Slashdot Mirror
Key iPhone Source Code Gets Posted On GitHub (vice.com)
Jason Koebler shares a report from Motherboard: An anonymous person posted what experts say is the source code for a core component of the iPhone's operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for "iBoot," which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It's the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it's for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000. "This is the biggest leak in history," Jonathan Levin, the author of a series of books on iOS and Mac OSX internals, told Motherboard in an online chat. "It's a huge deal." Levin, along with a second security researcher familiar with iOS, says the code appears to be the real iBoot code because it aligns with the code he reverse engineered himself.
I hope he was being silly and isn't actually dumb enough to believe this is the biggest leak in history. Jesus lol.
And yes, this corresponds with what I have reverse engineered from the iPhone, so it appears legit.
The bootloader of a phone would be the biggest leak in history?
Wasn't the whole Windows code leaked? I think it was Windows 2000.
My very first thought was... Windows 2000 source code. How is iOS considered larger? In relative market dominance, when the 2k source code was released, Microsoft controlled significantly more market share than Apple does currently.
why have an article like this with no clear links to the repo? Is it a legal reason?
Shouldn't this have been leaked on Pornhub rather than Github?
#DeleteChrome
Windows 2000: Version NT 5.0 (business OS only, like NT 4)
Window XP: Version NT 5.1 (business and consumer OS, replacing NT/2000 and 9x)
Their kernels were remarkably similar. Their releases were very close together. XP was simply 2000 with a skin and a few updated applications, otherwise they were essentially the same OS. Regardless of the actual install base of 2000, it was the core OS internals that migrated all of the multimedia and application code from 9x to the NT kernel. It was monumental.
Also significant, as a result of the leak, large parts of Windows 2000 code was incorporated into the Linux kernel. This gave Linux a strong boost during a time that it was struggling against BSD.
Allow open access to our mobile devices. I have root on any Mac/Windows/Linux system. By rights, I should have the same access on my tablets and phones.
Crazy talk, huh?
Why is all the good stuff already modded 5, when I have mod points?
I'm sure Apple has a team of smart folks going over this code with a fine toothed comb, and any issues found will be fixed soonish.
To be honest, since this code came from apple, I'd be quite suprised indeed if it was never checked for issues.
There's very little a company can do to prevent a determined programmer from leaking source code. Source is easily copied, and relatively small, and a module's source has to be present in its entirety on a local machine to compile. Thumb drives are tiny and easily hidden. Programmer's machines, by nature, can't easily be locked down.
What exactly would you suggest they do to prevent leaks like this?
Irony: Agile development has too much intertia to be abandoned now.
They should treat their programmers really nice then. And try not to hire crazy ones.
The kernels for those systems were similar because a great deal of them was authored by David Cutler and the engineers he brought along from DEC, previously responsible for VMS. It represented a large architectural shift from the DOS kernel and operating system previously used for Microsoft. If the theft of intellectual property involved there can be considered a leak, it might be comparable in size. It was certainly a large economic impact for DEC and Microsoft.
So Apple's billions in the bank is because their customers are a bunch of dolts who take it straight up the ass and not because their product(s) might be useful to (or god forbid, preferred by) millions upon millions of customers?
Gee whiz!
Apple's recent gaffs have been stupendous, that's for sure. But really, other than a handful of geeks on the Internet, nobody really gives a shit.
--Android User
Beware of the Leopard.
Seriously, somebody posted the entire source code to Android a while back.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Isn't it time to get some new laws on the books that recognize an individual's rights to be a superuser on their own equipment?
It should be illegal to manufacture, or offer for sale any device which has a privilege level technically feasible yet unattainable. There is literally no legitimate reason our society should allow non-rootable devices to exist. It's time for the practice to end.
A government is a body of people notably ungoverned - AC
"The code says it's for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11"
Impossible. Used both. iOS 9 was working fine. iOS 11 is a bug nest.
Slashdot, fix the reply notifications... You won't get away with it...
...because, have you ever actually tried to download and build it? You need a supercomputer.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
This boot loader consists of:
13 python tool files (what, not Swift Apple?)
ONE objective-C file (a test program)
16 C++ files which seem to be library related
767 C files + 1196 C .h header files.
C dying? I don't think so.