Insiders claim to share how iOS iBoot source code leaked

Maricris Jose
		
            		      3:49 PM

Maricris Jose 3:49 PM

What makes this is so interesting - and potentially frightening - is that security researchers and hackers alike will scan through the code to try and find inherent flaws in it. Rusty Carter, VP of Product at Arxan Technologies commented below. A year later, some of the original group members, who had the codes delivered to them, posted the screenshots of the leak and boasted about them.

Though the code is for the iOS 9, some of the parts can be found in the iOS 11, notes The Verge.

While many might imagine a disgruntled employee, Motherboard reports that Apple encouraged employees to seek help from friends outside of the company.

There's been a huge leak on the web today, which has put every iPhone on the market in danger in terms of security. Now that it gathered attention, Apple filed a copyright takedown request to Github, forcing the site to take down the code.

Motherboard quoted Jonathan Levin, an author of numerous books on iOS and macOS system programming, saying it was the biggest leak in Apple's history, and he's not far wrong. But, because this is the internet - copies of the closed-source code have resurfaced several times on GitHub repos all over the show, and if you want to find it and have a read - it probably isn't going to be that hard to find.

Source code can be leaked in a number of ways, Apple acknowledged - voluntarily, accidentally or through malicious intent. "We personally never wanted that code to see the light of day". Eventually, the code was then posted in a Discord chat group, and was shared to Reddit roughly four months ago (although that post was apparently removed by a moderation bot automatically).

In a statement Apple said "the security of our products doesn't depend on the secrecy of our source code". "But the leak of this source code is proof that no environment or OS is infallible, and application protection from within the application itself is crucial, especially for business-critical, data-sensitive applications", says Carter.

"But Apple should be anxious because if somebody has got hold of that, what else have they got?"

That Apple has been quick to seek removal of the code from GitHub is also proof enough how important the code is for the company.

"No company is 100 percent secure, so it's not surprising this happened even at a company like Apple", he told TechNewsWorld.

For their part, Apple seems relaxed and confident.

Latest News