Wednesday, 12 December, 2018

Crucial iPhone source code posted in unprecedented leak

“Biggest iPhone Code Leak?” — Source Code Of The Most Critical Part Of iOS Dumped On GitHub iPhone iBoot Source Code Leaked Online Sparking Security Headache For Apple
Troy Mann | 09 February, 2018, 02:01

Here's hoping Apple is right, because the code was up long enough for it to spread far beyond GitHub.

Motherboard reported the leak last night after what appeared to be source code for iBoot was posted publicly online. The leak doesn't affect users and and isn't an immediate cause for concern; however, it may help security researchers find vulnerabilities which could compromise a device or possibly contribute to a jailbreak.

iBoot is the first program that boots when an iPhone is turned on.

iBoot is described as the BIOS of the iPhone and is responsible for loading and verifying that the kernel is signed by Apple and then executes that kernel.

As ever, Apple recommends updating the latest version of iOS to ensure current security fixes are in place.

Dozens more people die from flu in North Carolina
What health officials are calling a "severe" flu season claimed another four lives across the London area last week. More information about the Flu Buddy Program can be found on the Carolina Dining Services website .


49ers, Garoppolo agree to 5-year, $137.5M deal
The deal puts other likely free agents contracts into question including Washington Redskins quarterback Kirk Cousins . Those five wins matched the total the Niners had posted in their previous 34 games combined.


S.Korea seeks understanding for breaking NK sanctions
The North Korean delegation will not be seeking a meeting with the USA on the sidelines of the Winter Olympics in Pyeongchang . Thursday's parade did include several intercontinental ballistic missiles (ICBMs) but was shorter than April's demonstration.


For a brief moment Thursday morning, a section of iOS 9's source code was widely available on GitHub. "It's a huge deal".

The iBoot source code could also enable programmers to eventually find a way to emulate iOS on devices other than iPhones and iPads, which would be a big thorn in Apple's closed ecosystem approach.

According to experts, this may not be too much of an obstacle for hackers and researchers as the existing code could still provide a treasure trove in terms of locating vulnerabilities and creating device jailbreaks for an iPhone or iPad. Another security researcher says the code is real. GitHub took it down shortly after it received the notice. By exposing this code, it also opens new avenues for Jailbreakers. iPhones and iPads used to be fairly easy to Jailbreak back in the day, but with the launch of TouchID on the iPhone 5s, Apple introduced the "Secure Enclave co-processor", which made exploits hard to uncover.

IT Pro contacted Apple for comment on the matter, but hadn't received a reply at the time of publication.

Interestingly, the same source code was also published on Reddit four months earlier by a user named apple_internals. "It is not open-source". It's likely we'll see some changes in the source code moving forward in order to address some of the damage that is now possible at the hands of enterprising hackers.

Recommended

Ford Transit Connect Wagon Revealed Ford Transit Connect Wagon Revealed The Transit Connect Wagon's 2017 sales of 34,470 units were almost double the next runner up, the Nissan NV200 . Both engines mate to an eight-speed automatic transmission and have a fuel-saving stop-start function.

Nintendo eShop will accept My Nintendo gold points in March Nintendo eShop will accept My Nintendo gold points in March Of course, you can also continue to redeem your points for existing My Nintendo rewards for Wii U or Nintendo 3DS systems. With a bit more elaboration, here's how new Nintendo rewards will function.

Twitter makes first ever quarterly profit Twitter makes first ever quarterly profit But for every silver lining, there's a grey cloud, and Twitter can't rely upon rosy user numbers to bolster the good mood. Segal noted that honing these abilities would also work to Twitter's advantage when courting new users.

Donald Trump aide Rob Porter resigns after reports on alleged domestic abuse Donald Trump aide Rob Porter resigns after reports on alleged domestic abuse On Thursday, the National Organization for Women released a statement blasting him as an enabler and calling on him to step down. Keilar pointed to CNN's and Politico's reporting indicating that Kelly had known about the abuse for some time.

Watch the Full Trailer for Marvel's Jessica Jones Season 2 Watch the Full Trailer for Marvel's Jessica Jones Season 2 A new trailer for the second season of the popular Netflix and Marvel superhero drama, Jessica Jones , has been released. In Marvel Comics lore, Patsy is better known as Hellcat, an occasional Avenger and hero in her own right.

Mattis to Congress: I'm wasting my time if you don't pass budget Mattis to Congress: I'm wasting my time if you don't pass budget Adam Smith (D-Wash.), the committee's ranking minority member, didn't take kindly to Mattis' criticism. "That support should not be conditioned on any other issue" such as spending on domestic programs.

Khaleda proclaims innocence ahead of graft verdict Khaleda proclaims innocence ahead of graft verdict Earlier violent clashes broke out between security forces and pro-opposition protesters in the capital Dhaka . Brad Adams, Asia director at HRW, said it was crucial for security forces to act with restraint at all times.

Chipotle Announces Enhanced Benefits For Employees From Tax Savings Chipotle Announces Enhanced Benefits For Employees From Tax Savings Mcf Ltd Liability holds 0.02% or 1,692 shares in its portfolio. 251,457 are held by Financial Bank Of Ny Mellon Corp. CA purchased a new position in shares of Chipotle Mexican Grill in the third quarter valued at about $54,272,000.

Former STALKER Devs Announce Fear the Wolves Former STALKER Devs Announce Fear the Wolves PlayerUnknown's Battlegrounds has inspired tons of new battle royale games to pop up over the previous year due to its success . Fear the Wolves is planned to enter Early Access on PC prior to its full release on the platform as well as across consoles.

Greg Schiano Staying At Ohio State, Not Leaving For Patriots Greg Schiano Staying At Ohio State, Not Leaving For Patriots According to Bruce Feldman of Fox Sports , Schiano has made a decision to remain with the Buckeyes. The Buckeyes have one of the top recruiting classes in the country.

Knicks trade Hernangomez to Hornets Knicks trade Hernangomez to Hornets Several teams had engaged in talks for Hernangomez over the past month, but Charlotte worked to finalize a deal Wednesday. He signed a 10-day contract with Denver last season, and then two 10-days with Charlotte before getting a multiyear deal.

31 civilians killed in Eastern Ghouta airstrikes The Organisation for the Prohibition of Chemical Weapons said a fact-finding mission "is investigating all credible allegations". Assad to negotiate with his opponents, including with some of the armed factions, although so far he has shown no inclination.

SC quashes all iron ore mining leases in Goa SC quashes all iron ore mining leases in Goa Environmenalists have been campaigning for a ban on iron ore mining in the state on grounds of pollution and degradation of mines. Goa, which mostly produces low-quality iron ore, used to export about 50 million tonnes of ore a year before the ban was imposed.

Preliminary rating puts Super Bowl just behind last year's Preliminary rating puts Super Bowl just behind last year's More than 10,000 people have volunteered to help during Super Bowl week, according to the Minnesota Super Bowl Host Committee. These include this week's Super Bowl Experience at the Minneapolis Convention Center.

School bus and vehicle collide causing 26 casualties in horror crash School bus and vehicle  collide causing 26 casualties in horror crash Bus Éireann said the bus involved was a "sub-contracted vehicle on one of the company's school transport services". The hospital had set up a dedicated incident group to respond to the crash, but that has now been stood down.