UPDATE: In a statement, Apple played down the threat of the source code leak. "The security of our products doesn't depend on the secrecy of our source code," the company said in an email.
Apple stresssed that iOS 9 is three years old, and that about 93 percent of iOS users run iOS 10 or above. To stay protected, customers are encouraged to run the latest versions of iOS on their Apple products, the company said.
Original story:
Apple is facing a potential security nightmare after iOS 9 source code was uploaded to GitHub by an unknown individual or group.
As Motherboard reports, it has since been removed after Apple filed a copyright takedown request, but once things are on the internet, it's hard to control. It was actually first posted last year on Reddit, but mostly went unnoticed since the user wasn't a frequent poster.
Apple iOS 9 is old, you may think, as we're now up to iOS 11, but that doesn't mean parts of the iOS 9 code aren't still in use. As Motherboard explains, the situation is made worse for Apple because the source code that did leak is for iBoot.
Apple uses iBoot to handle booting iOS when you first turn on your iPhone. It is the first process to run, and it verifies iOS has been properly signed by Apple. In other words, it's the first security check performed by Apple, meaning the code will be of great interest to hackers who would like to jailbreak newer versions of the mobile operating system.
Jonathan Levin, author of a trilogy of books on macOS and iOS internals, tells Motherboard that the source code leak is "the biggest leak in history" and "a huge deal." He checked the code and believes it's the real iBoot code used by iOS 9. It's also worth noting that Apple's bug bounty program pays out the most money ($200,000) for vulnerabilities discovered in the boot process. According to Levin, this leak means tethered jailbreaks could soon re-appear for iOS.
Recommended by Our Editors
Apple's iBoot team is no doubt now reviewing what exactly leaked, what if anything it could reveal in terms of security vulnerabilities, and how to best mitigate any future hacks with an update to iOS 11.
Like What You're Reading?
Sign up for Fully Mobilized newsletter to get our top mobile tech stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
