Pixel Envy

Written by Nick Heer.

The Early Build of iOS 14 That’s Floating Around Was Likely Extracted From a Stolen Development iPhone

Remember when, a few months ago, MacRumors and 9to5Mac independently dropped a whole bunch of iOS 14 details without disclosing a source beyond “leaked code”? Even for a necessarily discreet acknowledgement, that barely counts as explaining how much of the OS had leaked and why either publication believed the code to be genuine.

A new report today from Lorenzo Franceschi-Bicchierai of Vice helps answer those questions:

Motherboard has not been able to independently verify exactly how it leaked, but five sources in the jailbreaking community familiar with the leak told us they think that someone obtained a development iPhone 11 running a version of iOS 14 dated December 2019, which was made to be used only by Apple developers. According to those sources, someone purchased it from vendors in China for thousands of dollars, and then extracted the iOS 14 internal build and distributed it in the iPhone jailbreaking and hacking community.

[…]

Leaked Apple code, documentation, and hardware is often traded on Twitter using a hashtag called #AppleInternals. The people trading or selling this information are often pseudonymous, but have proven time and time again to have legitimate Apple information or hardware. This particular version of iOS 14 has been traded on Twitter but also among networks of jailbreakers and security researchers. Two security researchers told Motherboard they have (and are probing) iOS 14, and two said they heard it was being offered but were staying away from it, fearing repercussions from Apple.

For what it’s worth, the hashtag is #AppleInternal, not #AppleInternals. Also, I don’t think it’s a big shock that Apple is not too thrilled that a stolen copy of a very early build of iOS 14 is being shared publicly and probed by unauthorized people. It’s one thing for a public or semi-public copy to be explored for vulnerabilities; it is entirely another to be researching an unfinished build intended solely for internal use.

Last year, a Motherboard investigation revealed the existence of a gray market where smugglers steal early prototypes, or “dev-fused” iPhones from factories in China and then sell them to security researchers and collectors around the world. In the past, Apple has gone after leakers and even a Gizmodo journalist, who found a prototype of an iPhone 4 in a San Francisco bar. It’s unclear what the company will do about this incident, but some in the industry are expecting the worst.

This whole article paints Apple as unreasonably protective of its confidential property, verging on vindictive. This paragraph, specifically, ties the purchase of the unreleased build of iOS 14 to the Gizmodo iPhone 4 case, implying that Apple will, I guess, exact revenge upon MacRumors and 9to5Mac reporters who wrote about the code they obtained.

But the angle of this article depends on how the Gizmodo case is described — and, here, it is reported inaccurately. A Gizmodo journalist did not find a prototype. Gizmodo bought the prototype for $5,000 after being contacted by the guy who stole it from an Apple engineer’s bag. Is it such a surprise that a company — any company — does not take kindly to having its stolen goods trafficked?

I would be surprised and dismayed if Apple attempted to search or press charges against the reporters writing about the iOS 14 builds that were leaked to them. I do not think it is outrageous for Apple to go after whatever source bought the stolen iPhone that contained the code, nor do I think it was wrong when the police investigated Gizmodo’s purchase of a stolen prototype. Those are vastly different things from both a reporter’s ethical perspective, as well as a more obvious legal perspective.