A leaker has managed to smuggle the source code for iOS’ iBoot software out to the public. The code, used in iOS 9 and likely later versions too, originally popped up on Reddit but went unnoticed. Now it has resurfaced on GitHub, where it was swiftly taken down, but not soon enough for people to make backups and upload it onto other websites.
The takedown notice on GitHub reads:
“Repository unavailable due to DMCA takedown.
This repository is currently disabled due to a DMCA takedown notice. We have disabled public access to the repository.”
The iBoot software is essentially the BIOS of the iPhone, responsible for making sure that the operating system boots up securely. It loads everything that iOS needs to get going and verifies that the kernel it boots is properly signed by Apple. Essentially, it’s a core component in the mobile operating system, the source code of which, Apple wanted to keep under lock and key due to its sensitivity. Apple pays security experts a lot of money for iBoot bugs through its bug bounty programme.
While the exposure of the code is negative in Apple’s view, the hacker community that likes to jailbreak their devices will be pleased. With the code in the open, tinkerers can more easily find flaws and bugs in the code, which they’ll be able to exploit in order to release jailbreaking tools for up-to-date versions of iOS.
Source: GitHub via Motherboard