For the last few months, information about iOS 14 has been trickling out on the Apple blog 9to5Mac, which obtained a copy of the leak. At the same time, people who trade stolen or leaked Apple code and hardware have been distributing this early version of iOS 14 to several security researchers, giving them an opportunity to take an early look into new code, and find new vectors to attack it, according to four sources in the security research community.“It gives insight into a decrypted copy of the iOS file system months before release so it could be very useful. It’s pre-release, lots could change, but it’s a trove of information,” said Ryan Duff, Director of Cyber Products at SIXGEN, who reviewed the leaked code for Motherboard. “I can’t say this will give an easy jailbreak or anything like that, but it’s way more information about an upcoming iOS than we ever see normally.”
“There's a network of people who have access to such things.”
Do you work or did you use to work at Apple? Do you trade prototypes or do research on iOS? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at email@example.com, or email firstname.lastname@example.org
Last year, a Motherboard investigation revealed the existence of a gray market where smugglers steal early prototypes, or “dev-fused” iPhones from factories in China and then sell them to security researchers and collectors around the world. In the past, Apple has gone after leakers and even a Gizmodo journalist, who found a prototype of an iPhone 4 in a San Francisco bar. It’s unclear what the company will do about this incident, but some in the industry are expecting the worst.“Shit is wild,” said Will Strafach, a former iPhone jailbreaker and now founder of iOS security app Guardian Firewall. “I feel a bit bad for whoever is messing around as Apple does not take kindly to this.”Duff, who has studied iOS for years, said that it’s relatively normal to have some information about the upcoming iPhone and iOS, but this is “definitely a bad leak.”“In recent times we have known almost everything about new models before they were even announced,” Duff said. “This development build leaking is just another example of how Apple's security regarding leaks has deteriorated over time.”Subscribe to our new cybersecurity podcast, CYBER.
“Shit is wild. I feel a bit bad for whoever is messing around as Apple does not take kindly to this.”