple wouldn’t confirm whether or not it knew about the leak before it made headlines last week.