Someone has reportedly published the purported source code for the iOS bootloader, iBoot, potentially opening a door to hackers and jailbreakers, which can help identify vulnerabilities in mobile Apple operating system.
The Motherboard reports that the iBoot source code is from iOS 9 and leaked through GitHub. Although the code is from an earlier version of iOS, its parts are probably the same in the current iOS 11.
IBoot is a key part of the iOS bootstrap safe chain, a highly sensitive process that runs when you turn on an iOS device.
Η safeThe boot chain ensures that the lower levels of software in the operating system have not been tampered with and loads only software that has been digitally signed by Apple.
Due to the sensitivity of the feature, Apple also offers the highest reward (200.000 dollars) in the iOS bug bounty program to researchers who detect vulnerabilities in the boot firmware.
Ο Jonathan Levin, author of several books on iOS and OS X development, said that the iBoot source code appears to be real, as it appears to match the code he had reverse-engineered.
It is currently unknown who leaked the source code on GitHub but it first surfaced four months ago via a Reddit link posted by a user called 'apple_internals'. The leak was originally hosted by Mega and is no longer available.
Of course, Apple is trying to protect its code and so the GitHub page that contained the iBoot source code was replaced with a DMCA notice by an Apple law firm (Kilpatrick Townsend & Stockton). DMCA announcements have also been implemented in over a dozen iBoot cloned repositories.