Now a report presented to the public by the Motherboard website revealed that the code was originally provided by a former trainee of the tech giant Apple.
What does iBoot do?
As reported a few days ago, iBoot is, in a simplified way, the iPhone BIOS. It is responsible for ensuring that the operating system boots safely and with all the necessary elements. It also ensures that the Kernel, which is being used, is properly signed by the tech giant Apple. According to the tech giant Apple, this source code is old, has at least three years and product safety does not depend on the secret of the source code. The Cupertino company reinforces that there are many layers of hardware and software protection built into its products. However, according to the report, the trainee who stole the iOS source code originally distributed it to five of his friends who were part of the iOS jailbreak community. Although it was initially decided that the code would not be distributed out of this small group, it eventually spread beyond group control. At some point, it was shared in a Discord chat group, and then about four months ago, it popped up on Reddit, going unnoticed at the time, perhaps because the “Auto Moderator” excluded the post. However, the code was published on GitHub a few days ago, which is when the “leak” begins to have a large coverage. Now, according to one of the friends mentioned above, the former trainee managed to steal “all kinds of internal tools from Apple”. This confirms information from the Motherboard site that additional source code and file names, which were not part of what was put into GitHub, were seen in the screenshots of the code that appeared in the Reddit post. Two of the people in the original circle of the five stated that they never wanted the code to spread because of fear of legal action. However, no one in the group has confirmed that the code has been leaked to third parties and the identities of the five remain anonymous. The former employee declined to give any statement to the Motherboard site, referring to a non-disclosure agreement that he signed with the tech giant Apple.
Millions of users may be exposed
Interestingly, although an iPhone investigator calls it “the biggest leak” in the history of the iPhone, the company itself stated that this “leak” of the iBoot code does not affect the security of the current devices. As the source code is for iOS 9, any possible security issues have been eventually corrected in the last two years. However, keeping in mind that according to Apple statistics, millions of devices are still running iOS 9 or below, many iPhone users may face security concerns if security code vulnerabilities are exploited. At the end of all this information, there is a question that certainly echoes in every head: how did an Apple employee, trainee, get access to some of the iPhone’s most sensitive codes? So, what do you think about this incident and leak? Simply share all your views and thoughts in the comment section below.