iPhone Source Code Was Leaked by Low-Level Apple Employee

by

Earlier this week, source code for iBoot, a core component of the iPhone's operating system, leaked on GitHub. The code was old, for a version of iOS 9, and it was quickly pulled from GitHub after Apple issued a DMCA takedown notice, but it left many wondering how such sensitive code ended up publicly available.

To answer that question, Motherboard got in touch with unnamed sources who were involved in the leak and investigated screenshots, text messages, and more, to determine just how it happened.

ios 9 ipad iphone
As it turns out, the code originally came from a low-level Apple employee who took the code from Apple in 2016 to share with friends in the jailbreaking community. This employee wasn't unhappy with Apple and didn't steal the code with malicious intent, but instead was encouraged by friends to obtain the code to benefit the jailbreaking community.

The person took the iBoot source code--and additional code that has yet to be widely leaked--and shared it with a small group of five people.

"He pulled everything, all sorts of Apple internal tools and whatnot," a friend of the intern told me. Motherboard saw screenshots of additional source code and file names that were not included in the GitHub leak and were dated from around the time of this first leak.

The original group of five people who were provided with access to the code didn't intend to share it, but it somehow got out. From one of the original people involved:

"I personally never wanted that code to see the light of day. Not out of greed but because of fear of the legal firestorm that would ensue," they said. "The Apple internal community is really full of curious kids and teens.I knew one day that if those kids got it they'd be dumb enough to push it to GitHub."

The code began circulating more widely in 2017 and picked up in popularity late in the year before ending up on GitHub this week. Many in the jailbreaking and iPhone research communities attempted to stop sharing, but the major public leak couldn't be avoided.

According to the unnamed people who spoke to Motherboard, what leaked wasn't the "full leak." "It's not the original leak-it's a copy," said one source.

Following the leak, Apple confirmed the authenticity of the code in a statement to MacRumors and pointed out that it's for a three-year-old operating system that's been replaced by iOS 11 and is in use only on a small number of devices.

"Old source code from three years ago appears to have been leaked, but by design the security of our products doesn't depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections."

The iBoot code leak should not be of concern to the average user because Apple has many layers of protection in place, like the Secure Enclave, and does not rely on source code secrecy alone to keep its users safe. The leak could, however, make it easier for people to locate vulnerabilities to create new jailbreaks.

Popular Stories

iPhone SE 4 Vertical Camera Feature

iPhone SE 4 Production Will Reportedly Begin Ramping Up in October

Tuesday July 23, 2024 2:00 pm PDT by
Following nearly two years of rumors about a fourth-generation iPhone SE, The Information today reported that Apple suppliers are finally planning to begin ramping up mass production of the device in October of this year. If accurate, that timeframe would mean that the next iPhone SE would not be announced alongside the iPhone 16 series in September, as expected. Instead, the report...
Read Full Article68 comments
iPhone 17 Plus Feature

iPhone 17 Lineup Specs Detail Display Upgrade and New High-End Model

Monday July 22, 2024 4:33 am PDT by
Key details about the overall specifications of the iPhone 17 lineup have been shared by the leaker known as "Ice Universe," clarifying several important aspects of next year's devices. Reports in recent months have converged in agreement that Apple will discontinue the "Plus" iPhone model in 2025 while introducing an all-new iPhone 17 "Slim" model as an even more high-end option sitting...
Read Full Article160 comments
Generic iPhone 17 Feature With Full Width Dynamic Island

Kuo: Ultra-Thin iPhone 17 to Feature A19 Chip, Single Rear Camera, Semi-Titanium Frame, and More

Wednesday July 24, 2024 9:06 am PDT by
Apple supply chain analyst Ming-Chi Kuo today shared alleged specifications for a new ultra-thin iPhone 17 model rumored to launch next year. Kuo expects the device to be equipped with a 6.6-inch display with a current-size Dynamic Island, a standard A19 chip rather than an A19 Pro chip, a single rear camera, and an Apple-designed 5G chip. He also expects the device to have a...
Read Full Article162 comments
iPhone 16 Pro Sizes Feature

iPhone 16 Series Is Less Than Two Months Away: Everything We Know

Thursday July 25, 2024 5:43 am PDT by
Apple typically releases its new iPhone series around mid-September, which means we are about two months out from the launch of the iPhone 16. Like the iPhone 15 series, this year's lineup is expected to stick with four models – iPhone 16, iPhone 16 Plus, iPhone 16 Pro, and iPhone 16 Pro Max – although there are plenty of design differences and new features to take into account. To bring ...
Read Full Article130 comments
icloud private relay outage

iCloud Private Relay Experiencing Outage

Thursday July 25, 2024 3:18 pm PDT by
Apple’s iCloud Private Relay service is down for some users, according to Apple’s System Status page. Apple says that the iCloud Private Relay service may be slow or unavailable. The outage started at 2:34 p.m. Eastern Time, but it does not appear to be affecting all iCloud users. Some impacted users are unable to browse the web without turning iCloud Private Relay off, while others are...
Read Full Article80 comments
iPhone 17 Plus Feature Purple

iPhone 17 Rumored to Feature Mechanical Aperture

Tuesday July 23, 2024 9:32 am PDT by
Apple is planning to release at least one iPhone 17 model next year with mechanical aperture, according to a report published today by The Information. The mechanical system would allow users to adjust the size of the iPhone 17's aperture, which refers to the opening of the camera lens through which light enters. All existing iPhone camera lenses have fixed apertures, but some Android...
Read Full Article60 comments

Top Rated Comments

rpmurray Avatar
rpmurray
84 months ago
Five people can keep a secret if five of them are dead.
Score: 27 Votes (Like | Disagree)
OldSchoolMacGuy Avatar
OldSchoolMacGuy
84 months ago
BREAKING NEWS: Android source code leaked, possibly by Google themselves!!

https://source.android.com

This isn't a big deal. If anything it means finding some remaining open holes which can then be patched. All Linux is open source. There aren't issues there because of it. If anything it means others can help to find vulnerabilities which can then be corrected.

iOS 9 was released 3 years ago. A LOT has changed in the source code since then and this isn't even the entire source as it can't be compiled.
Score: 22 Votes (Like | Disagree)
sputnikv Avatar
sputnikv
84 months ago
good way to ensure you don’t get hired by another tech giant
Score: 12 Votes (Like | Disagree)
lec0rsaire Avatar
lec0rsaire
84 months ago
What a scumbag. There's really no other word to describe someone who would do this. You're given an opportunity to work for one of the best companies in the industry or the world for that matter and you betray them in the worst way possible. This isn't a careless employee leaving an iPhone 4 prototype at a bar. Malicious intent or not, this is a criminal act and I hope this guy is prosecuted to the fullest extent of the law.

It's one thing when jailbreakers find exploits on their own through countless hours of hard work and another thing when an employee violates the trust given to him by his employer. Thankfully the impact of this is limited and the security of most users won't be compromised but Apple will have to be a lot more careful with the people they hire from now on and what they're able to leave the premises with.
Score: 10 Votes (Like | Disagree)
hsotnicam8002 Avatar
hsotnicam8002
84 months ago
Thief - jail.
Score: 7 Votes (Like | Disagree)
iOSFangirl6001 Avatar
iOSFangirl6001
84 months ago
Yikes. I wonder if he's going to be fired.
Pink Slip Time

The funny thing is that his friends push him to do it and then they expose him.
Funny how “friends” can throw friends under the bus huh?
Also peer pressure may have been a red flag as to how good of “friends” they really were

“Dude come do this thing that’s possibly illegal or could get us sued”

Not well thought out on the part of the friends
Score: 7 Votes (Like | Disagree)
Read All Comments