Wed, 14 Nov 2018
San Diego

Apple confirms online leak of iPhone source code

By Sheetal Sukhija, San Diego News
11 Feb 2018, 09:18 GMT+10

CALIFORNIA, U.S. - Confirming an embarrassing source code leak, Apple said on Saturday that some of the source code for its iOS mobile operating system had been leaked online.

According to the company, the boot-up source code used on its older iOS 9 operating platform was posted on code-sharing website Github.

While Apple usually keeps its iOS source code private, following the leak, it said the leak had not necessarily compromised security.

Nevertheless, the company is said to have ordered Github to remove the content.

Apple said in a statement that the security of the iPhone did not rely on "the secrecy of its source code.”

The tech giant added that it always encouraged customers to keep up to date with operating system upgrades.

Currently, the operating system version is iOS 11 and Apple said that 93 percent of its users are using iOS 10 or above. 

It pointed out that these 93 percent devices may no longer use the leaked code.

The iBoot leak, which was first reported by news site Motherboard was dubbed ‘extraordinary’ with some tech experts even calling it the ‘biggest leak in history.’ 

An anonymous user called ‘Zioshiba’ posted the code on Github, sparking fears that iPhones have been left vulnerable to hackers.

The code reportedly began with the statement, "This document is the property of Apple Inc. It is considered confidential and proprietary."

While Apple played down the concerns, cyber-security expert Prof Alan Woodward, from the University of Surrey called it "extraordinary" that the code had been leaked.

He said in a statement, “The source code for a company's operating system is like the crown jewels - it is guarded very well.”

He pointed out that security researchers and hackers are likely to study the code, to see whether there are any flaws in it that might make unauthorized access possible.

Adding, "If there's nothing wrong with the code, it doesn't matter that it's out there. But Apple should be worried because if somebody has got hold of that, what else have they got? Assuming it is genuine, it has come from the inside somewhere."

Meanwhile, Apple said in its statement, "Old source code from three years ago appears to have been leaked, but by design the security of our products doesn't depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections."

Security researcher Jonathan Levin, however, said in the report, “iBoot is the one component Apple has been holding on to, still encrypting its 64-bit image... And now it’s wide open in source code form.”

More San Diego News

Access More

Sign up for San Diego News

a daily newsletter full of things to discuss over drinks.and the great thing is that it's on the house!