Key iOS Source Code Leaked To GitHub

This could be bad if you’re an iPhone or iPad user. As per this Motherboard story, we may have the biggest leak in history:

An anonymous person posted what experts say is the source code for a core component of the iPhone’s operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for “iBoot,” which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It’s the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it’s for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000.

Here’s why this is a big deal. It’s a safe bet that every hacker on planet Earth is taking the time peruse this code to find exploits that they can use today. That means that in the coming weeks and months it is entirely possible that we may see a wave of attacks on the iOS platform. Or it is entirely possible that this is much ado about nothing. Who can say for sure at this point? But the mere fact that this code is out in the wild is cause for concern. And I for one will be waiting to see how Apple responds to this as saying nothing isn’t an option that they have.

UPDATED: Apple has put out a statement that implies that there is nothing to see here. Their spin on this is that this is a non-issue because their security doesn’t rely on just the source code. I guess we’ll find out soon enough.

Advertisements

One Response to “Key iOS Source Code Leaked To GitHub”

  1. […] might recall that part of the boot code for iOS was leaked recently on GitHub. Well, according to a new report from Motherboard, the person was encouraged to […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: