• About & Contact Us
  • SEO Community

Ulancer.com

    • Latest Stories

      What is new?

    • Meet the startups that pitched at EF’s 10th Demo Day in London

      September 27, 2018

    • Rally Rd., the app that lets you invest in classic cars, raises $7M Series A

      September 27, 2018

  • News
  • How to’s
  • Writing
  • Startups
  • Jobs
  • More
    • CMS Tools
    • APPS
    • Web Resources
      • Advertising
      • Firefox
      • Scripts
      • Tools

Apple addresses iOS source code leak, says it appears to be tied to three-year-old software

  • by Ulancer Contributor
  • In News
  • — 8 Feb, 2018


Earlier this week, iOS source code showed up on GitHub, raising concerns that hackers could find a way to comb the material for vulnerabilities. Apple has confirmed with TechCrunch that the code appears to be real, but adds that it’s tied to old software. 

The material is gone now, courtesy of a DMCA notice Apple sent to GitHub, but the occurrence was certainly notable, given the tight grip the company traditionally has on such material. So, if the code was, indeed, what it purported to be, has the damage already been done?

Motherboard, which was among the first to note the code labeled “iBoot,” reached out to author Jonathan Levin, who confirmed that the code certainly looks real and called it “a huge deal.” While the available code appears to be pretty small, it could certainly offer some unique insight into how Apple works its magic.

“Old source code from three years ago appears to have been leaked,” the company said in a statement provided to TechCrunch, “but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”

Much of the security concern is mitigated by the fact that it appears to be tied to iOS 9, a version of the operating system released three-and-a-half years ago. Apple’s almost certainly tweaked significant portions of the available code since then, and the company’s own numbers show that a large majority of users (93-percent) are running iOS 10 or later. But could the commonalities offer enough insight to pose a serious potential threat to iPhone users?

Security researcher Will Strafach told TechCrunch that the code is compelling for the information it gives hackers into the inner workings of the boot loader. He added that Apple’s probably not thrilled with the leak due to intellectual property concerns (see: the DMCA request referenced above), but this information ultimately won’t have much if any impact on iPhone owners.

“In terms of end users, this doesn’t really mean anything positive or negative,” Strafach said in an email. “Apple does not use security through obscurity, so this does not contain anything risky, just an easier to read format for the boot loader code. It’s all cryptographically signed on end user devices, there is no way to to really use any of the contents here maliciously or otherwise.”

In other words, Apple’s multi-layered approach to keeping iOS secure involves a lot more safeguards than what you’d see in a leak like this, however it may have made its way to GitHub. Of course, as Strafach correctly points out, the company’s still probably not thrilled about the optics around having had this information in the wild — if only for a short while.


News source

You might also like...

  • Japan’s SmartHR raises $13.3M led by 500 Startups 23 Jan, 2018
  • Senator Schatz on net neutrality: “This has to be a real political movement” 23 Nov, 2017
  • Facebook defends revenge porn pilot that has people upload nude images of themselves 10 Nov, 2017
  • Jump will be the first stationless, e-bike-sharing service to launch in SF 10 Jan, 2018
  • Previous story WhatsApp has launched person-to-person payments into beta in India
  • Next story Human sequencing pioneer George Church wants to give you the power to sell your DNA on the blockchain
  • RSS
    Receive Freebies & Latest Posts Directly To Your Email - it's Free!

    • Recent Posts
    • Most Popular
    • Comments
    • 7hrCggmJ-AMMeet the startups that pitched at EF’s 10th Demo Day in LondonSeptember 27, 2018
    • oNo38LV2tQIRally Rd., the app that lets you invest in classic cars, raises $7M Series ASeptember 27, 2018
    • Nearby.gifBerkanan is a Bluetooth-powered group messaging appSeptember 27, 2018
    • 2122.pngVinay Gupta to talk about Mattereum at Disrupt BerlinSeptember 27, 2018
    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
    • wptheme2A Collection of Free WordPress ThemesJuly 11, 2010
    • Jason Hall on:Circle launches its stablecoin
    • Jason Hall on:Circle launches its stablecoin
    • Bharat Sarkari Naukri on:Spotify acquires online music studio Soundtrap as it goes after creators
    • PMP on:Online learning platform Unacademy gets $21M Series C from Sequoia India, SAIF and Nexus
  • Staff Picks

    • slider_wp_03Best collection of WordPress Slider PluginsJuly 5, 2010
    • Joomla template builderTop 8 Free Joomla Template GeneratorsJuly 19, 2011
    • 40+ Best WordPress Plugins for Comments40+ Best WordPress Plugins for CommentsJune 18, 2011
  • Recent Posts

    • Meet the startups that pitched at EF’s 10th Demo Day in London
    • Rally Rd., the app that lets you invest in classic cars, raises $7M Series A
  • Search Our Blog

  • Ulancer is an insightful freelance blog and resource site. We provide intuitive articles that cover Photoshop tutorials, time-saving management tips covering a broad range of topics. We also have an active freelance community forum, there you can meet other freelancers that share your common interest, socialize and chat about freelance trending news as the occurred.

© Copyright 2013 Ulancer.