iOS source code leaked on GitHub, promptly removed after Apple's intervention

By Digit NewsDesk | Published on 09 Feb 2018
iOS source code leaked on GitHub, promptly removed after Apple's intervention
HIGHLIGHTS

Source code of an iOS process called ‘iBoot’ was leaked on GitHub, which was for iOS 9 but parts of that code are still used by iOS 11

Advertisements

Access Open Source Technology

Innovate w/ IBM and Discover New Open Source Technology Today. Learn More.

Click here to know more

Earlier this week someone posted the source code of one of the essential components of iOS on GitHub. Reported by Motherboard, the leaked source code gave potential hackers and security researchers a way to exploit/find vulnerabilities. It is also reported that the code might have made jailbreaking an iPhone easier. Apple later confirmed that the code is from iOS and is part of an old software version (iOS9). The leaked code was apparently of a component called ‘iBoot’, which is responsible to start the system. It ensures that the code that is being run originates from Apple and importantly is valid. In the aftermath, Apple sent a DMCA notice to GitHub and since then the link has been taken down. 

While the code was from an older version of iOS, namely iOS 9, Techcrunch reports that part of that is still being used by the latest iOS version - iOS 11. As told to Motherboard, Jonathan Levin, who has written books about MacOS and iOS said, “this is the biggest leak in [its] history.” In a statement given to Techcrunch through, Apple says, “Old source code from three years ago appears to have been leaked but by design, the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products.”

All that said, there is no need to get all paranoid since Apple uses a multi-layered approach to security on iOS and MacOS. As confirmed by security researcher Will Strafach, “Apple does not use security through obscurity, so this does not contain anything risky, just an easier to read format for the boot loader code. It’s all cryptographically signed on end user devices, there is no way to really use any of the contents here maliciously or otherwise.”

logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status