The secret code that allows iPhones to turn on has reportedly been made public

Advertisement
The secret code that allows iPhones to turn on has reportedly been made public

Worried Tim Cook

Stephen Lam/Reuters

Apple CEO Tim Cook.

Advertisement
  • An anonymous source posted on GitHub what seems to be the private code of iBoot, the software that allows iOS to run on iPhones and iPads.
  • The code could allow ill-intentioned people to exploit the security of iOS devices.
  • A security expert said that the code appears to be genuine, although it refers to an older version of the system.


The code that allows iOS devices to boot up, aptly named iBoot - and that Apple makes sure to keep private - may have leaked online.

A new report from Motherboard claims that the code could be retrieved on GitHub, a hosting service for software developers to publish and share code.

Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

The code seems to belong to an older version of iOS (presumably iOS 9, released in 2015) but parts of it may very well be used in the current iOS 11.

iBoot essentially allows iPhones and other iOS devices to turn on; it's the very first thing that is activated when someone pushes the sleep/wake button.

Advertisement

It loads, verifies that the kernel - the "heart" of the operating system's code - is actually signed by Apple, and then executes the code and takes you to the lock screen.

Motherboard asked Jonathan Levin - chief technology officer of software security firm Technologeeks and author of several books on the theme - what he thinks about the leak.

"This is the biggest leak in history," Levin told Motherboard, confirming that the code - whose source is unknown - may be legit. "It's a huge deal."

Apple did not immediately respond to Business Insider's request for comment.

The access to iBoot's code may have several implications; it could allow researchers to find vulnerabilities in the systems more easily, but it might also open the door to less benevolent hackers willing to exploit the hole.

Advertisement

Ill-intentioned people could potentially find bugs that let them crack or decrypt an iPhone, despite the extra security steps added by the Secure Enclave Processor built into each new iOS device, or even emulate the operating system on non-Apple products.

Levin told Motherboard that, if the code is genuine, it may start circulating widely in the underground iOS jailbreaking community, which in turn might mean that the increasingly less popular jailbreaks may come back soon.

"iBoot is the one component Apple has been holding on to, still encrypting its 64 bit image," Levin said. "And now it's wide open in source code form."

The secret code that allows iPhones to turn on has reportedly been made publicEXCLUSIVE FREE SLIDE DECK:
The Next Smartphone by the BI Intelligence Research Team.
Get the Slide Deck Now »