iPhone Source Code From iOS 9 Leaked on Github

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 7, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Source code for a core component of the iPhone's operating system recently leaked on GitHub, according to reports from Motherboard and Redmond Pie.

    The code, which appears to be for iBoot, or the part of iOS that ensures a trusted boot of the operating system, was initially shared online several months ago on Reddit, but it resurfaced today on GitHub where it will presumably receive more attention. Motherboard consulted security experts who have confirmed that the code appears to be legitimate.

    [​IMG]

    The iBoot code appears to be from a version of iOS 9, so it's not entirely relevant to the current iOS 11.2.5 operating system, but some of the code from iOS 9 likely still exists in iOS 11. It remains to be seen if anything will come of the leak, though, and it's also worth noting that modern iOS devices have protection in the form of the Secure Enclave.

    There are files missing from the GitHub leak so the code can't be compiled, but security experts on Twitter say it could allow hackers and security researchers to find iOS vulnerabilities and create jailbreaks.


    Along with the iBoot code, the leak includes a documents directory that offers up additional information relevant to iBoot, which Redmond Pie suggests could make it much easier to find a bootrom exploit for permanently jailbreaking iPhones and iPads.

    Apple has open sourced portions of macOS and iOS in recent years, but iBoot is something that Apple has been careful to keep private. As Motherboard points out, Apple's own bug bounty program pays out up to $200,000 for vulnerabilities discovered in secure boot firmware components.

    Article Link: iPhone Source Code From iOS 9 Leaked on Github
     
  2. BootsWalking macrumors 6502a

    Joined:
    Feb 1, 2014
    #2
    "The iBoot code appears to be from a version of iOS 9, so it's not entirely relevant to the current iOS 11.2.5 operating system, but some of the code from iOS 9 likely still exists in iOS 11."

    Boot code of an embedded device rarely gets a significant rewrite, so I would guess that most of the iBoot code is likely common between iOS 9 and iOS 11.
     
  3. Xenomorph macrumors 65816

    Xenomorph

    Joined:
    Aug 6, 2008
    Location:
    St. Louis
    #3
    Hopefully we might get a real, untethered iOS 9 jailbreak.
     
  4. jdillings macrumors 68000

    Joined:
    Jun 21, 2015
    #4
    Amateur hour at Apple these days...first the root bug in macOS, now iOS9 leaks
     
  5. vicviper789 macrumors regular

    Joined:
    Jun 5, 2013
  6. engbren macrumors newbie

    engbren

    Joined:
    Jul 21, 2011
    Location:
    Australia
    #6
    I have several devices at home that are stranded on iOS 9. It would be interesting if something like this enabled enabled a 1st gen iPad mini or iPhone 5 to run a recent Android release like CYanogenMod. Would breathe new liked into those older devices.
     
  7. lostngone macrumors 65816

    lostngone

    Joined:
    Aug 11, 2003
    Location:
    Anchorage
    #7
    I guess it is time to "double down" on security at Apple!
     
  8. stanman64 macrumors 6502a

    stanman64

    Joined:
    Jul 9, 2010
    #8
    This will be overblown and all over tech sites by morning.
     
  9. ross1998 macrumors 6502a

    Joined:
    Jan 10, 2013
    #9
    There was a "real" untethered ios 9.0-9.1 I think. 9.2 is when the semi untethered started coming out.
     
  10. Aston441 macrumors 65816

    Joined:
    Sep 16, 2014
    #10
    It would be amazing to have a dual boot iOS/Android phone
     
  11. mtneer macrumors 68030

    mtneer

    Joined:
    Sep 15, 2012
    #11
    So, for those who may have a better handle on the consequences of this - what are the potential impacts of this, especially for people who are no longer on iOS 9 and have upgraded to either iOS 10 or 11?
     
  12. chucker23n1 macrumors 68000

    chucker23n1

    Joined:
    Dec 7, 2014
    #12
    Nah. Even if you managed to set up a dual-boot (this was possible on my 3G back in the day), you’d have lots of missing drivers.
     
  13. chucker23n1 macrumors 68000

    chucker23n1

    Joined:
    Dec 7, 2014
    #13
    This may lead to security holes being discovered. It may make a jailbreak feasible. That’s about it.
     
  14. verpeiler macrumors 6502a

    verpeiler

    Joined:
    May 11, 2013
    Location:
    Munich, Germany
    #14
    In fact, it's a good thing. Now people can find vulnerabilities so Apple can fix them. I guess iBoot is still pretty much unchanged in newer versions of iOS.

    Security by obscurity was never a good idea in the first place.
     
  15. Avieshek Suspended

    Avieshek

    Joined:
    Dec 7, 2013
    Location:
    India
    #15
    Emojis & Rainbow Watchbands are first priority at Apple.
     
  16. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #16
    I understand that good can come from public eye on code, it still bothers me that people think they can just do whatever they want, ignoring licensing restrictions and user agreements. These people are not good, even if good can come of their actions.
    --- Post Merged, Feb 7, 2018 ---
    Amateur hour at the Forums... taking isolated incidents way out of context.
     
  17. macs4nw macrumors 601

    macs4nw

    #17
    Those "isolated incidents" lately do seem to come at an increasing frequency though.

    Unsettling to say the least.
     
  18. Jim Lahey macrumors 6502

    Jim Lahey

    Joined:
    Apr 8, 2014
    Location:
    Great Britain
    #18
    Source?
     
  19. T909 Suspended

    Joined:
    Aug 16, 2008
    Location:
    Europe
    #19
    It is possible with a case.
     
  20. 827538 macrumors 65816

    Joined:
    Jul 3, 2013
    #20
    One good thing about open source or leaked code is bugs and exploits can be found and fixed by anyone.

    There’s a reason Linux is so robust and secure.
     
  21. rafark macrumors 6502a

    rafark

    Joined:
    Sep 1, 2017
    #21
    Are you kidding me? Do you think Apple rewrites the entire OS from scratch on every release? Of course they don't. iOS 11 is based on iOS 10 which is based on iOS 9 which is based on iOS 8, and so on.
     
  22. mytdave macrumors 6502a

    Joined:
    Oct 29, 2002
    #22
    This should be a complete non-issue, if the open source community is to be believed - having source available to everyone puts more eyes on the code to find and fix problems, making the system more secure than private/secret code. Isn't that the story line?
     
  23. hlfway2anywhere macrumors 65816

    Joined:
    Jul 15, 2006
    #23
    Do you need a refresher on the meaning of the words "not entirely?"
     
  24. deanthedev Suspended

    deanthedev

    Joined:
    Sep 29, 2017
    Location:
    Vancouver
    #24
    Beat me to it. Nobody ever says Android is less secure despite the fact you can download the source code and compile it yourself (if you’re so inclined).

    This news will quickly expose the open source hypocrites.
     
  25. Bacillus Suspended

    Bacillus

    Joined:
    Jun 25, 2009
    #25
    Thanks for the definite argument to make iOS open source. Tim will appreciate it.
     

Share This Page