Apple iOS source code was leaked earlier this week by some anonymous hacker, raising concerns over the vulnerability of the iOS devices. Apple, however, calmed the concerns saying the code is tied to old software and would not affect the devices. Further, the company also issued a DMCA takedown for the code.
In a statement to Apple Insider, Apple said: “Old source code from three years ago appears to have been leaked, but by design the security of our products doesn’t depend on the secrecy of our source code.” Further, the company assured that its products are safe because of the hardware and software protections that accompany them.
Users having the latest iOS version have nothing to worry about concerning the potential vulnerabilities. According to Apple, over 93% of the users are already on the latest platform. However, as a precautionary measure, the company has removed the code from GitHub via a DMCA takedown notice.
“The ‘iBoot’ source code is proprietary and it includes Apple’s copyright notice. It is not open-source,” read the takedown request. Github was quick to comply with the request, and removed the iOS source code post from the repository of the user. However, multiple copies of the code have already spread online.
Motherboard was the first to report the leak of the iOS source code, which was for an iOS process named “iBoot.” The “iBoot” starts up the system when the iPhone is first turned on. It ensures that the code being run is valid and is from Apple only.
As of now, there is no information on how the anonymous user ZioShiba got hold of the iOS source code. Before the iBoot leak, ZioShiba had been inactive on GitHub for at least seven months. However, the user with the same handle is quite active on other platforms such as YouTube (talking about iOS hacks) and a Twitch account, notes DigitalTrends.
Though the code is for the iOS 9, some of the parts can be found in the iOS 11, notes The Verge. This is not the first time the iOS source code has been leaked online. Last year, a Reddit user named Apple_Internals posted the code, but at the time, it failed to gain the same amount of attention.
Along with attracting hackers, the iOS source code could also help tech-savvy consumers “jailbreak” their iPhones. Once the phone is jailbroken, users are at will to run the software that are otherwise not allowed, or delete the apps that come preloaded on the device. The Cupertino, California-based uses a Secure Enclave processor to make jailbreaking almost impossible, notes DailyMail.
However, according to the security researcher Will Strafach, for the end users it does not really mean anything positive or negative.
“Apple does not use security through obscurity, so this does not contain anything risky, just an easier to read format for the boot loader code,” Strafach told TechCrunch.
The importance of the iBoot can be gathered from the fact that Apple offers $200,000 as bounty to security experts who discover loop holes in its system code.
