Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
The source code of a key iOS component has appeared on GitHub, thanks to which hackers and security researchers can find vulnerabilities in the operating system and develop a jailbreak. In addition, experienced programmers will be able to use it to emulate Apple's OS on platforms from other manufacturers.
This is the source code for iBoot, an iOS bootloader that trustedly loads the operating system. When the iOS device is turned on, iBoot loads the OS kernel, checks for the appropriate Apple signature, and then executes it.
The leaked code is from iOS 9 and earlier, but some of it can still be used in iOS 11. In recent years, Apple has opened some parts of the iOS and macOS sources, but the company keeps the iBoot source code private and is taking measures to protect it. For vulnerabilities found during the download process, Apple pays the highest reward under its bug bounty program (the maximum cost of a vulnerability is $ 200,000).
According to the author of the series of books on iOS and macOS Jonathan Levin (Jonathan Levin), the publication of the source code of iBoot is "the largest leak in history." Levine confirmed that the code that appeared on GitHub is indeed the source for iBoot, as it matches the code that he himself had previously explored using reverse engineering. Another expert specializing in iOS also confirms the authenticity of the code, Motherboard reports.
Trusted boot - booting the OS only from predefined persistent media (for example, only from a hard disk) after the successful completion of special procedures: checking the integrity of the PC hardware and software (using a step-by-step integrity control mechanism) and hardware user identification / authentication.
This is the source code for iBoot, an iOS bootloader that trustedly loads the operating system. When the iOS device is turned on, iBoot loads the OS kernel, checks for the appropriate Apple signature, and then executes it.
The leaked code is from iOS 9 and earlier, but some of it can still be used in iOS 11. In recent years, Apple has opened some parts of the iOS and macOS sources, but the company keeps the iBoot source code private and is taking measures to protect it. For vulnerabilities found during the download process, Apple pays the highest reward under its bug bounty program (the maximum cost of a vulnerability is $ 200,000).
According to the author of the series of books on iOS and macOS Jonathan Levin (Jonathan Levin), the publication of the source code of iBoot is "the largest leak in history." Levine confirmed that the code that appeared on GitHub is indeed the source for iBoot, as it matches the code that he himself had previously explored using reverse engineering. Another expert specializing in iOS also confirms the authenticity of the code, Motherboard reports.
Trusted boot - booting the OS only from predefined persistent media (for example, only from a hard disk) after the successful completion of special procedures: checking the integrity of the PC hardware and software (using a step-by-step integrity control mechanism) and hardware user identification / authentication.
