Researchers believe the code to be real, and could be a significant security leak
An older version of the software for the iPhone and iPad’s operating system was posted on the code-sharing site GitHub last night, Feb. 7. The source code is for a version of iOS 9, the operating system that debuted in 2015. But it contains information on how to load a verified version of the software when a phone first boots up.
While portions of the code have likely changed in the last few years, it’s possible that the booting process hasn’t changed much. Researchers believe the code to be real, and could be a significant security leak, according to Motherboard. Knowing how to load up a version of iOS can provide hackers with information on how to break into iPhones, but could also provide researchers a useful tool to figure out how to plug those same gaps.
Fun thing about the DMCA: it required Apple to state, under penalty of perjury, that the iBoot source code was legit: https://t.co/PKHZqcEe6h— Karl (@supersat) February 8, 2018
Apple has since requested GitHub take down the code under a copyright claim, but it’s likely that the code has been stored and shared widely online in the hours it was available. As Motherboard points out, this same code was posted on Reddit in September, but it went effectively unnoticed.
iBoot source leak isn’t as interesting as everyone is making out. It’s been circulated between people for years, surprised it took this long to leak such an old build honestly.— nullpixel (@nullriver) February 7, 2018
For the average user who updates their software regularly, there’s likely little to be overly concerned about. The software is two years out of date, and even if hackers were able to use this code to engineer a way into a phone, it’s likely they’d still need physical access to your phone to do so.
Apple said, “old source code from three years ago appears to have been leaked, but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”
So: Make sure you keep your software up-to-date.