iOS Bootloader Source Code Leaked Online

The source code for a key component of iOS has appeared in the public domain, giving hackers and security researchers the opportunity to find vulnerabilities in the operating system and develop jailbreaks. In addition, experienced programmers may use this code to emulate Apple’s OS on platforms from other manufacturers.

The leaked code is for iBoot, the iOS bootloader responsible for the trusted boot process of the operating system. When an iOS device is powered on, iBoot loads the OS kernel, checks for a valid Apple signature, and then executes it.

The leaked code pertains to iOS 9 and earlier versions, but some parts may still be used in iOS 11. In recent years, Apple has open-sourced some components of iOS and macOS, but the company has kept iBoot’s source code private and has taken steps to protect it. Vulnerabilities found in the boot process are eligible for the highest rewards in Apple’s bug bounty program, with a maximum payout of $200,000.

According to Jonathan Levin, author of a series of books on iOS and macOS, the publication of the iBoot source code is “the biggest leak in history.” Levin confirmed that the code posted on GitHub is indeed the iBoot source, as it matches code he previously analyzed through reverse engineering. Another iOS security expert also confirmed the authenticity of the code, as reported by Motherboard.

Trusted boot is the process of loading an OS only from pre-defined, permanent storage devices (such as a hard drive) after successfully completing special procedures: verifying the integrity of the computer’s hardware and software (using step-by-step integrity checks) and hardware-based user identification/authentication.