A skilled anonymous hacker leaked the source code for Apple's ultra-secret iBoot software on Wednesday, raising fears that nearly any might be vulnerable to hackers. Having knowledge of this code could help hackers and others jailbreak the device, helping them find flaws and bugs, which could decrypt iPhones and emulate the smartphones' software, so it can be used on other devices.
The code on GitHub was labelled "iBoot", which is a key cog of iOS responsible for making sure the operating system "boots up" safely and securely. The employee also possesses additional source code that was not included in the original leak; whether that code leaks one day, or has already been leaked and went unnoticed, remains to be seen.
Motherboard asked Jonathan Levin - chief technology officer of software security firm Technologeeks and author of several books on the theme - what he thinks about the leak.
"Apple iOS is widely viewed as the most trusted mobile operating system out there. This document may not be reproduced or transmitted in any form, in whole or in part, without the express written permission of Apple Inc". At least one security researcher called this the biggest leak in iPhone history, which begs the question, how could something like this happen?
Apple typically keeps most of its iOS source code private and ordered Github to remove the content.
It contributes source code to the open source community, Apple pointed out. Who knows for what version of iOS this was even meant for, and how do we even know if the code is even meant to be on devices that have the latest iOS.
Fortunately, numerous risks associated with the leak have been mitigated. According to Motherboard, it was down to a "low-level Apple employee" who worked at the company in 2016, around the time of iOS 9.
Plus, Apple said the leaked code is three-years-old, so there is no need to panic. "There are many layers of hardware and software protections built into our products".
iBoot is extremely important for Apple products's security. While Apple has said that the leak is essentially nothing for users to be concerned about, it makes one wonder whether Apple's ecosystem is as roughly locked down as once thought.
Cyber-security expert Prof Alan Woodward, from the University of Surrey, said it was "extraordinary" that the code had been leaked.