Apple confirms source code for iBoot leaked to GitHub

“Biggest iPhone Code Leak?” — Source Code Of The Most Critical Part Of iOS Dumped On GitHub

The code that allows iOS devices to boot up, aptly named iBoot - and that Apple makes sure to keep private - may have leaked online.

The leak opens up a path for hackers, jailbreakers and security researchers to find flaws in iOS, making it easier to jailbreak iPhones. In-fact, Apple values its iBoot code so highly that it offers $200,000 for vulnerabilities as part of its bug bounty program.

Earlier this week, iOS source code showed up on GitHub, raising concerns that hackers could find a way to comb the material for vulnerabilities.

iBoot's role is to verify that the kernel is signed by Apple during bootup and it is very integral to the iOS security system.

Apple responded to the incident by reassuring that, even if someone got a hold of its source code, they wouldn't be able to breach to any devices. In a statement from Apple spokesperson, Apple confirmed the authenticity of the code but emphasized that it's for iOS 9, a three-year-old operating system that's been replaced with iOS 11 and is in use on only a small number of devices.

More news: Oro Valley couple files sexual assault counterclaim against Josh Pastner

'It's a huge deal, ' Jonathan Levin, who writes books about iOS system programming, said in an interview with Motherboard.

Shortly after that article was posted, the publication updated its report to say that Apple had sent GitHub a Digital Millennium Copyright Act (DMCA) takedown notice demanding removal of the source code link.

Sky News has contacted Apple for a comment.

The original leak on Github has already been taken down, but in order to push the DMCA Takedown notice through, Apple did have to confirm its legitimacy. However, security researchers suspect that much of the code is still active in iOS 10. "This development proves that third-party security software from the likes of MobileIron, AirWatch, SOTI and others remains a needed part of any mobility strategy to thwart jailbreaking and intrusions to the enterprise".

It's not the first time that someone has posted iBoot's code online; Motherboard also discovered that the code was published to the site Reddit by a user named "apple_internals" a year ago. These days, modders are more likely to sell the exploit than release it for free to the jailbreak community.

Related News:



Most liked

Syrian Kurdish Fighters Capture 2 Members Of ISIS 'Beatles' Cell
According to the U.S., Elsheikh traveled to Syria in 2012 and first joined al-Qaida's branch there, and then later joined IS. The remaining two members of the notorious British Islamic State cell dubbed "the Beatles" have been captured in Syria.

Snap shares surge 35 per cent after app redesign sparks user growth
According to TechCrunch , Snapchat managed to eclipse Facebook's daily active user (DAU) growth rate in the final quarter of 2017. During the holidays, Snap saw increased spending from advertisers - with average revenue per user reaching $1.53.

Border patrol agent's death likely an accident
Martinez was found November 19 with fellow agent Stephen Garland, who had also been seriously injured - but survived the incident. Concentrated investigative activities and canvasses for witnesses and evidence have taken place across the United States.

Amazon tests two-hour Whole Foods delivery service
Amazon is now the number one online seller of groceries, accounting for 18% of total sales, a Packaged Facts report notes . Two-hour delivery is free or shoppers can opt for the super fast one-hour delivery for $7.99 on orders of $35 or more .

Why ESPN Is Reimagining Its App With A $4.99 ESPN+ Streaming Service
ESPN Plus is expected to be available to mobile subscribers via Apple's iOS, Apple TV, Google's Android, and Chromecast. Iger and CFO Christine McCarthy were asked about Hulu's outlook given Disney's ambitions for its own streaming service.

Drake donates $50000 to homeless shelter as he continues charitable spree
A day prior, the 6 God also paid the Lotus House Women's Shelter a visit and donated another $50,000. Earlier this week, Drake was snapped filming on a giant crane over Miami Senior High School .

Death toll in Syria's Ghouta rises to 80 - NGO
And rescue workers and doctors on the ground in Idlib have accused government forces of using chlorine bombs in the offensive. In Hammuriyeh, a young man stared at the bodies of five children, including his younger brother, killed in an air strike.

ME senator claws his way to lobster emoji victory
Lobster lovers like King had felt a pinch of resentment that their favorite crustacean was without representation. Maine's state crustacean will soon be one of the "emoji" pictograms available for electronic messaging.

Mohamed Salah vows to stay at Liverpool
The 2017 African Player of the Year, who joined the Premier League side from AS Roma in the summer of 2017, has already been linked with a move to Real Madrid .

Josh McDaniels may not leave Patriots for Colts after all
He was sacked during his second year with the Denver Broncos, with whom he posted an 11-17 mark during the 2009-10 seasons. Defensive coordinator Matt Patricia has already confirmed that he will become the next head coach of the Detroit Lions .

China accuses U.S. of 'Chilly Conflict mentality' over nuclear coverage
Low-yield weapons with a strength of under 20 kilotons are less powerful but are still devastating. The strategy says relatively little about arms control.

Best Buy Will Stop Selling CDs This Summer
Best Buy is planning to pull CDs from its stores beginning in July, amid a drop in sales in the US , according to a report . The deadline for that ultimatum would be either April 1 or May 1 for music suppliers, according to Billboard's sources.

Jerome Powell sworn in as new Fed chair
Jerome Powell succeeds Janet Yellen , who served for 14 years in Fed, last four as president. But Yellen said she supported the choice of Powell as her successor.

Pakistan stands behind Kashmiris, says Pak PM Shahid Khaqan Abbasi
PM Abbasi said that there has been no interference by the federal government in the previous assembly elections of Kashmir.

Cloverfield 3 Trailer JUST dropped and premieres TONIGHT on Netflix!
That wasn't just a brilliant publicity stunt-it also proved how nimble Netflix can be compared to traditional film distributors. There's little left to enjoy after the buzz of watching a surprise movie wears off.