Someone has reportedly published the purported source code for the iOS bootloader, iBoot, potentially opening a door to hackers and jailbreakers that can help find vulnerabilities in the mobile operating system Apple.
The Motherboard reports that the iBoot source code is from iOS 9 and leaked through GitHub. Although the code is from an earlier version of iOS, its parts are probably the same in the current iOS 11.
iBoot is a key part of iOS's secure boot chain, a highly sensitive process that runs during activation of an iOS device.
The secure boot chain ensures that the lower levels of software in the operating system are not altered and only loads the software digitally signed by Apple.
Because of the sensitivity of the feature, Apple is also offering the highest reward ($200.000) to program iOS bug bounty to researchers who discover vulnerabilities in boot firmware.
Jonathan Levin, author of several books on iOS and OS X development, stated that the iBoot source code appears to be genuine, as it appears to match the code that he himself had built on reverse-engineering.
It is currently unknown who leaked the source code on GitHub but it first surfaced four months ago via a Reddit link posted by a user called 'apple_internals'. The leak was originally hosted by Mega and is no longer available.
Of course, Apple is trying to protect its code and so the GitHub page that contained the iBoot source code was replaced with a DMCA notice by an Apple law firm (Kilpatrick Townsend & Stockton). DMCA announcements have also been implemented in over a dozen iBoot cloned repositories.