Someone reportedly published the alleged source code for the iOS bootloader, iBoot, potentially opening a door to hackers and jailbreakers, which can help detect vulnerabilities in Apple's mobile operating system.
Motherboard reports that the iBoot source code is from iOS 9 and was leaked via GitHub. Even though the code is from an older one version of iOS, parts of it probably remain the same in the current iOS 11.
IBoot is a key part of the iOS bootstrap safe chain, a highly sensitive process that runs when you turn on an iOS device.
The secure boot chain ensures that the lower levels of software in the operating system are not altered and only loads the software digitally signed by Apple.
Due to the sensitivity of the feature, Apple also offers the highest reward ($ 200.000) in the bug program bounty of iOS to researchers who discover vulnerabilities in firmware startup.
Jonathan Levin, author of many books on developing iOS and OS X, said the source code of iBoot seems to be real, as it seems to fit in the code he was doing reverse-engineering itself.
It is currently unknown who leaked the source code on GitHub but it first surfaced four months ago via a link on Reddit που δημοσιεύτηκε από έναν χρήστη που ονομάζεται ‘apple_internals'. Η διαρροή αρχικά, φιλοξενήθηκε από το Mega και δεν είναι πλέον διαθέσιμη.
Of course, Apple is trying to protect its code and so the GitHub page that contained the iBoot source code was replaced with a DMCA notice by an Apple law firm (Kilpatrick Townsend & Stockton). DMCA announcements have also been implemented in over a dozen iBoot cloned repositories.
