Apple’s software leak is not that big a deal

Anthony Caruana
12 February, 2018
View more articles fromthe author
AAA
News

This editorial was first published in our weekly newsletter. Subscribe to get Mac and Apple news delivered to your inbox each week.

After years of touting their security credentials, Apple has had a very tough time lately. yesterday, it was revealed that some of the source code – the underlying computer programming – from part of iOS 9 was made publicly available on GitHub (an online repository where software developers share source code).

While Apple has downplayed the significance of the leak – the software in question is over two years old and related to iOS 9 – it’s another distraction at a time when Apple should be enjoying the positive publicity of a new product release with the HomePod.

The leaked software isn’t all of iOS 9. It’s a component called iBoot. his is the software that first runs when an older iPhone powers on. it checks that the version of iOS that is installed is a legitimate version that has been authorised by Apple. Once iBoot does that and a few other housekeeping tasks, it lets iOS load and you can start making calls, brewing the interest, send and receive email and date time playing your favourite games.

iOS 9 is only running on a very small number of devices today. Just 7% of iOS users are on a version that predates iOS 10. and although the leaked software (which has been removed from GitHub but no doubt copied to thousands of computers already) could theoretically be used to find a vulnerability that bad guys could use to attack someone, the likelihood of such an attack being successful or worth the effort remains pretty small.

More likely, bad guys will use the code to probe for vulnerabilities hat existed in iOS 9 that have yet to be discovered and remain in newer versions of iOS. Or the jailbreak community learns something new they can se to allow iPhone and iPad users to “side load” apps that haven’t been through the App Store approval process.

In short, I think this is a storm in a teacup. But, when you consider the iPhone battery issues, the Spectre and meltdown CPU issues, and delays in the release of the HomePod it seems that Apple’s teacup has been particularly volatile.

I suspect that if someone asked Tim Cook what he’d like the rest of 2018 to look like, he’d say “Boring”.

By the way, in the next few weeks I’ll be speaking at a couple of user group meetings in Melbourne. My good friend Les and I will be chatting bout home automation at iMug on Tuesday 27 February 2018 (see: www.imug.com.au), and I’ll be presenting at AUSOM (see: https://ausom.net.au) on Saturday 3 March 2018, chatting about security. Feel free to stop in to one or both of those and say hi.

And remember, if you’d like me to come by and visit your user group, let me know. Although I’m based in Melbourne, I do travel a bit so I’ll try to make interstate visits work if I can.

Leave a Comment

Please keep your comments friendly on the topic.

Contact us