Thursday, 19 July 2018
Latest news
Main » IPhone secret code revealed in 'Biggest Leak In History' - Apple confirmed leak

IPhone secret code revealed in 'Biggest Leak In History' - Apple confirmed leak

09 February 2018

Apple is not happy at all today with some of its critical source code having been posted online for the world to see.

A user has just posted iPhone source code on Github that could very well open up the operating system for hackers and security researchers to better make iPhone jailbreaks. The company launched its bug bounty program in 2016, and flaws in secure boot firmware components were valued at up to $200,000. This component verifies that iOS is loaded correctly every time and if the kernel is signed by Apple.

The iOS device maker maintained that the leaked source code is now largely irrelevant since majority of iPhone and iPad users have already been updated to iOS 10 versions and up. It appears to be the source code for iBoot from iOS 9, so it's outdated, but iOS 11's iBoot probably has many similarities. "It's a huge deal".

As Macrumors points out, modern iOS devices have Secure Enclave processor protection, which hardens device security. A few hours later, Apple issued several DMCA notices and had the repositories removed from GitHub.

Meet Team USA's 2018 Winter Olympics Opening Ceremony Flag Bearer Erin Hamlin
A question we always have, however, is who will be representing the country by leading the Team USA pack while holding the flag. On Thursday morning, Davis shared his feelings about the methodology in a Tweet, saying Team USA "dishonorably tossed a coin".

Even though one cannot compile the source code due to missing files, it can however be analyzed to find any vulnerabilities, say security researchers.

According to Levin, the code looks real, as it matches the code he reverse engineered, Motherboard reported.

Interestingly, the same source code was also published on Reddit four months earlier by a user named apple_internals. It was first revealed by Motherboard and contained code labelled "iBoot", the base instructions for how Apple maintains a trusted environment when starting up an iPhone. Here's hoping Apple is right, because the code was up long enough for it to spread far beyond GitHub.

Apple is famous for keeping its code secret, but this leak might result in some headaches for the Cupertino tech giant. But such a hypothetical vulnerability is unlikely to allow an attacker to bypass the cryptographic security on the iOS device itself, so it may be of less use to individuals trying to bypass a phone owner's password or PIN. These days, modders are more likely to sell the exploit than release it for free to the jailbreak community.

IPhone secret code revealed in 'Biggest Leak In History' - Apple confirmed leak