Apple Facing Security Nightmare as iOS 9 Source Code Leaks [telecom]

If leaking source code causes a security nightmare, then they had a security nightmare before the source code leaked. Apple doesn't seem to think it's a "nightmare", even though they don't like their source code leaking out (and it makes their customers wonder if their personal information is also leaking out). I'm sure lots of people had that code disassembled before someone uploaded it to GitHub. Oh, yes, the code is also three years old.

It's very difficult to prevent disassembly of boot code, especially when the owner of the phone has to be able to boot the phone without calling over an Apple Tech Support Person to enter a password every time the phone has to be booted (especially considering the problems that cell phones have had with batteries). And since booting a phone is so common, *SOMEONE* would be able to look over the shoulder of the tech support person and get the password.

If (most of) the boot code is encrypted, the key has to be somewhere on the phone so the phone can boot. This is also a fundamental problem with so-called Digital Rights Management, in which your customer is considered the enemy, and you can't require downloading the media from an Apple-controlled server every time, because it would

(a) require way too much bandwidth

(b) not work in an area with no cell service, like a customer on a subway or bus in a tunnel,

(d) someone would intercept the media as it is transmitted over the Internet, even if it is encrypted, and

(e) it's so unreliable you'd never be able to sell it to anyone.