Recent reports reveal Apple’s iBoot for iOS 9 security software leak – known as its “biggest” leak in company history – originated from a ‘low-level’ employee. The news comes after Apple publicly acknowledged the leak last week.
iBoot for iOS 9 is secure software intended to run on iPads and iPhones, however, its source code was leaked to Github last week before the OS officially kicked off.
According to the New York Post, security researchers claim access to iBoot could have huge security implications – even if the data is two years old. iBoot source code could provide jailbreak communities with new ways to hack iOS devices.
The New York Post reports individuals within a jailbreak community encouraged a ‘low-level’ Apple employee to leak iBoot’s source code in 2016, resulting in the biggest leak in Apple’s history.
The source code reportedly hit Reddit in 2017, but went largely unnoticed.
The Apple employee was reported not disgruntled, and simply leaked the files to his jailbreaking friends who were interested in iOS security.
As first reported by Motherboard a source states the employee “pulled everything, all sorts of Apple internal tools and whatnot”.
Originally not intended to leave the close circle of friends, the data was soon leaked further.
Individuals involved in the leak assert the data can be used for malicious purposes:
“It can be weaponized – There’s something to be said for the freedom of information, many view this leak to be good. [But] information isn’t free when it inherently violates personal security.”
“We did our damnedest best to try to make sure that it got leaked [only after the code] got old”.
The New York Post states Apple was aware of the leak well before it was published to Github – the ‘low-level’ Apple employee has reportedly signed an NDA and is refusing to divulge further information.