Key iPhone Source Code Gets Posted On GitHub (vice.com) 188
Jason Koebler shares a report from Motherboard: An anonymous person posted what experts say is the source code for a core component of the iPhone's operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for "iBoot," which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It's the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it's for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000. "This is the biggest leak in history," Jonathan Levin, the author of a series of books on iOS and Mac OSX internals, told Motherboard in an online chat. "It's a huge deal." Levin, along with a second security researcher familiar with iOS, says the code appears to be the real iBoot code because it aligns with the code he reverse engineered himself.
"This is the biggest leak in history," - Get bent! (Score:4, Interesting)
I hope he was being silly and isn't actually dumb enough to believe this is the biggest leak in history. Jesus lol.
Re:"This is the biggest leak in history," - Get be (Score:5, Informative)
My very first thought was... Windows 2000 source code. How is iOS considered larger? In relative market dominance, when the 2k source code was released, Microsoft controlled significantly more market share than Apple does currently.
Re: (Score:2)
Re:"This is the biggest leak in history," - Get be (Score:5, Insightful)
Windows 2000: Version NT 5.0 (business OS only, like NT 4)
Window XP: Version NT 5.1 (business and consumer OS, replacing NT/2000 and 9x)
Their kernels were remarkably similar. Their releases were very close together. XP was simply 2000 with a skin and a few updated applications, otherwise they were essentially the same OS. Regardless of the actual install base of 2000, it was the core OS internals that migrated all of the multimedia and application code from 9x to the NT kernel. It was monumental.
Re: (Score:2)
XP and WS2003 were remarkably similar; 2000 is probably pretty similar to 2003 but in terms of architecture and operational maturity the best example to compare to XP is WS2003.
Re: (Score:2, Informative)
Re: "This is the biggest leak in history," - Get b (Score:1)
What differences do you want to see between the desktop and server versions, other than server services DHCP, print, AD, DNS etc
The Linux kernel and user land are pretty much the same between desktop and server maybe plus some tuning but you can go from server to desktop with a few package add/delete and back
Re: (Score:2)
What differences do you want to see between the desktop and server versions, other than server services DHCP, print, AD, DNS etc
The Linux kernel and user land are pretty much the same between desktop and server maybe plus some tuning but you can go from server to desktop with a few package add/delete and back
Exactly right. I've turned a couple of my old linux PCs into servers of various types depending, when the hardware finally got too ancient for daily desktop use. It was relatively easy and many had package managers that automated the package changes necessary for you. Heck, if you didn't mind the wasted resources/space, and wanted to leave the X server (or whichever other) and Gnome/KDE or whichever desktop you use intact, adding just a few packages will have you a server ready to configure in short order.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
There was also Windows 2000 Professional which was the "workstation" version.
https://en.wikipedia.org/wiki/Windows_2000#Editions [wikipedia.org]
Re: (Score:2)
Yes there was. I remember when my company upgraded my lap top to it from Win98. It was a revelation and it is still my favourite version of Windows.
Re: (Score:2)
This is normal of Microsoft; taking what now is a desktop OS and bolting on features to make a Server edition,
Examples:
Windows 2000 --> Server 2000
Windows XP --> Server 2003 and Server 2003 R2
Server 2003 was slightly different and more developed than XP. Server 2003 "SP0" was roughly equivalent to XP SP1.
When "Windows XP Professional x64 Edition" for x86-64 bit processors was released, it was actually based on Server 2003, and had the same service pack level as Server 2003, not WindowsXP.
Other than that Microsoft kept NT Client and Server at identical kernels.
Re: (Score:3)
The kernels for those systems were similar because a great deal of them was authored by David Cutler and the engineers he brought along from DEC, previously responsible for VMS. It represented a large architectural shift from the DOS kernel and operating system previously used for Microsoft. If the theft of intellectual property involved there can be considered a leak, it might be comparable in size. It was certainly a large economic impact for DEC and Microsoft.
Re: "This is the biggest leak in history," - Get b (Score:1)
You have no clue what youâ(TM)re talking about. Windows ME was a disaster. 2000 was the first mostly stable, mostly plug and play OS Microsoft released. Windows 2000 was NT version 5.0. XP was NT version 5.1.
That is to say that XP was Windows 2000 rebranded and repackaged with a different UI and Internet based Product Activation and marketed toward consumers because the NT code base provided to be better than the bastardized 95/98/ME codebase ever was.
Windows 2000 is one of the best operating systems M
Business vs folks (Score:2)
You have no clue what youâ(TM)re talking about. Windows ME was a disaster. 2000 was the first mostly stable, mostly plug and play OS Microsoft released.
You have no clue how the real world works.
You where "sheltered" from Microsoft's disasters, mostly by being a geek and thus having a clue, and likely because you were already working in some IT field (your enterprise's IT department) which was more likely to pay attention to the business line of Windows (WinNT 3.5, Win NT 4, Win 2000), or at least worked in a company whose IT department got business OS installed (either by ordering business line desktops from a manufacturer, or by buying license for a busin
Re: (Score:2)
Windows 2000 wasn't that popular. At that time most people were using 98 or ME, and the operating system they upgraded to was XP. 2000 was a relatively obscure system, respected, but no more popular than its predecessor, Windows NT 4.
That said, WIndows was closed source. Significant parts of OS X are open source. I know less of iOS is open than, say, macOS, but it'd be interesting to know how much this really adds to the understanding of how iOS works.
Windows 2000 source code was leaked in 2004. At that point XP and Server 2003 were the flagship products, though there was a very good chance that vulnerabilities found in 2000 were still relevant.
Microsoft doesn’t completely rewrite their OS for every new version, they start with the source from a previous version. Consider “WannaCry”: Microsoft released patches for Windows XP through Windows 10. Consider that for every security patch, there’s usually a release for every supported v
Re: (Score:2)
And graphics drivers aren't nearly as important in a business setting as are kernel stability, networking, and security.
If you were focuses on graphics, you were a candidate for XP because of that alone. If you were connecting to a PDC and using shares, you wanted 2K. At least your IT staff did, it was significantly more stable than XP, whether because Microsoft limited the networking code in XP or not.
Re: "This is the biggest leak in history," - Get b (Score:3, Funny)
Also significant, as a result of the leak, large parts of Windows 2000 code was incorporated into the Linux kernel. This gave Linux a strong boost during a time that it was struggling against BSD.
Re: (Score:2)
You remember incorrectly.
It would be highly unlikely and highly improper if any Windows 2000 code found its way into the Linux kernel. And it would also be instantly known by Microsoft. Copyright is still copyright, even if proprietary code leaks. I think we can safely say there was no Windows 2000 code that found its way into the kernel. Furthermore I would bet kernel developers made it their policy to not even so much as look at the leaked code.
It was this leak that really spooked Wine developers. I r
Re: (Score:2)
The AC doesn't "remember" squat. Don't feed the troll.
Re: (Score:2)
My first thought was, "You must be kidding". My second thought was, "Who said that?"
Explanation found. As far as the quoted individual is concerned, if it wasn't Apple it doesn't count.
Re: (Score:1)
There was another quite big leak in 2003 of the Value Half-Life 2 Source Engine Code, the whole engine, that was quite a big thing.
http://www.eurogamer.net/artic... [eurogamer.net]
https://kotaku.com/that-time-a... [kotaku.com]
Re: (Score:1)
The pooch in this case (Apple users) are a realllly big and forgiving pooch. So there's a lot of screwing it can take. By a lot, I mean the dog is the size of a trainload of elephants who all like a good reaming, since they keep coming back for more on a daily basis.
Re: (Score:1)
Jeeze dude... did an apple user hurt you somehow? This is a metaphorical pooch!
Re: (Score:3)
Gee whiz!
Apple's recent gaffs have been stupendous, that's for sure. But really, other than a handful of geeks on the Internet, nobody really gives a shit.
--Android User
Re: (Score:3)
There's very little a company can do to prevent a determined programmer from leaking source code. Source is easily copied, and relatively small, and a module's source has to be present in its entirety on a local machine to compile. Thumb drives are tiny and easily hidden. Programmer's machines, by nature, can't easily be locked down.
What exactly would you suggest they do to prevent leaks like this?
Re: (Score:3)
They should treat their programmers really nice then. And try not to hire crazy ones.
Re: (Score:2)
There's very little a company can do to prevent a determined programmer from leaking source code. Source is easily copied, and relatively small, and a module's source has to be present in its entirety on a local machine to compile. Thumb drives are tiny and easily hidden. Programmer's machines, by nature, can't easily be locked down.
What exactly would you suggest they do to prevent leaks like this?
What I would do is develop a Source Code Control system that put canaries into the checked-out source which are different for each login (e.g., different white spacing in comments, little bits of code reordering, local variable name substitution, etc). It wouldn't do anything to prevent a determined leak (like a snowden, or a chelsea), but perhaps put the fear of retribution into potential leakers hopefully to reduce the actual probability of a leak...
Re: (Score:2)
That may be true, but it's also the case that there's very little anyone else can do to prevent Apple from tracing the source of the leak and providing that information to its lawyers. Theft of company property is still a crime, even if the company is Apple.
Re: (Score:2)
Programmer's machines, by nature, can't easily be locked down.
Nonsense! They most certainly can! Programmers aren't IT. They don't even need Administrator for testing in most cases, and when they do, they can do it in a VM.
How Apple can prevent leaks (Score:2)
Be the fastest. If they had published this source code a few years ago, nobody would care that someone else published another identical branch.
right to repair need to fight to keep this up! (Score:1)
right to repair need to fight to keep this up! or apple will use this case to tell courts why we need to shut down sites with apple only doc's and tools.
biggest leak in history (Score:3)
The bootloader of a phone would be the biggest leak in history?
Wasn't the whole Windows code leaked? I think it was Windows 2000.
Re: (Score:2, Funny)
if (true)
Crash();
Re: (Score:1)
You forgot to put that inside an infinite loop.
Re: (Score:3)
Wasn't the whole Windows code leaked? I think it was Windows 2000.
Yeah, but nobody wanted to get any on them.
Numerous parties have access to the Windows 2000 source code. Governments, corporations... Apple has not intentionally given the code to iBoot to anyone. And virtually all iOS devices are facing the public internet most of the time. Most Windows 2000 machines were corporate, and any corporation which doesn't firewall deserves to fail. Any corporation which doesn't firewall windows deserves to fail twice.
Re: (Score:2)
Most Windows 2000 machines were corporate, and any corporation which doesn't firewall deserves to fail. Any corporation which doesn't firewall windows deserves to fail twice.
XP and Server 2003 were based on 2000 code. The 2000 code was leaked in 2004. It's very likely code for 2000 could be used to develop vulnerabilities that would affect XP.
Re: (Score:2)
Re: (Score:2)
I am pretty sure that outdated boot loader code will have pretty low impact. It could even have been open source like OS X kernel.
Link? (Score:5, Insightful)
Re:Link? (Score:5, Informative)
https://github.com/ZioShiba/iBoot
Re: (Score:1, Informative)
MENU_COMMAND_DEVELOPMENT(eload, do_eload, "tftp via ethernet from hardcoded inst
all server", NULL);
env_set("serverip", "17.202.24.178", 0);
snprintf(cmdbuf, 128, "tftp getscript scripts/%s/%s.%s\n",
LUL
drivers/power/hdqgauge/hdqgauge.c is an interesting read too regarding batterygate.
Re:Link? (Score:4, Informative)
Re: (Score:1)
The interesting thing is that other news sources are saying that Apple has not confirmed the leak, but the DMCA notice at Github came from a law firm stating that they were acting on behalf of Apple as the injured party.
Lazy (Score:1)
Github has a search function. Search it for 'iBoot' and you will find https://github.com/ZioShiba/iBoot
Re: (Score:1)
ANNNNNNNNNNddd.. It's gone!
Re: (Score:1)
Err, you don't know how to search? It's still there...
Re: (Score:2)
Given how some fanbois feel about Apple (Score:5, Funny)
Shouldn't this have been leaked on Pornhub rather than Github?
Re: Given how some fanbois feel about Apple (Score:2)
No real issue here (Score:1)
Big leak huh? (Score:1)
Oh, THAT kind of leak. [wikipedia.org]
Re: (Score:1)
How to secure the iPhone's operating system (Score:2)
--
I'll bet you're the kind of guy that hangs round Reddit fapping off over pictures of furries and yellow-scaled wingless dragonkin
Re: (Score:2)
Re: (Score:1)
Link?
Re: (Score:2)
B/c the core components may need to be updated in certain circumstances.... such as when the source code for your bootloader leaks and gets exploited six ways to Sunday.
Re: (Score:2)
Then I'll set the switch to read/write boot into update mode, update the core, then reboot back into normal mode. For normal operation you don't need write access to any core components. Which is simpler, try and protect the boot sequence from malicious compromise or set the core to read-only-memory.
Re: (Score:2)
Do you? The "ROM" where cryptographic keys are stored is actually a special type of flash memory. It's more accurate to say "Write Once Memory". ... but that doesn't sound very cool. WOM WOM WOM...
WORM - Write Once Read Many
Re: How to secure the iPhone's operating system (Score:2)
Re: How to secure the iPhone's operating system (Score:2)
Apple Product (Score:1)
Today, Apple has presented their newest, bestest and most proudly innovative i-product to be placed on the current market.
Introducing the iBoot. With over 12 folders and a complete set of libraries, it is the best iLeaked series product to be ever placed on the market today. With jailbreak and vulnerabilities fix coming soon from your fellow developers, so why wait to commit on the code? Git your's today on Github.com!
Quick (Score:1)
Quick, somebody find the code that degrades performance based on device age!
Here's an idea (Score:3)
Allow open access to our mobile devices. I have root on any Mac/Windows/Linux system. By rights, I should have the same access on my tablets and phones.
Crazy talk, huh?
Re: (Score:2)
I have root on any Mac/Windows/Linux system.
Unless you turn off System Integrity Protection on your Mac, though, you're still blocked from accessing certain things...
Re: (Score:2)
It's still a minor change to disable SIP, and it's completely documented [apple.com]... no jailbreak required.
File under BFD (Score:2)
Now had a similar chunk 'o 'droid code ended up on github..........
Re: (Score:3)
I'm sure Apple has a team of smart folks going over this code with a fine toothed comb, and any issues found will be fixed soonish.
To be honest, since this code came from apple, I'd be quite suprised indeed if it was never checked for issues.
Old News is Old (Score:1)
"This source code first surfaced last year, posted by a Reddit user called “apple_internals” on the Jailbreak subreddit. That post didn’t get much attention since the user was new and didn’t have enough Reddit karma; the post was quickly buried. Its new availability on GitHub means it’s likely circulating widely in the underground jailbreaking community and in iOS hacking circles."
I highly doubt there is anything useful in this file as there's enough apple folks on reddit to an
Differences between IOS and Darwin (Score:2)
Android Leak Bigger (Score:5, Funny)
Seriously, somebody posted the entire source code [android.com] to Android a while back.
And yet it is still secure (Score:3)
...because, have you ever actually tried to download and build it? You need a supercomputer.
Re: (Score:1)
What about the files you need for the devices. Such as for the motorola xoom?
Comment removed (Score:5, Insightful)
Re:Isn't it time? (Score:4, Informative)
There is literally no legitimate reason
Tinkering with some devices can kill people. Cars, for example. I don't want to be driving down the highway at 80mph next to the amateur who rooted his car's ECM, bypassing safety features in order squeeze out a few extra horsepower, probably following the steps of a Youtube video tutorial.
Re: (Score:1)
Re: (Score:2)
I'm also willing to trade my freedom to shout "Fire!" in a crowded theater in exchange for the safety of not dying in a stampede. No freedom is absolute. That's the philosophy underpinning modern Western society going back to Hobbes and Locke. Individuals sacrifice their natural right to absolute freedom in exchange for the safety and stability that comes with living in a society where people aren't free to rob and murder each other.
Besides, the Ben Franklin quote you're paraphrasing doesn't mean what you [npr.org]
Re: (Score:1)
>Tinkering with some devices can kill people. Cars, for example. I don't want to be driving down the highway at 80mph next to the amateur who rooted his car's ECM, bypassing safety features in order squeeze out a few extra horsepower, probably following the steps of a Youtube video tutorial.
I and many others do that, it's perfectly legal to do it (as it should) and I drive such a car, right next to you.
If I end up killing myself or others (unlikely because car tinkerers are actually knowledgeable because
Re: (Score:1)
You do realize this already happens, right? People install modifiable ECUs into cars all the time for the purpose of getting more horsepower. It's been around for ages at this point.
decades (Score:2)
Dunno about ages but I did this on a friends car long enough ago that to change the injection tables I had to peal back a sticker on a UV erasable EPROM before re-loading. Before that it would have been tuning an analogue paid controller and before that it would have been adjusting a carburetor. No one thinks of that as weird because end users often had to do it.
pid (Score:2)
Pid controller. Autocorrect is even worse than an automatic transmission.
Complex contradictory laws (Score:2)
It should be illegal to manufacture, or offer for sale any device which has a privilege level technically feasible yet unattainable.
On the other hand, due to how things are licensed, it would be illegal for a device to allow someone to emit on frequencies for which that individual doesn't hold a license.
You, as a end-user don't hold a license to operate on licensed 3G/4G frequencies, so you can't hack these.
The manufacturer of your phone and the service provider you use are the one hold the license permitting them to emit on these frequencies so they get to decide what you phone does, because they have to comply to some regulations.
For
Re: (Score:2)
Sometimes there are good reasons to stop people updating code. Cellular modems is a good example - the cell network is shared and only functions because all devices connected to it behave. If people could mod their phone's to hog bandwidth at the expense of other users, it wouldn't be a good thing.
On the other hand there is no reason for the main OS to be open.
Re: (Score:2)
"It should be illegal to manufacture, or offer for sale any device which has a privilege level technically feasible yet unattainable. There is literally no legitimate reason our society should allow non-rootable devices to exist. It's time for the practice to end."
Hmm. I can see where you are coming from in terms of "rights" but, personally, I would like to retain the option to buy a device that wasnt accessible/rootable at deep levels by myself because that would make it much more difficult for a third par
Re: (Score:2)
Isn't it time to get some new laws on the books that recognize an individual's rights to be a superuser on their own equipment?
It should be illegal to manufacture, or offer for sale any device which has a privilege level technically feasible yet unattainable. There is literally no legitimate reason our society should allow non-rootable devices to exist. It's time for the practice to end.
"Your honor, this device was not sold to the customer. Apple retains full ownership of the device, as per the EULA he agreed to. The receipt provided is for a license to utilize the device, charged as a one-time fee."
And that's how that's done.
Don't get me wrong, I fully agree with you, but the OEM remaining the owner is the loophole used to get around this problem.
Re: (Score:3)
Not necessarily. You can rent or lease equipment.
What needs to happen is a clear legal delineation between a purchase agreement and a lease agreement. If you buy your phone, you should have full superuser rights to it, the ability to repair it without the manufacturing designing in pitfalls to coerce you into buying a new replacement instead, the ability to change or modify th
Re: (Score:2)
A lot of devices are sold on the 'cheap razor, expensive blades' model. Having the government mandate people getting root would effectively make this model non viable.
It would also stop a model where people get cheap but temporary access to IP, ie the Tivo model because if they could get root they could rip the IP.
Re: (Score:2)
Ok "cheap printer, expensive ink" then. Though I suppose someone's going to tell me that HP for example sell you a new printhead with each cartridge and that's the expensive part.
Code still in iOS 11? (Score:4, Funny)
Impossible. Used both. iOS 9 was working fine. iOS 11 is a bug nest.
Ceci n'est pas un ananas (Score:2)
This little pragma gem exists to prevent pineapples [instructables.com], presumably: /* This command is not used by release products other than those allowed to perform restore boot. */
#if WITH_RECOVERY_MODE && (!RELEASE_BUILD || WITH_RESTORE_BOOT)
MENU_COMMAND(setpicture, do_setpict, "set the image on the display", NULL);
#endif
Whoever said C is dying needs to re-evaluate (Score:5, Informative)
This boot loader consists of:
13 python tool files (what, not Swift Apple?)
ONE objective-C file (a test program)
16 C++ files which seem to be library related
767 C files + 1196 C .h header files.
C dying? I don't think so.
Re: (Score:1)
Re: (Score:2)
The argument for C was always that its "close to hardware". But its not really. It exposes you to the full dangers of having no bounds checking or pointer safety, but for this you dont get things like :
Being able to introspect and alter the stack (useful for backend for languages that allow stack manipulation)
Partial compilation (useful for homoiconic languages)
Information on the vector locations of machine code for single lines of C code (useful for self modifying code and homoiconic languages using C as a
Re: (Score:2)
All C compilers allow embedded assembler which the C can interact with so anything assembler can do, a C compiler can do.
"Being able to introspect and alter the stack"
If you don't know how to get the size and top of the stack in C then you're not a low level C coder. Hint: alloca() , getrlimit()
"Being able to programmatically control and manage symbol linkage"
Thats odd given the linux kernel and program loader is written in C.
"due to the lack of any maps of the data structures."
Data structure maps are meta
mirror (Score:1)
Source code (Score:1)
Re:I downloaded the source code. (Score:5, Funny)
And yes, this corresponds with what I have reverse engineered from the iPhone, so it appears legit.
Re: (Score:2)
Because it only happens on this site. Find me another one where it happens.