Last week, Apple's walled garden suffered a major breach as the iBoot code for iOS leaked onto the web. The code was posted to GitHub and had been downloaded by many before Apple's DMCA took effect. How did such critical iOS code leak in the first place? Well apparently it was the doing of a low-level intern at the company.
The iBoot code leak was heralded as the “biggest leak” in the history of iOS, with researchers claiming that the code could lead to iOS emulation and open the door for future jailbreaks. Apple is usually pretty bad at keeping upcoming products under wraps, but a code leak like this is a rare sight. According to sources speaking with Motherboard, this all came down to an intern working at Apple, who stole the code over a year ago.
According to the source, the person who stole the code and leaked it didn't necessarily have anything against Apple. However, friends of the employee encouraged them to leak the code for the jailbreaking community. The employee took the code and shared it with a small group of five people, likely not expecting it to spread as far as it did. However, as we know, the code ended up on GitHub.
According to two of these five people, the group didn't intend for the code to leave their hands. Not out of greed, but rather in fear of Apple's relentless legal department. In addition, the people involved acknowledged that if the code spread too widely, it could enable hackers to create various security exploits and malicious jailbreaks to attack iOS users.
The iBoot code was actually taken outside of Apple in 2017 and given to this small group of jailbreakers. However, at some point one of the five shared the code with “someone else who shouldn't have had it”, eventually a group on Discord not affiliated with the original five to receive the code, began sharing screenshots of it. At that point, it was too late and the iBoot code had spread too far to contain, leading to the GitHub leak last week.
KitGuru Says: The original group to receive the code are adamant that their intentions were non-malicious but at some point, they got a tad careless and lost control. Still, I'm very surprised to hear that the code was originally taken last year, it did manage to stay under wraps for quite some time.