This week has been quite a revealing one for GitHub. It has been reported on February 7 that a former intern from Apple has leaked some rather sensitive material in source codes from the iPhone. This leak will go down in history as the greatest iPhone leak ever recorded. iBoot is the process in which the iPhone gets booted when you switch on the device and is responsible for making sure the codes being processed are valid. An anonymous user that goes under the handle name “ZioShiba” leaked the source codes.
It all started with a group of 5 individuals who were working toward the same goal in jailbreaking iOS software. They initially stole the iOS 9 source code, says Motherboard. The initial intention was not to spill the codes outside the circle but in 2017 things didn’t go as planned as the code was shared outside the friends. In response to the person of the group who stole the iOS 9 code, a friend says “He was able to do anything he wanted with Apple”.
One of the other individuals commented, “I was always worried because everyone knows whoever leaks an iBoot source code has to be on the inside working for Apple. I never expected, nor wanted, for anyone to see the source code considering its legal implications.” It was no accident either, for the leak was actually posted on a Reddit chat room roughly four months ago not just once, but twice, after one of the moderators had pulled it down and this time using GitHub as its sending source.
In addition, the person also said, “Apple´s internal community is filled with young people who are eager and curious and are bound to one day make mistakes. The leak is actually a copy and not even a full copy at that.” As expected, the post went viral until Apple issued a takedown by the DMCA. The Cupertino company says the post contained sensitive information but not enough to pose security threats.
A statement made to TechCrunch says, “Although the code from three years ago has leaked, however, hiding source codes don’t necessarily mean more security. That’s why we offer regular updates to our customers to always be protected.”
IBTimes UK has attempted to make contact with Apple. When it had been taken down the post did contain copyright notice from Apple. Apple does try to downplay the leak but experts declare it to be more serious than perceived.
SC Magazine UK was told by RedScan CTO Andy Kays that “This iBoot code release just goes to show the sellers can’t take advantage of it. They are learning they can’t just rely on the code for security and the providers who know this will have greater success in avoiding future security breaches.”