Essential iOS iBoot Code Gets Dumped Online

By Gabriela Vatu / February 8, 2018

The code for the iOS iBoot is now available on GitHub, and it wasn't Apple's doing. In fact, putting this code where everyone can see is probably one of the last things Apple wants.

That's because iBoot is a central part of Apple's operating system. As the name suggests, iBoot helps load iOS, and it's the first process that runs when you turn on the phone.

Now, the leak is particularly important because Apple notoriously keeps its code close to the vest in an effort to keep away those with ill intentions. The reality is that the release of the iBoot code on GitHub is a potential security threat to users.

For many years now, it's been close to impossible to jailbreak an iPhone. As opposed to pretty much any Android phone, the iOS prevented this from happening because there was no real way to do this. The iBoot code that's making the rounds online (because if it's on GitHub, then jailbreak fans have had it for a while), is from iOS 9. Apple's newest devices are running iOS 11 right now, but some older devices may very well still run that version. Even if that's not the case, since Apple users are known for actually installing those updates, some of the iBoot code from iOS 9 may still carry through to the new version. Regularly, companies don't scratch their own codes, but rather work to improve them by building on the same ground blocks.

It is unclear how the code ended up online, and whether it's 100% real, but experts believe this to be the real deal.

Broken iPhone

Jonathan Levin, a known author of books on iOS and Mac OSX, told Motherboard this is "the biggest leak in history." He mentions Apple has been holding tight to iBoot, as it's one of the components they're still encrypting its 64-bit image. "And now it's wide open in source code form."

Levin believes that not only will this code help jailbreakers, but it will also give a helping hand to security researchers looking to cash in on iOS bugs. iBoot related bugs are the ones that will get researchers some of the highest bounties, of up to $200,000. Without access to the code, looking for vulnerabilities is particularly difficult, which is why researchers often focus on the open-source Android, for instance.

It looks like the code had actually been posted to Reddit a few months ago, but since the user had no reputation, the entire thing got buried.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: