Lots of interesting stuff gets posted online every day, but someone just posted iPhone’s very sensitive code on Github. As per a Motherboard report, the source code of a key component of Apple’s iOS operating system has been made publicly available in a significant data leak, potentially paving the way for hackers and jailbreakers to find vulnerabilities in Apple’s mobile OS.
A user known as “q3hardcore” posted large segments of Apple’s secure code for iBoot (iOS bootloader) to GitHub. iBoot is the software that runs on the iPhone before iOS gets started and ensures a trusted version of iOS is loaded.
As per security researchers, the iBoot source code for iOS 9 was leaked on GitHub and, although it is an older version of iOS, parts of it probably remain in the current iOS 11, and could help hackers to find flaws in iOS 11.
Apple filed a copyright takedown request with GitHub and forced the company to remove the code. Within few hours after Motherboard reported the leak, the leaked iBoot files have been pulled down from Github and replaced with a ‘Digital Millennium Copyright Act takedown’ notice.
The complete authenticity of the leaked code remains yet to be verified, but the iBoot source code leak is now being called the “biggest leak in history,” according to Jonathan Levin, an iOS and macOS expert, who further added that the leaked code matches with the portion he reverse-engineered himself in the past.
It’s worth noting that this source code for iBoot was initially shared online last year on Reddit. However, due to low Reddit karma of the user, the post got buried.