Key source code for iOS's iBoot leaked on GitHub

Isaac Cain
February 9, 2018

If someone were able to discover a vulnerability in the iBoot code, they could theoretically break that security check, allowing unsigned code or code with a forged signature to be executed as iOS boots up.

According to a report from Motherboard, an anonymous user has uploaded what appears to be the source code of iBoot - the iOS secure bootloader - on GitHub, and all evidence suggests the code is authentic. But it gives visibility into what the code does so anyone looking to reverse engineer iOS and write exploits can use this to make their job much easier. Bugs targeting the boot process can get hackers up to $200,000 from Apple's bug bounty program, and possibly much more from zero-day aggregators. This component verifies that iOS is loaded correctly every time and if the kernel is signed by Apple.

iBoot is not labeled or marketed by Apple in any way. On the other hand, Apple has surely made several improvements to its iBoot code since iOS 9, so it's unclear what might come of this leak.

Even though one cannot compile the source code due to missing files, it can however be analyzed to find any vulnerabilities, say security researchers. "Any provider that takes security seriously should always conduct rigorous threat modelling based on the assumption that source code will be exposed as some point and put in place appropriate controls to counter it". "Reproduction of Apple's "iBoot" source code, which is responsible for ensuring trusted boot operation of Apple's iOS software".

More news: Jessica Jones: Season 2 Trailer Digs Into Her Past

It was posted on the website by user 'ZioShiba.' It remains unclear how the user obtained the code, but it appears to be legitimate. Security researchers told the publication their checks show the code is legit and really is part of iOS 9.

Mr Kays said that Apple has taken important steps to improve the protection of its products "so users of its latest devices don't need to be unduly concerned by the release of the iBoot firmware". "And now it's wide open in source code form", Levin continued.

It is very likely that the code may have been spotted and was circulating in the jailbreaking and hacking community.

Other reports by LeisureTravelAid

Discuss This Article