Skip to main content

Apple demands DMCA takedown of secret iBoot code leaked on Github

Leak of iBoot and other sensitive code began with low-level Apple employee

apple top secret iboot code leaked on github iphone 6 outdoors
A portion of Apple’s proprietary source code for iOS devices has been leaked online. The code, labeled ‘”iBoot,” is responsible for ensuring only trusted versions of iOS can boot on Apple devices.

Shortly after Apple learned of the leaked source code, the company issued a Digital Millennium Copyright Act (DMCA) takdeown request to Github, requesting its immediate removal. Apple’s DMCA request was published by Github and states that the reason for the request is because “the ‘iBoot’ source code is proprietary and it includes Apple’s copyright notice. It is not open-source.” Github complied with the request and removed it from the repository of a user named ZioShiba.

Although the leaked code appears to be for an older version of the operating system, iOS 9, it may contain relevant code still used in iOS 11. While Apple does make some portions of its code open source, iBoot has never been included and is closely guarded by the company.

The leak apparently began with a low-level Apple employee, according to a story on Motherboard.  The story claims that friends encouraged the employee to share code to help them conduct security research. Motherboard also claims that iBoot was not the only sensitive code shared by the Apple employee; the story says it was provided with screenshots of additional code that was dated around the same time.

According to Motherboard, the Apple employee originally shared the iBoot source code with a group of five friends in 2016. The friends claim to have closely guarded the code, however, the group eventually began sharing the code with a wider group of people and eventually lost track of who had access to the code.

members of the original group that had access to iBoot believe the person who shared it on Github only obtained the code after they lost track of it. They claim that the code posted by ZioShiba was a copy of the code they received.

While ZioShiba was the first to post the iBoot source code on Github, this is not the first time the code has appeared online. Last year, a Reddit user named apple_internals published the same code on Reddit, however it failed to gain the same amount of attention. The code has also been circulating around jailbreaking groups in Discord.

Apple issued a statement assuring users that the leaked code was outdated and there is no need for alarm. “Old source code from three years ago appears to have been leaked but, by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built in to our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.”

Since 2013, Apple has included a Secure Enclave chip on iPhones. It effectively creates a separate computer within the iPhone to store both encryption and decryption keys, as well as other sensitive data.  Since Secure Enclave uses a physically embedded key to authenticate, it creates a scenario where it’s nearly impossible for hackers to access sensitive information by brute force.

Updated February 9: Clarified reason Apple employee leaked code. 

Editors' Recommendations

Steven Winkelman
Former Digital Trends Contributor
Steven writes about technology, social practice, and books. At Digital Trends, he focuses primarily on mobile and wearables…
I found a huge problem with the new ChatGPT iPhone app
ChatGPT app running on an iPhone.

Seemingly out of nowhere, OpenAI released its official ChatGPT iOS app this week. Available for both iPhones and iPads, the free app allows you to use the popular AI chatbot in a much simpler, easier way than ever before. No more messing with the mobile website or trying to fiddle with uncertain third-party apps — just download the official ChatGPT application, and you're good to go.

It's a big step forward to make ChatGPT more accessible and to get it into the hands of more people. Naturally, I was curious to test it out for myself. I've been using the ChatGPT iPhone app to ask the chatbot various questions, and while the whole thing works just like you'd expect, there's one big, glaring problem that makes me never want to touch the app again.
The ChatGPT iPhone app's biggest limitation
ChatGPT (left) vs. Perplexity AI (right) Digital Trends

Read more
Let’s be clear, Apple — it’s time to make a transparent iPhone
Deep Purple iPhone 14 Pro with Beats Studio Buds+ in Transparent

Apple has released a new product that's gotten a lot of attention because of an awesome new color option. No, it’s not an iPhone, iPad, or even an Apple Watch. Heck, it’s not even the AirPods Pro 2. So, what am I talking about?

Apple acquired Beats by Dre in 2014, and this week, Beats dropped the new Beats Studio Buds+, which are pretty similar to the AirPods Pro 2, but cost less dough. And they come in one of the coolest colors I’ve seen in a long time: transparent.

Read more
iOS 16.5 is bringing two exciting new features to your iPhone
apple launches ios 16 5 new pride wallpapers more wallpaper update

After about a month in the beta testing stage, Apple is finally rolling out iOS 16.5 to the public. This is a surprisingly nice update, as it includes a few new features and some bug fixes.

One of the headliner features of the iOS 16.5 update is the addition of new Pride Celebration wallpapers. This wallpaper can be used for the lock and home screens, and it is meant to honor the LGBTQ+ community and culture. This wallpaper is being released ahead of the Apple Watch Pride Edition Sport Band, which will be available starting on May 24.

Read more