Apple confirms iPhone supply code leak

Adjust Comment Print

Exactly what hackers are able to do with the leaked iBoot will depend on what security flaws are present in the source code, if those flaws have been retained in new versions of the operating systems, and whether those flaws can be exploited. Arxan Technologies VP of product, Rusty Carter says iBoot's leak could potentially allow hackers to find security holes in the smartphone, enabling them to analyse Apple's code, replicating and manipulating it for malicious goal.

"There are many layers of hardware and software protections built in to our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections", Apple said in its statement.

Users having the latest iOS version have nothing to worry about concerning the potential vulnerabilities. That said, iBoot is highly sensitive code, and Apple apparently pays up to $200,000 under its bug bounty program to anyone who discovers bugs in the boot up procedure.

Apple typically keeps most of its iOS source code private and ordered Github to remove the content.

However, Apple could have co-opted elements of its previous operating systems in the current software, so parts of the iOS 9 code may be used in iOS 11.

And now that the iBoot source code is in the hands of anyone who wants a copy, it's likely to give hackers ideas, inspiration, and above all, vulnerabilities to allow them to crack open older devices.

Is This Why Kylie Jenner Named Her Daughter Stormi?
Kylie is apparently living in her Hidden Hills mansion while Travis has his own house 45-minutes away in the Hollywood Hills. And her half-brother Brody Jenner was seemingly kept in the dark about her pregnancy.

"If there's nothing wrong with the code, it doesn't matter that it's out there", he said. The leak was for a critical part of the operating system, dubbed iBoot, which starts up the system on an iPhone when a user turns it on. Although the iOS 9 code is no longer on GitHub, that's not to say others have saved the code and have subsequently reuploaded it elsewhere.

That's why Apple spent US$225,000 for iPhone-related bugs at Mobile Pwn2Own previous year, he said.

Although it is not yet known whether the code came from inside Apple, security researchers believe it is authentic.

Seventy percent of iOS devices are highly vulnerable to such exposure, recent research suggests.

It also could open up access to data on the device, she told TechNewsWorld. He has written for Reuters, Bloomberg, Crain's New York Business and The New York Times.