Apple is well known for keeping a notoriously tight grip on the code powering its iPhones, only rarely revealing the inner workings to the public. But in a move that some Mac and iOS experts are calling the “the biggest leak in history,” an unknown source appears to have laid bare parts of the iPhone’s critical boot code on Github.
The uploaded code has since been taken down, reportedly at Apple’s request. It was first revealed by Motherboard and contained code labeled “iBoot,” the base instructions for how Apple maintains a trusted environment when starting up an iPhone. This appears to be the first time anyone who’s not an Apple engineer has gotten a peek into how Apple manages its iOS boot process.
This gives both security researchers and hackers alike better insight into how critical parts of iOS operate, and even though tags in the leak suggest that this material comes from iOS 9, part of the code may still be in use today.
When Motherboard asked Jonathan Levin, author of a number of books on iOS and macOS internals, about the leak, Levin said that the code appears to be authentic because it fits with his own attempts to reverse engineer Apple’s boot code.
Levin also said that info gleaned from this leak could help bring back the possibility of tethered jailbreaks, which have been almost impossible to perform due to all the security on recent iPhones.
According to Motherboard, this code actually appeared first on Reddit late last year before being posted to Github, but was initially ignored due to the user’s short posting history. However, since this info has been available for the past four months, despite Apple’s takedown of the Github post, there’s a fair chance the code is still making rounds across the internet.
[Update, 1:45 PM ET] For people concerned about the impacts of this leak, in a statement made to CNET, Apple said “Old source code from three years ago appears to have been leaked, but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”
DISCUSSION
As part of the DMCA, which was invoked to have the information removed, Apple was required to confirm that the code is legitimate.