Slashdot Mirror

← Back to Stories (view on slashdot.org)

Key iPhone Source Code Gets Posted On GitHub (vice.com)

Posted by BeauHD on from the history-making dept.

Jason Koebler shares a report from Motherboard: An anonymous person posted what experts say is the source code for a core component of the iPhone's operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for "iBoot," which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It's the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it's for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000. "This is the biggest leak in history," Jonathan Levin, the author of a series of books on iOS and Mac OSX internals, told Motherboard in an online chat. "It's a huge deal." Levin, along with a second security researcher familiar with iOS, says the code appears to be the real iBoot code because it aligns with the code he reverse engineered himself.

7 of 188 comments (clear)

  1. Re:"This is the biggest leak in history," - Get be by darkain · · Score: 5, Informative

    My very first thought was... Windows 2000 source code. How is iOS considered larger? In relative market dominance, when the 2k source code was released, Microsoft controlled significantly more market share than Apple does currently.

  2. Re:Link? by Anonymous Coward · · Score: 5, Informative

    https://github.com/ZioShiba/iBoot

  3. Re:"This is the biggest leak in history," - Get be by DigiShaman · · Score: 1, Informative

    This is normal of Microsoft; taking what now is a desktop OS and bolting on features to make a Server edition,

    Examples:

    Windows 2000 --> Server 2000
    Windows XP --> Server 2003 and Server 2003 R2
    Windows Vista --> Server 2008
    Windows 7 --> Server 2008 R2
    Windows 8 --> Server 2012
    Windows 8.1 --> Server 2012 R2
    Windows 10 --> Server 2016 (Xbox services, really, WTF????)

    Speaking of Server 2016, damn, was that rushed. It was a total bolt-on to Windows 10. MS didn't even hide the fact.

    --
    Life is not for the lazy.
  4. Re:Link? by Anonymous Coward · · Score: 1, Informative

    MENU_COMMAND_DEVELOPMENT(eload, do_eload, "tftp via ethernet from hardcoded inst
    all server", NULL);

                    env_set("serverip", "17.202.24.178", 0);
                    snprintf(cmdbuf, 128, "tftp getscript scripts/%s/%s.%s\n",

    LUL

    drivers/power/hdqgauge/hdqgauge.c is an interesting read too regarding batterygate.

  5. Re:Isn't it time? by cmseagle · · Score: 3, Informative

    There is literally no legitimate reason

    Tinkering with some devices can kill people. Cars, for example. I don't want to be driving down the highway at 80mph next to the amateur who rooted his car's ECM, bypassing safety features in order squeeze out a few extra horsepower, probably following the steps of a Youtube video tutorial.

  6. Whoever said C is dying needs to re-evaluate by Viol8 · · Score: 5, Informative

    This boot loader consists of:

    13 python tool files (what, not Swift Apple?)
    ONE objective-C file (a test program)
    16 C++ files which seem to be library related

    767 C files + 1196 C .h header files.

    C dying? I don't think so.

  7. Re:Link? by umafuckit · · Score: 3, Informative

    It's already gone.

    --
    soylentnews.org