What iBoot is and how it affects your filtering as an iPhone user - CYDIAPLUS.com


Post Top Ad

Post Top Ad

Saturday, 10 February 2018

What iBoot is and how it affects your filtering as an iPhone user

Yesterday, the news went viral, which started on Motherboard : someone had uploaded the source of the iOS 9 code to GitHub . By the way and as a curiosity, months before someone had already uploaded to Reddit , without achieving repercussion. We were before the largest and most serious leak in the history of Apple .

In fact, it leaves far behind when Apple released the HomePod firmware for developers and we could read details about the iPhone X. Yes, by that time we called the media iPhone 8. With that leak we saw the popular "notch" today and discovered facial recognition , the letter of introduction of the new Apple flagship. Neither Touch ID or Home button was a disjunctive change that left us with our mouths open ... but that the analyst Ming-Chi Kuo had counted 5 months before.

Well, all that remains in an anecdote compared in the publication of the source code of iBoot. Anyone could see the code loaded by Apple on their mobile devices, something that raised all kinds of suspicions about exploits, security holes, possible attacks and hacks ... even jailbreak!

Now we have more information about this and the call to calm by Apple , which ensures that it is an outdated code and layers of additional hardware and software security with respect to an operating system that is 3 years old .

What is iBoot?

The iBoot is the source code developed by Apple to run the operating system on their iPhone and iPad. Specifically, it is responsible for the safe start of the system. If we make an analogy with computers, it would be something similar to the BIOS .

As Jonathan Levin of Motherboard explains:

    iBoot is the component that Apple has maintained to encrypt its 64-bit devices. And now it's simple open source.

Although it is a source code of 2015, it may still be relevant for security researchers and hackers who are looking for holes in the security of iOS.

In fact, vulnerabilities detected in previous versions of iBoot led to hackers breaking their security by skipping their lock screen and decrypting devices. Fortunately, this is no longer possible thanks to the Secure Enclave that the iPhone has on its motherboards.

What does Apple say?

A few hours after running like wildfire, Apple confirmed the veracity of the source code and insisted that security does not depend on keeping it secret or not. And is that 3 years later, in Cupertino have reinforced security to the maximum respect to iOS 9 with numerous hardware and software tools:

    Old 3 year old code has been leaked, but the security design of our products does not depend on the secrecy of our source code. There are numerous protective layers of hardware and software above it and we always encourage our users to update their software to the most current for their safety. 

Lawyers for the bitten apple have described the leak as " a reproduction of the source code of Apple iBoot, which is responsible for iOS software operations ." They have also insisted on the ownership of this code: " iBoot is owned by Apple and includes its copyright. It's not open source . "

In fact, the consequences have not been long in coming: on GitHub the filtering has already been removed and replaced by an intellectual property infringement act. However, neither Apple nor anyone can erase something that has already seen the light on the internet because something disappears is not possible. 

How does it affect the security of my iPhone and iPad?

Be that as it may, this source code is now three years old , so it is necessary to assess the exact impact that it could have on iPhone and iPad users at all levels.

Mobile security analyst Will Strafatch explained in his Twitter account that this filtering does not mean that the iOS 11 jailbreak is going to accelerate , nor the possibility of downgrading our devices, dual starts or even running Android on an iPhone: 

And it is that all these operations may be exciting to some users, but that the integrity of the source code was broken, it also had a B side: that an unbreakable operating system even for the FBI could be decrypted by hackers and suffer attacks that put our privacida d.

Obviously the experts will have taken good note of the source code to find those holes, but Apple has been clear: it has worked hard to incorporate more security barriers at all levels .

But for that, it is essential that you have your device updated. iOS is the mobile ecosystem that takes care of your devices in this sense , so not only for the new features but for security, always install the latest updates on your iPhone or iPad . 

No comments:

Post a Comment

Post Top Ad