Apple is famously known for keeping its source code closed and far from anyone except itself. However, someone had leaked a bunch of its very sensitive code to public.
A user known as "ZioShiba”" posted large segments of Apple’s secure iBoot framework code to GitHub. Apple's iBoot is a low-level piece of software present on all Apple devices running iOS. Acting as a bootloader or the BIOS, it's the first thing that starts up when iPhones are turned on.
This iBoot loads the kernel and verifies that it was signed by Apple. If users attempt to boot a modified kernel, this iBoot will immediately show a warning. Because this is integral to its security, Apple considers this code special. The company has even offered $200,000 bug bounty to whoever can find vulnerabilities.
As it realized that its iBoot has been leaked, the company quickly issued a DMCA takedown request, saying that, "The ‘iBoot’ source code is proprietary and it includes Apple’s copyright notice. It is not open-source."
However, Apple's attempt to prevent the code from being seen by anyone, was too late. Despite it's gone from GitHub, the iBoot code is already out there in the wild, with backups circulating in the web.
People who got their hands on it could indeed create some new attack methods by seeking vulnerabilities on the codes because the leaked codes do add more information to hackers into the inner workings of the bootloader.
The code however, is an old one. The iBoot version comes from iOS 9, which was introduced in 2014. But still, security researchers suspect that much of the code is still active on newer versions of iOS.
Apple itself confirmed that the leak contained legitimate code. The code isn't a complete one with some key files missing, so it cannot be compiled. But for Apple, this is a real deal, because the code leaked is valid even if Apple has tightened iOS' security measures.
However the company dismissed potential security implications, saying that:
While the available code is small, it could certainly offer some unique insight into how Apple works its magic.
Security researcher Jonathan Levin who writes books about iOS and macOS system programming, said that he himself was able to reverse engineered it. He believes “this is the biggest leak in [its] history," considering how careful Apple is to safeguard its codes against this kind of leak.
According to Motherboard, a low-level Apple employee with friends in the jailbreaking community took the code from Apple while working at the company’s Cupertino headquarters in 2016.