Credit: Apple
Apple has said that a major component of its iOS source code that was published on code-sharing site, GitHub, was old and is unlikely to pose a security threat to iPhone users.
A statement by Apple, published in its entirety by MacRumours, said: “old source code from three years ago appears to have been leaked, but by design the security of our products doesn't depend on the secrecy of our source code.
“There are many layers of hardware and software protections built into our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections,” the statement said.
According to sister publication, Macworld, the iOS source code that was leaked online has since been pulled down from the GitHub site, but not before it was made available for others to obtain copies of it.
Apple used provisions within the Digital Millennium Copyright Act provisions Apple to get the code taken down from the site.
In its takedown letter, the company’s legal team said that the content in question was a "reproduction of Apple's "iBoot" source code, which is responsible for ensuring trusted boot operation of Apple's iOS software. The 'iBoot' source code is proprietary and it includes Apple's copyright notice. It is not open-source."
The code in question is for a version of iOS 9.3, which was released in spring 2016 and brought features such as Night Shift and various other improvements.
The portion of the code that leaked is called iBoot, and as its name suggests, it controls the trusted boot-up process that springs into action every time an iPhone is started up.
According to Apple, the iOS bootloader "is the first step in the chain of trust where each step ensures that the next is signed by Apple". If it is compromised, it could allow infected software to run on the device.
(With additional reporting by Michael Simon, staff writer, Macworld)
