If you own an iPhone, you might be in for quite the rough road ahead. Someone just posted what may be the source code for a core component of iOS online, which means hackers now have an easier time of trying to crack into your phone.
Labelled “iBoot” on GitHub, the code looks to be a part of the iPhone’s operating system bootup program. Basically, it’s what’s responsible for loading iOS on your iPhone whenever you turn it on.
Apple has, in the past, kept its source code under lock and key, though certain parts of iOS and MacOS have been opened to the public. However, things like iBoot are meant to be kept away from all prying eyes, because they provide all-encompassing access to the OS. Flaws in the boot process reported under Apple’s bug bounty program could net you up to $200,000 (approximately Rs 1.28 crore).
This newly leaked code isn’t the latest, as experts peg it to be for iOS 9. However, it’s probably safe to assume that some sections of it can be repurposed for iOS 11 as well. Coders are calling it the biggest tech leak in history, and are also saying it’s likely authentic. So far, no one knows who leaked the code, and Apple is still refusing to comment. That’s probably because this could be a disaster waiting to happen.
Access to iBoot’s source code makes it easier for hackers to find flaws to exploit, that would gain them entry into an iPhone. In fact, it could even let advanced programmers emulate iOS on other unrelated devices. Basically, they could get iOS 11 running on a OnePlus 5T or other similar shenanigans.
Probably scarier however, is that the code could also let hackers decrypt the contents of your iPhone. That means, in case you lose your phone, you’d have to worry about all your personal data and files being stolen. The only upside here (and it’s a very small one), is that this once again makes it easier to jailbreak your iPhone, at least once modders have perfected the method.
The thing is, this leak was available about a year ago on Reddit, though the user was new, and the post eventually got buried minus any attention. It’s resurfaced now that the post has been submitted on GitHub, where it’s gaining views from programmers and security researchers.
Either way, you’d better cross your fingers that the security researchers with their hands on this information work faster than the black hat hackers. If not, your iPhone security may be as good as non-existent.