Corellium Responds to Apple Lawsuit, Claims its iOS Virtualization Software Helps Apple

Apple in August filed a lawsuit against Corellium, a mobile device virtualization company that supports iOS, with Apple accusing Corellium of copyright infringement for replicating the operating system that runs on the iPhone and iPad.

As noted by Motherboard, Corellium today filed its response to Apple's lawsuit, accusing the Cupertino company of owing $300,000 and claiming that its software helps Apple by making it easier for security researchers to track down iOS bugs.

corellium

A virtual ‌iPhone‌ on Corellium's website used as evidence in Apple's lawsuit against the company

According to Apple, Corellium's product infringes on its copyrights by creating digital replicas of iOS, iTunes, and other apps and software. "Corellium has simply copied everything: the code, the graphical user interface, the icons - all of it, in exacting detail," reads Apple's lawsuit.

Corellium designed its software to create virtual iOS devices able to run iOS, and has encouraged researchers and hackers to use it to find and test vulnerabilities.

According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices. With this lawsuit, says Corellium, Apple is aiming to control who is allowed to find vulnerabilities in its software. This is a position that is also supported within the security community, according to Motherboard, and many security researchers were surprised by Apple's initial lawsuit.

Through its invitation-only research device program and this lawsuit, Apple is trying to control who is permitted to identify vulnerabilities, if and how Apple will address identified vulnerabilities, and if Apple will disclose identified vulnerabilities to the public at all.

One of Corellium's key arguments is that its customers are seeking bugs with the intention of alerting Apple of their existence, which Motherboard points out is just an assumption and, based on evidence, not true. One customer highlighted in Corellium's legal response, for example, is Azimuth, a company that does not report bugs to Apple.

Instead, Azimuth sells hacking tools based on those bugs to law enforcement and intelligence agencies in countries like the United States and Canada.

Corellium also argues that Apple has known about the company for years and has been friendly to Chris Wade, one of Corellium's founders. Corellium says that Wade was invited to join Apple's bug bounty program. Wade has since reported seven bugs to Apple without receiving payment, which is why Corellium argues that Apple owes $300,000.

Apple declined to provide Motherboard with a comment on Corellium's legal response. Apple is continuing to seek a permanent injunction to prevent Corellium from offering a product that replicates iOS. Apple also wants Corellium to destroy all infringing materials that it's collected, and pay Apple damages, lost profits, and attorney fees.

Top Rated Comments

chucker23n1 Avatar
60 months ago
Regardless of where you stand, this argument doesn't hold water.


According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices.
Really? Your product is for security purposes? That's weird, because your anemic website makes the completely different case that it's for mobile development.

That’s no simulator.
Mobile Device Virtualization:
The Future of Mobile Development
Guess the legal team needs to quickly tell the marketing team what the product is allegedly for?

And secondly, suppose it is secondarily intended for security purposes. Why does this matter? I can't just declare something "fair use" just because I personally find my use case noble. That's not remotely how copyright works.

If you agree with Corellium's point of view, then at best, Apple is being grossly negligent by not letting third parties use Corellium to discover potential security issues. And if you feel that way, you should alert Apple's customers about that. But from a copyright point of view, that's still for Apple to decide.
Score: 13 Votes (Like | Disagree)
bbeagle Avatar
60 months ago
So, according to Corellium, I could break into people's homes if I'm there for the purpose of helping them out.

I'll break into people's homes, open their refrigerators, check the expiration dates on their eggs and milk. And if they're expired, I'll write the home-owner a note on the kitchen table letting them know.
Score: 12 Votes (Like | Disagree)
markgpearse Avatar
60 months ago
Seems like a slam dunk for Apple.
Score: 9 Votes (Like | Disagree)
chucker23n1 Avatar
60 months ago

Bud, I don't care how lawyers argue intellectual property rights or EULA.
And yet you literally joined a thread about a lawsuit about intellectual property rights. Weird.
Score: 5 Votes (Like | Disagree)
Peace Avatar
60 months ago
They can do this because they think they are helping Apple..

Priceless..

Say..I'm helping Apple so I'm gonna make copies of Mac O/S..
Score: 5 Votes (Like | Disagree)
Kabeyun Avatar
60 months ago

Too many here are not getting the use case for this, equating it to plain 'thievery'. This seems like a pretty neat research tool, that does what vmware/vbox/parallels do for desktop virtualization.

Regardless of the turn out for this, Apple really just wants to control how people are able to do security research on their devices. Considering how things went this past summer for webkit security and their response and the mess that has been the current 13/15 releases, they probably should do a better job opening up the system for security research. (yes I know about the recent changes to the bug bounty program)
I’m so relieved that Corellium has explained this for Apple’s lawyers. Once Apple realizes they were actually incorrect to sue them, I’m sure they’ll drop the lawsuit.
Score: 3 Votes (Like | Disagree)

Popular Stories

iOS 17

iOS 17.5 Bug May Also Resurface Deleted Photos on Wiped, Sold Devices [Updated]

Friday May 17, 2024 12:24 pm PDT by
A bug in iOS 17.5 is apparently causing photos that have been deleted to reappear, and the issue seems to impact even iPhones and iPads that have been erased and sold off to other people. A Reddit user wiped an iPad following Apple's guidelines in September of 2023 before selling it off to a friend. That friend updated the iPad to iPadOS 17.5 this week, and began seeing the Reddit user's old ...
iphone se 4 modified flag edges

When to Expect the Next iPhone SE to Launch

Friday May 17, 2024 2:03 pm PDT by
It has been over two years since Apple released the third-generation iPhone SE, and rumors continue to surface about a new model. The latest word comes from The Information, which today reported that Apple plans to release a new iPhone SE with a design similar to the standard iPhone 14 in the spring of 2025. If this rumor is accurate, the iPhone SE would finally gain Face ID and a notch...
oled m4 ipad pro grainy display reports

OLED iPad Pro Users Report 'Grainy' Displays, But It May Not Be a Defect

Friday May 17, 2024 5:57 am PDT by
Some new M4 iPad Pro models are exhibiting a visible static grain pattern across the OLED display, according to several user reports on Reddit (1, 2, 3) and the MacRumors Forums. Image credit: MacRumors user bk215 Users who see the grain generally report that it is most noticeable in dark environments with the display set at a low to medium brightness while viewing content with gray or muted...
iOS 17

Troubling iOS 17.5 Bug Reportedly Resurfacing Old Deleted Photos

Wednesday May 15, 2024 5:29 am PDT by
There are concerning reports on Reddit that Apple's latest iOS 17.5 update has introduced a bug that causes old photos that were deleted – in some cases years ago – to reappear in users' photo libraries. After updating their iPhone, one user said they were shocked to find old NSFW photos that they deleted in 2021 suddenly showing up in photos marked as recently uploaded to iCloud. Other...
iPhone 16 Camera Lozenge 2 Perspective

iPhone 16 Lineup Rumored to Come in These Two New Colors

Sunday May 19, 2024 11:08 am PDT by
Apple analyst Ming-Chi Kuo today outlined his expectations for the iPhone 16 lineup's color options, revealing that two new colors should replace two of the existing shades. Kuo outlined his expectations in a post on X (formerly Twitter) earlier today. He believes that the iPhone 16 Pro and iPhone 16 Pro Max will be available in black, white or silver, gray or "Natural Titanium," and rose....
Delta Hands On Feature

iPhone Emulators on the App Store: Game Boy, N64, PS1, PSP, and More

Thursday May 16, 2024 12:45 pm PDT by
In April, Apple updated its guidelines to allow retro game emulators on the App Store, and several popular emulators have already been released. The emulators released so far allow iPhone users to play games released for older consoles from Nintendo, Sony, SEGA, Atari, and others. A list of some popular emulators available on the App Store so far follows. Released Delta Delta is...