"Hey Siri" support and possibly wireless charging case alongside AirPower charging mat.
iPhone Source Code From iOS 9 Leaked on Github
Source code for a core component of the iPhone's operating system recently leaked on GitHub, according to reports from Motherboard and Redmond Pie.
The code, which appears to be for iBoot, or the part of iOS that ensures a trusted boot of the operating system, was initially shared online several months ago on Reddit, but it resurfaced today on GitHub where it will presumably receive more attention. Motherboard consulted security experts who have confirmed that the code appears to be legitimate.
The iBoot code appears to be from a version of iOS 9, so it's not entirely relevant to the current iOS 11.2.5 operating system, but some of the code from iOS 9 likely still exists in iOS 11. It remains to be seen if anything will come of the leak, though, and it's also worth noting that modern iOS devices have protection in the form of the Secure Enclave.
There are files missing from the GitHub leak so the code can't be compiled, but security experts on Twitter say it could allow hackers and security researchers to find iOS vulnerabilities and create jailbreaks.
Along with the iBoot code, the leak includes a documents directory that offers up additional information relevant to iBoot, which Redmond Pie suggests could make it much easier to find a bootrom exploit for permanently jailbreaking iPhones and iPads.
Apple has open sourced portions of macOS and iOS in recent years, but iBoot is something that Apple has been careful to keep private. As Motherboard points out, Apple's own bug bounty program pays out up to $200,000 for vulnerabilities discovered in secure boot firmware components.
The code, which appears to be for iBoot, or the part of iOS that ensures a trusted boot of the operating system, was initially shared online several months ago on Reddit, but it resurfaced today on GitHub where it will presumably receive more attention. Motherboard consulted security experts who have confirmed that the code appears to be legitimate.
The iBoot code appears to be from a version of iOS 9, so it's not entirely relevant to the current iOS 11.2.5 operating system, but some of the code from iOS 9 likely still exists in iOS 11. It remains to be seen if anything will come of the leak, though, and it's also worth noting that modern iOS devices have protection in the form of the Secure Enclave.
There are files missing from the GitHub leak so the code can't be compiled, but security experts on Twitter say it could allow hackers and security researchers to find iOS vulnerabilities and create jailbreaks.
This is the SRC for 9.x. Even though you can’t compile it due to missing files, you can mess with the source code and find vulnerabilities as a security researcher. It also contains the bootrom source code for certain devices...
— Apple External (@Apple_External) February 6, 2018
Along with the iBoot code, the leak includes a documents directory that offers up additional information relevant to iBoot, which Redmond Pie suggests could make it much easier to find a bootrom exploit for permanently jailbreaking iPhones and iPads.
Apple has open sourced portions of macOS and iOS in recent years, but iBoot is something that Apple has been careful to keep private. As Motherboard points out, Apple's own bug bounty program pays out up to $200,000 for vulnerabilities discovered in secure boot firmware components.
[ 42 comments ]
Top Rated Comments
(View all)
11 months ago
Amateur hour at Apple these days...first the root bug in macOS, now iOS9 leaks
11 months ago
I understand that good can come from public eye on code, it still bothers me that people think they can just do whatever they want, ignoring licensing restrictions and user agreements. These people are not good, even if good can come of their actions.
[doublepost=1518070920][/doublepost]
Amateur hour at the Forums... taking isolated incidents way out of context.
[doublepost=1518070920][/doublepost]
Amateur hour at Apple these days...first the root bug in macOS, now iOS9 leaks
Amateur hour at the Forums... taking isolated incidents way out of context.
11 months ago
"The iBoot code appears to be from a version of iOS 9, so it's not entirely relevant to the current iOS 11.2.5 operating system, but some of the code from iOS 9 likely still exists in iOS 11."
Boot code of an embedded device rarely gets a significant rewrite, so I would guess that most of the iBoot code is likely common between iOS 9 and iOS 11.
Boot code of an embedded device rarely gets a significant rewrite, so I would guess that most of the iBoot code is likely common between iOS 9 and iOS 11.
11 months ago
.....Amateur hour at the Forums... taking isolated incidents way out of context.
Those "isolated incidents" lately do seem to come at an increasing frequency though.Unsettling to say the least.
11 months ago
So, for those who may have a better handle on the consequences of this - what are the potential impacts of this, especially for people who are no longer on iOS 9 and have upgraded to either iOS 10 or 11?
In fact, it's a good thing. Now people can find vulnerabilities so Apple can fix them. I guess iBoot is still pretty much unchanged in newer versions of iOS.Security by obscurity was never a good idea in the first place.
11 months ago
This should be a complete non-issue, if the open source community is to be believed - having source available to everyone puts more eyes on the code to find and fix problems, making the system more secure than private/secret code. Isn't that the story line?
Beat me to it. Nobody ever says Android is less secure despite the fact you can download the source code and compile it yourself (if you’re so inclined).
This news will quickly expose the open source hypocrites.
[ Read All Comments ]
For this week's giveaway, we've teamed up with Anki to offer MacRumors readers a chance to win one of the company's adorable little Vector robots, which designed to be a personal robot...
Last year, accessory company Elago launched the W3 Charging Stand for Apple Watch, which turned Apple's modern wearable into a classic Macintosh. This week, Elago announced the latest iteration...
Cellular network operator O2 on Friday said its data networks had been restored after millions of smartphones across the UK and Japan were taken offline yesterday (via BBC).
A statement on its...
Bang & Olufsen over the past week has added AirPlay 2 support to more of its speakers, including the BeoPlay A9 and BeoPlay M5.
BeoPlay M5 speaker in AirPlay Picker via Brad Thomas
This...
Following a demo earlier this year at WWDC, LEGO today launched the LEGO AR Playgrounds app for iPhone and iPad [Direct Link]. The app uses ARKit to place digital LEGO characters and blocks into...
Google this week announced that it is shutting down its messaging app Google Allo [iOS Direct Link], and incorporating many of its features into the Messages app on Android smartphones. Google Allo...
Best Buy today launched a new Apple savings event, marking down iPhones, MacBook Airs, MacBook Pros, iMacs, iPads, iPad Pros, and some HomeKit devices. There are numerous notable discounts in the...
ConnectSense, one of the first companies to introduce a HomeKit-enabled smart plug, today announced the launch of the Smart Outlet 2, its second-generation HomeKit product.
Like the first Smart...
