Do you have an older iPhone or iPad that runs iOS 9? It’s time to throw it away because Chicken Little says the sky is falling and you are in danger.
Here’s the story. Last week someone released Apple’s iBoot source code for iOS. That’s the iOS bootloader, one component in an iPhone or iPad that helps in the startup process. The source code leak was for iOS 9 and we’re running iOS 11 these days, but there are many tens of millions of devices that could be compromised.
Chicken Little:
The leak of Apple’s iBoot source code onto GitHub is likely to turn older devices into a toxic hellstew of vulnerabilities.
Run for the hills! We’re doomed!
Wait. Nevermind. Apple does not seem to be too worried.
Old source code from three years ago appears to have been leaked, but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built in to our products, and we always encourage customers to update to the newest software releases to benefit from the latest protections.
Chicken Little:
Now that the iBoot source code is in the hands of anyone who wants a copy, it’s likely to give hackers ideas, inspiration, and above all, vulnerabilities to allow them to crack open older devices.
Run for the hills! No. Wait. Been there. Done that.
Here’s the deal. This leaked iBoot source code is what is known as a vulnerability. That means someone with access to the code could create an exploit that could compromise iPhones and iPads running iOS 9.
Key word here is could.
Hackers with the source code would need to figure out where there’s an actual vulnerability for iOS 9 devices, then figure out how to exploit that vulnerability. In most cases they would need your iPhone or iPad, too. Don’t give your iOS 9 device to hackers who have the iBoot source code and you’re probably going to be OK.
Why?
Because Chicken Little makes a living out of yelling “Apple’s sky is falling!”
Henny Penny, more commonly known in the United States as Chicken Little and sometimes as Chicken Licken, is a folk tale with a moral in the form of a cumulative tale about a chicken who believes the world is coming to an end. The phrase “The sky is falling!” features prominently in the story, and has passed into the English language as a common idiom indicating a hysterical or mistaken belief that disaster is imminent. Versions of the story go back more than 25 centuries
Do you have an iPhone or iPad running iOS 9? If it’s upgradeable to iOS 10, do so and you’re in the clear and no pieces of the sky will fall on you. If your iPhone or iPad is a really old device and cannot be upgraded beyond iOS 9, just steer clear of hackers.
Yes, this event was called the “Biggest Leak In History” at Motherboard. It’s not. Why not? First, Apple knows it was leaked and can take precautions in future iBoot code for iOS devices to minimize potential exploits.
Having access to the source code of iBoot gives iOS security researchers a better chance to find vulnerabilities that could lead to compromising or jailbreaking the device, Levin said. That means hackers could have an easier time finding flaws and bugs that could allow them to crack or decrypt an iPhone. And, perhaps, this leak could eventually allow advanced programmers to emulate iOS on non Apple platforms.
And, remember, a vulnerability does not an exploit make.
Vulnerabilities in previous versions of iBoot allowed jailbreakers and hackers to brute-force their way through the iPhone’s lock screen and decrypt a user’s data. But newer iPhones have a chip called the Secure Enclave Processor, which has hardened the security of the device.
The world is full of Chicken Littles and many of them write for technology websites which make a living attacking all things Apple. The sky is not falling. Yet.
But upgrade anyway.