Motherboard is out today with a follow-up on how Apple’s iBoot source code was leaked. While Apple has responded that it’s not an issue for the security of current products, some believe it could still be important in finding new vulnerability and bugs in iOS. Here’s the latest on how it all happened.
Motherboard looked more into how the iOS source code was leaked. It corroborated information from two sources claiming that they had been given the iBoot code by a low-level Apple employee in 2016, who the publication was unable to speak with.
The original Apple employee did not respond to our request for comment and said through his friend that he did not currently want to talk about it because he signed a non-disclosure agreement with Apple.
While many might imagine a disgruntled employee, Motherboard reports that Apple encouraged employees to seek help from friends outside of the company.
According to these sources, the person who stole the code didn’t have an axe to grind with Apple. Instead, while working at Apple, they were encouraged to use their access to help their friends in the jailbreaking community with their security research by leaking them internal Apple code. And they did.
The anonymous sources say that they were part of a group of five individuals who were given the leaked iBoot code. There weren’t any plans to widely share the information initially, but was naturally spread later on.
Both of our sources say they believe that someone not associated with the original leak ultimately posted it on GitHub: “What leaked yesterday isn’t even the full leak really. It’s not the original leak—it’s a copy,” one of them said.
While the leak just gained mainstream attention this week, the code has been floating around for a while.
Motherboard confirmed that this particular source code began circulating more widely in 2017 with a fourth and fifth source who are familiar with the jailbreaking and iPhone research communities.
Check out the full story from Motherboard here.