While Apple continues to guard its ecosystem aggressively, there are occasionally some slip ups that lead to security troubles for the company. Someone posted the code that is used to boot up iOS over on GitHub last night. The code belongs to an older version of iOS, believed to be iOS 9, however, it is very likely that some parts of it would work even in the latest version of iOS.
Named iBoot, the code is kept private - like most other code developed by Apple. Security experts suggest that iBoot makes for a core component of Apple's mobile operating system, which could be used by hackers to find vulnerabilities in iOS. Bugs targeting the boot process can get hackers up to $200,000 from Apple's bug bounty program, and possibly much more from zero-day aggregators. Report from Motherboard suggests that the code was available for retrieval by anyone for hours until Apple filed a copyright takedown request with GitHub and forced the site to remove the code. However, one clone of this code has already remerged on GitHub, meaning you can probably find it if you really really want it.
iBoot is a second-stage bootloader that provides iOS Recovery Mode. It runs on-screen, and over a physical USB or serial interface (some experts are already talking about tethered jailbreaks). iOS experts added that iBoot is also is responsible for ensuring a trusted boot of iOS, which - among other things - verifies that the kernel is properly signed by Apple before executing it. Calling it the iOS version of BIOS, it essentially verifies that a legit build of iOS is present.
While some may question the authenticity of this piece of code, several researchers have confirmed that it aligns with the reverse engineered code. Apple itself said that the source code is three years old but assures that "by design the security of our products doesn't depend on the secrecy of our source code."
There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.
Apple is famous for keeping its code secret, but this leak might result in some headaches for the Cupertino tech giant. Even though it's 3-years-old, there are still millions of devices running on older versions of iOS. "This is the biggest leak in history,” Jonathan Levin, who wrote a number of books on iOS and macOS told the publication.
"It’s a huge deal.”
Apple said iBoot source code is proprietary and not open-source. The code includes Apple's copyright notice - which was clearly visible when it was uploaded on GitHub. However, GitHub wasn't the only site where it appeared. The iBoot source code first appeared on Reddit last year, but didn't get much attention.
It is very likely that the code may have been spotted and was circulating in the jailbreaking and hacking community all this time. However, after today's attention, we might get to hear about some jailbreaking possibilities.
