A low-level Apple employee with friends in the hacker community stole a highly sensitive code from the tech giant, it has been revealed.
The anonymous leaker pulled off the feat dubbed ‘the biggest in the company’s history’ by taking the Source code for iBoot while he worked at Apple’s Cupertino headquarters in 2016, two people who received the code from the employee told technology site Motherboard.
iBoot is is the first app that runs when you turn on an iOS device. For example, it runs when the iPhone transitions from a black screen to a white screen and then the iOS home screen.
The employee did not leak the internal code in retaliation for anything, but because his jailbreaking friends encouraged him to take it so they could use it for security research, the anonymous sources said.
Jailbreaking is when hackers modify a smartphone or other electronic device to remove restrictions imposed by the manufacturer or operator.
An additional code that has not yet been released was also allegedly taken by the Apple employee.
A low-level Apple employee with connections in the jailbreaking community took Source code for iBoot while he worked at Apple’s Cupertino headquarters in 2016
One of the anonymous sources told Motherboard the leaker ‘pulled everything, all sorts of Apple internal tools and whatnot’.
Two of five of the jailbreakers who received the code from the leaker said they didn’t plan on it leaving their circle, but soon lost control of its dissemination.
‘I was really paranoid about it getting leaked immediately by one of us. Having the iBoot source code and not being inside Apple…that’s unheard of,’ said one source, adding the code could be ‘weaponized’.
The sources also said they’re not sure who leaked the code outside of the first tight-knit group of friends who first got their hands on it, but by the fall of 2017, outside people were sharing screenshots of the code in a Discord group.
And, last Wednesday, anonymous user ‘Zioshiba posted the Source code for iBoot to GitHub, raising fears that almost any iPhone might be vulnerable to hackers.
The employee stole the code because his jailbreaking friends encouraged him to take internal code so they could use it for security research
The event captured the attention of several security experts, including one who told Motherboard that it was the ‘biggest leak in [Apple’s] history.’
‘It’s a huge deal,’ Jonathan Levin, who writes books about iOS system programming, said in an interview with Motherboard.
Levin was also able to confirm that the source code is authentic.
With iBoot out in the open, it could make it easier for hackers to spot vulnerabilities in the software.
It could also open up opportunities for savvy consumers to ‘jailbreak’ their iPhones, or free their device from constraints imposed by Apple.
When an iPhone has been jailbroken, users can run software that’s not typically allowed or delete applications that come pre-loaded on the device, also known as ‘bloatware.’
Apple recently began using Secure Enclave processors that ensure greater security and made jailbreaking almost obsolete.
Fortunately, many of the risks associated with the leak have been mitigated.
Apple has since responded and said that the leak concerns source code from iOS 9, which was released in 2015.
‘Old source code from three years ago appears to have been leaked,’ Apple told CNET.
‘But by design the security of our products doesn’t depend on the secrecy of our source code.’
‘There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections,’ the firm added.
Pictured, a screen shot of the iBoot soure code that was leaked by GitHub user ‘Zioshiba.’ The code was for iOS 9, however, which means that fewer iOS devices will be affected by the leak
Apple filed a copyright takedown request demanding that the source code be removed from GitHub’s website, but the code has since appeared on other websites
Only 7 per cent of iOS devices are using a version older than iOS 10, which was released in 2016, according to Apple’s website.
If you’re part of that 7 per cent, security experts strongly advise that you update to a newer version of Apple’s iOS software.
Although Apple says the leak isn’t much to worry about, it still took steps to take the iBoot code off of the internet.
The firm filed a copyright takedown request on Thursday that demanded it be removed.
‘The ‘iBoot’ source code is proprietary and it includes Apple’s copyright notice,’ the request reads. ‘It is not open-source.’
Only 7% of iPhone owners are still running software that’s older than iOS 10, according to Apple. This means that a relatively small group of iPhone users would be affected by the leak
The code has since popped up on other sites, which could give hackers a peak into the inner workings of Apple’s iBoot software.
However, security experts say it doesn’t generate much risk for the average iPhone user.
‘In terms of end users, this doesn’t really mean anything positive or negative,’ security researcher Will Strafach told TechCrunch.
Strafach echoed Apple’s sentiment that the security of iOS devices doesn’t depend on obscurity.
‘This does not contain anything risky, just an easier to read format for the boot loader code’
‘There is no way to really use any of the contents here maliciously or otherwise,’ he added.