Someone has published the purported source code for the iOS bootloader, iBoot, potentially opening the door for hackers and jailbreakers to find vulnerabilities in Apple’s mobile OS.
Motherboard reports that the iBoot source code for iOS 9 was leaked on GitHub and, although it is an older version of iOS, parts of it probably remain in the current iOS 11.
iBoot is a core part of iOS’s secure boot chain, a highly sensitive process that happens when an iOS device is switched on.
The secure boot chain ensures the lowest levels of software in the OS haven’t been tampered with and only loads software signed by Apple, according to Apple’s iOS security whitepaper.
Because of the sensitivity of the component, Apple offers its highest $200,000 reward in its iOS bug bounty scheme to researchers who find vulnerabilities in secure boot firmware.
Jonathan Levin, an author of several books on iOS and OS X development, told the publication the iBoot source code appears to be real as it matched code he’d reverse-engineered.
Levin said it was a “huge deal” for Apple as it would give researchers clues to find vulnerabilities that could be used to compromise, jailbreak and decrypt iOS devices.
It’s not known who leaked the source code on GitHub but it first appeared four months ago via a link on Reddit posted by a user called ‘apple_internals’. However, that leak — which was hosted on Mega and is no longer available — went largely unnoticed.
While Apple has open-sourced parts of iOS, Levins noted that it has continued to closely guard iBoot’s 64-bit image.
Free download: Network security policy
The GitHub repositories containing the leaked iBoot source code have been taken down and replaced with a DMCA notice from one of Apple’s law firms, Kilpatrick Townsend & Stockton, which cites Apple’s ownership. The DMCA takedowns have also been applied to over a dozen cloned iBoot repositories.
In a section explaining the reasons for the takedown and content type, the law firm says the notice covers “reproduction of Apple’s iBoot source code, which is responsible for ensuring trusted boot operation of Apple’s iOS software. The iBoot source code is proprietary and it includes Apple’s copyright notice. It is not open source.”
Previous and related coverage
New to iOS 11? Change these privacy and security settings right now
Before you do anything on your iPhone or iPad, you should lock it down. This is how you do it.
Just one day after its release, iOS 11.1 hacked by security researchers
The bugs were found in Apple’s Safari web browser
iOS 11’s most underrated security feature? A password manager
The upcoming iOS 11 update means you’ll never have to remember your app password again.
iOS 11 tips and tricks you might not know (TechRepublic)
Get the most out of your iPad and iPhone running iOS 11 by using these hidden features and productivity tweaks.
iPhone X: 20 tips and tricks to master Apple’s latest phone (CNET)
With the iPhone X, there’s a lot to learn. We have your back, though.