[BreachExchange] Apple’s iOS iBoot Source Code For iPhone Leaked Online

Audrey McNeil audrey at riskbasedsecurity.com
Thu Feb 8 18:48:54 EST 2018


Apple source code for iBoot, the part of iOS that ensures an authenticated
boot, or initial loading of the operating system on iPhone or iPad, has
been leaked by an anonymous user on GitHub, a popular online platform for
software developers.

Apparently, the iOS source code is from iOS 9.3 released in March 2016,
reports Motherboard. Although the leak is from iOS 9.3, which is almost
two-years-old, some of the code from iOS 9 likely still exists in iOS
11.2.5. However, it is completely not relevant to the current iOS.

Even though one cannot compile the source code due to missing files, it can
however be analyzed to find any vulnerabilities, say security researchers.
The leak could pave way for jailbreakers and hackers to break more easily
into iPhones, explore its vulnerabilities and compromise a device or
possibly contribute to a jailbreak.

Jonathan Levin, author of several books on programming for iOS and macOS
and the developer behind the LiberiOS and LiberTV jailbreaks said that,
“This is the biggest leak in history. It’s a huge deal.” He also pointed
out that the leaked code “aligns with the code he reverse engineered

In a tweet, Levin noted that “The leaked sources of #iboot (along with the
arm64 #xnu branch which AAPL just.. released) bring us closer to a truly
liberated #iOS booted on generic arm boards and/or emulator! The road is
still long, but it got considerably shorter!”

Interestingly, the same source code was also published on Reddit four
months earlier by a user named apple_internals. However, back then, the
message did not attract attention and was automatically removed due to
daily inflow of new user posting requirements.

Although Apple issued a DMCA takedown notice for the code and GitHub has
disabled the repository, it’s already out there to exploit. Currently, no
exploits have been made, which means that there is nothing to worry. Also,
it is important to note that modern iOS devices have protection in the form
of the Secure Enclave.

Motherboard consulted security experts who have confirmed that the code
appears to be legitimate. However, Apple hasn’t officially commented on the
leak yet and thus the final authenticity remains unproven.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180208/60825ed4/attachment.html>

More information about the BreachExchange mailing list