Apple plays down security fears over leaked iOS source code

Apple plays down security fears over leaked iOS source code

Apple plays down security fears over leaked iOS source code

Exactly what hackers are able to do with the leaked iBoot will depend on what security flaws are present in the source code, if those flaws have been retained in new versions of the operating systems, and whether those flaws can be exploited.

Despite these assurances from Apple, some security experts have warned iPhone and iPad users to secure their devices. Further, the company also issued a DMCA takedown for the code.

But even if the code leak is not a security risk, the mere fact that it made its way into the outside world is something that Apple will be deeply concerned about. According to Motherboard, it was down to a "low-level Apple employee" who worked at the company in 2016, around the time of iOS 9. But it's an obvious confirmation when they reacted so fast and asked GitHub to take down links with propriety and confidential data through the DMCA request.

AutoExpo2018: Lohia Auto launches electric three-wheeler Comfort E Auto
The all-new MINI Countryman was unveiled at the Auto Expo and would be locally produced at the BMW Group plant in Chennai . Maruti Suzuki made the global unveiling of its concept compact vehicle with SUV-like features named ConceptFutureS.

iBoot is the one component Apple has been holding on to, still encrypting its 64-bit image. now it's wide open in source code form. "It is not open-source", said the legal document.

Motherboard's Lorenzo Franceschi-Bicchierai reported on Wednesday that someone posted the iBoot source code on a GitHub repository. However, multiple copies of the code have already spread online. The "iBoot" starts up the system when the iPhone is first turned on. By doing so, it added, Apple "indirectly confirmed that the code was real". Essentially, it is like the BIOS code found in PCs. Apple has already contacted the site to request the code's removal since previously iOS code has been a carefully guarded secret. Hackers and security researchers could use it to find vulnerabilities in the iOS operating system or make jailbreaking iOS devices easier. Once the phone is jailbroken, users are at will to run the software that are otherwise not allowed, or delete the apps that come preloaded on the device. But then, the Cupertino-based company unsurprisingly doesn't see it that way.

However, according to the security researcher Will Strafach, for the end users it does not really mean anything positive or negative. However, it being an inherent software engineering process where existing codes have always originated or have evolved from codes in the past, hacking or such misadventure owing to the leak can't be ruled out entirely.

Related news