'iBoot' leak may stem from low-level Apple engineer with ties to jailbreaking community

article thumbnail

This week's publishing of the "iBoot" source code for iOS 9 can be traced back to a "low-level" Apple employee who shared it with a small group of jailbreaking friends — and may not have wanted it to go beyond that circle, a report claimed on Friday.

The person was encouraged to use their inside access to help the friends out, Motherboard said. On top of iBoot, the employee is said to have taken additional code — which has yet to be widely shared — and distributed all of the material with a group of five people.

"He pulled everything, all sorts of Apple internal tools and whatnot," one friend noted.

Two of the friends said they hadn't planned on the stolen code leaving their group, but that it nevertheless ended up being shared more broadly and hence out of their control.

"I personally never wanted that code to see the light of day. Not out of greed but because of fear of the legal firestorm that would ensue," one person elaborated. "The Apple internal community is really full of curious kids and teens. I knew one day that if those kids got it they'd be dumb enough to push it to GitHub."

They argued that the initial group did its "damnedest" to make sure the code didn't leak until it was already old and less of a threat. Nevertheless, someone shared it with a person outside of the original circle a year after it was stolen, and it began spreading further and further during 2017.

The situation culminated with iBoot's appearance on GitHub. Apple subsequently issued a DMCA takedown, but downplayed the threat, saying that updated iPhones and iPads should be secure.

An anonymous Apple worker told Motherboard the company knew about the iBoot leak before it arrived on GitHub, but wouldn't say when it was discovered.