SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

iPhone Source Code Leak Could Open the Floodgates for Hackers

Posted on February 20, 2018

A key piece of Apple’s iPhone source code may be out in the wild.

On February 7, someone posted something called “iBoot” on GitHub. GitHub is a popular site for sharing computer code. This time, though, it appears the code in question was not the user’s to share. Instead, “iBoot” is said to be the source code for a crucial iPhone boot process. The leak has the potential to jeopardize the security of the iPhone going forward.

According to a report on the leak from Motherboard, iBoot is the iOS process that handles the boot-up process for the operating system. Said another way, when you turn on your iPhone and the device loads iOS, iBoot is the code doing that work. It loads the kernel—the core program that controls the operating system—and verifies that it has an Apple signature. Once the kernel is verified, iBoot executes it to launch iOS.

Clearly, iBoot is a fundamental process in iOS. Hackers and security researchers alike could use the source code to identify vulnerabilities in the operating system. In particular, iPhone jailbreakers are expected to use the code to their advantage. iOS jailbreaking is the process of gaining root access to the iOS operating system, with the goal of bypassing certain software restrictions. Early on, jailbreakers used this kind of process to unlock the iPhone from AT&T (which had an exclusive agreement with Apple) and use it on other wireless carriers. Jailbroken iPhones can also use apps, themes, skins, or extensions that Apple typically restricts.

In recent years, iOS jailbreaking has mostly died out, thanks to Apple’s efforts in identifying and patching bugs and exploits. Since jailbreaking targets and exploits the boot process, though, the leak of iBoot could bring the community back to life. The version of the iBoot code posted online is reportedly two years old, but likely has commonalities with the source code used in the current iOS 11.

Apple issued a DMCA copyright takedown request on February 8, forcing GitHub to take the iBoot post down. Regardless of the quick action, though, the code is out there in the world now. Jailbreakers won’t be the only ones looking at it, either. Security researchers have a lot of motivation to comb Apple’s boot process for bugs. Through its bug bounty program, Apple offers up to $200,000 to security researchers who identify and report bugs in the boot process. No other bugs are valued as highly.

Hackers, meanwhile, will search the code for vulnerabilities that could allow them to unlock and decrypt iOS devices. In short, this leak leads to substantial security implications, no matter which you look at it.

“This is the biggest [Apple] leak in history,” Mac and iOS expert Jonathan Levin told Motherboard. “It’s a huge deal.”

Join our mailing list for the latest security news and deals