• About & Contact Us
  • SEO Community

Ulancer.com

    • Latest Stories

      What is new?

    • Square acquires corporate catering startup Zesty

      April 19, 2018

    • PlayVS wants every high school to have an esports team

      April 19, 2018

  • News
  • How to’s
  • Writing
  • Startups
  • Jobs
  • More
    • CMS Tools
    • APPS
    • Web Resources
      • Advertising
      • Firefox
      • Scripts
      • Tools

Apple addresses iOS source code leak, says it appears to be tied to three-year-old software

  • by Ulancer Contributor
  • In News
  • — 8 Feb, 2018


Earlier this week, iOS source code showed up on GitHub, raising concerns that hackers could find a way to comb the material for vulnerabilities. Apple has confirmed with TechCrunch that the code appears to be real, but adds that it’s tied to old software. 

The material is gone now, courtesy of a DMCA notice Apple sent to GitHub, but the occurrence was certainly notable, given the tight grip the company traditionally has on such material. So, if the code was, indeed, what it purported to be, has the damage already been done?

Motherboard, which was among the first to note the code labeled “iBoot,” reached out to author Jonathan Levin, who confirmed that the code certainly looks real and called it “a huge deal.” While the available code appears to be pretty small, it could certainly offer some unique insight into how Apple works its magic.

“Old source code from three years ago appears to have been leaked,” the company said in a statement provided to TechCrunch, “but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”

Much of the security concern is mitigated by the fact that it appears to be tied to iOS 9, a version of the operating system released three-and-a-half years ago. Apple’s almost certainly tweaked significant portions of the available code since then, and the company’s own numbers show that a large majority of users (93-percent) are running iOS 10 or later. But could the commonalities offer enough insight to pose a serious potential threat to iPhone users?

Security researcher Will Strafach told TechCrunch that the code is compelling for the information it gives hackers into the inner workings of the boot loader. He added that Apple’s probably not thrilled with the leak due to intellectual property concerns (see: the DMCA request referenced above), but this information ultimately won’t have much if any impact on iPhone owners.

“In terms of end users, this doesn’t really mean anything positive or negative,” Strafach said in an email. “Apple does not use security through obscurity, so this does not contain anything risky, just an easier to read format for the boot loader code. It’s all cryptographically signed on end user devices, there is no way to to really use any of the contents here maliciously or otherwise.”

In other words, Apple’s multi-layered approach to keeping iOS secure involves a lot more safeguards than what you’d see in a leak like this, however it may have made its way to GitHub. Of course, as Strafach correctly points out, the company’s still probably not thrilled about the optics around having had this information in the wild — if only for a short while.


News source

You might also like...

  • HPE adds recommendations to AI tech from Nimble acquisition 21 Nov, 2017
  • Digital ethicist James Williams talks about the rise of bad social media 5 Dec, 2017
  • Didi Chuxing declares war on China’s bike-sharing startups 9 Jan, 2018
  • YouTube is pulling Tide Pod Challenge videos 18 Jan, 2018
  • Previous story WhatsApp has launched person-to-person payments into beta in India
  • Next story Human sequencing pioneer George Church wants to give you the power to sell your DNA on the blockchain
  • RSS
    Receive Freebies & Latest Posts Directly To Your Email - it's Free!

    • Recent Posts
    • Most Popular
    • Comments
    • IQ-pZI_YrIcSquare acquires corporate catering startup ZestyApril 19, 2018
    • CwWjOVt7b0IPlayVS wants every high school to have an esports teamApril 19, 2018
    • item-page-cryptokitty.pngCrypto-collectibles and Kitties marketplace Rare Bits raises $6MApril 19, 2018
    • freelance-dream-590x354.jpg7 Resources to Help You Start Freelancing From ScratchApril 19, 2018
    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
    • wptheme2A Collection of Free WordPress ThemesJuly 11, 2010
    • Troy on:Useful List of Best Magento SEO Extensions For E-commerce Store
    • Роман Оныщук on:  15 Most Popular Cloud Applications and SaaS Services for Business
    • Yemli Lala on:How to Outsource Your Freelance Blogging Work with Integrity
    • Sammy May on:Chip, the chatbot savings app, raises over £1M in crowdfunding with plans to apply for a banking license
  • Staff Picks

    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
  • Recent Posts

    • Square acquires corporate catering startup Zesty
    • PlayVS wants every high school to have an esports team
  • Search Our Blog

  • Ulancer is an insightful freelance blog and resource site. We provide intuitive articles that cover Photoshop tutorials, time-saving management tips covering a broad range of topics. We also have an active freelance community forum, there you can meet other freelancers that share your common interest, socialize and chat about freelance trending news as the occurred.

© Copyright 2013 Ulancer.