‘Source code of iBoot bootloader for iOS 9 appears on GitHub’

The source code of iBoot, part of the iOS boot process, has appeared on GitHub. This would concern the code for an older version of iOS, namely version 9. Researchers can therefore investigate the software for vulnerabilities.

Researcher Jonathan Levin says on Twitter that the leaked source code can also be used to ‘run a free iOS on ARM boards or in an emulator’. However, the road there would still be a long one. The researcher tells Motherboard that it is a major leak. It would be the actual code, because it corresponds to iBoot code that he himself managed to recover through reverse engineering. The site writes that a second, unnamed researcher has also confirmed the authenticity of the code. Apple encrypts the code, making it inaccessible.

Levin goes on to explain that the code can help researchers look for bugs and vulnerabilities. Because it’s an iBoot version for an older version of iOS, whether the discovery is useful for modern versions of the operating system depends on how many similarities there are in the old and new versions of the code. According to the researcher, the publication also paves the way for tethered jailbreaks.

Motherboard points out that the code appeared on Reddit in the jailbreak subreddit four months ago, but that the message received little attention at the time. A comment from the AutoModerator bot points out that the poster, named apple_internals, did not meet the minimum requirements for posting. The GitHub page that initially hosted the code can no longer be accessed due to a dmca complaint. It was filed by an American law firm and names Apple as the party that will be harmed by the publication.

The iBoot component is responsible for loading iOS and checking that the kernel is properly signed. Motherboard makes the comparison with a bios.