Corellium Responds to Apple Lawsuit, Claims its iOS Virtualization Software Helps Apple

Apple in August filed a lawsuit against Corellium, a mobile device virtualization company that supports iOS, with Apple accusing Corellium of copyright infringement for replicating the operating system that runs on the iPhone and iPad.

As noted by Motherboard, Corellium today filed its response to Apple's lawsuit, accusing the Cupertino company of owing $300,000 and claiming that its software helps Apple by making it easier for security researchers to track down iOS bugs.

corellium

A virtual ‌iPhone‌ on Corellium's website used as evidence in Apple's lawsuit against the company

According to Apple, Corellium's product infringes on its copyrights by creating digital replicas of iOS, iTunes, and other apps and software. "Corellium has simply copied everything: the code, the graphical user interface, the icons - all of it, in exacting detail," reads Apple's lawsuit.

Corellium designed its software to create virtual iOS devices able to run iOS, and has encouraged researchers and hackers to use it to find and test vulnerabilities.

According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices. With this lawsuit, says Corellium, Apple is aiming to control who is allowed to find vulnerabilities in its software. This is a position that is also supported within the security community, according to Motherboard, and many security researchers were surprised by Apple's initial lawsuit.

Through its invitation-only research device program and this lawsuit, Apple is trying to control who is permitted to identify vulnerabilities, if and how Apple will address identified vulnerabilities, and if Apple will disclose identified vulnerabilities to the public at all.

One of Corellium's key arguments is that its customers are seeking bugs with the intention of alerting Apple of their existence, which Motherboard points out is just an assumption and, based on evidence, not true. One customer highlighted in Corellium's legal response, for example, is Azimuth, a company that does not report bugs to Apple.

Instead, Azimuth sells hacking tools based on those bugs to law enforcement and intelligence agencies in countries like the United States and Canada.

Corellium also argues that Apple has known about the company for years and has been friendly to Chris Wade, one of Corellium's founders. Corellium says that Wade was invited to join Apple's bug bounty program. Wade has since reported seven bugs to Apple without receiving payment, which is why Corellium argues that Apple owes $300,000.

Apple declined to provide Motherboard with a comment on Corellium's legal response. Apple is continuing to seek a permanent injunction to prevent Corellium from offering a product that replicates iOS. Apple also wants Corellium to destroy all infringing materials that it's collected, and pay Apple damages, lost profits, and attorney fees.

Tag: lawsuit

Top Rated Comments

chucker23n1 Avatar
23 months ago
Regardless of where you stand, this argument doesn't hold water.


According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices.
Really? Your product is for security purposes? That's weird, because your anemic website makes the completely different case that it's for mobile development.

That’s no simulator.
Mobile Device Virtualization:
The Future of Mobile Development
Guess the legal team needs to quickly tell the marketing team what the product is allegedly for?

And secondly, suppose it is secondarily intended for security purposes. Why does this matter? I can't just declare something "fair use" just because I personally find my use case noble. That's not remotely how copyright works.

If you agree with Corellium's point of view, then at best, Apple is being grossly negligent by not letting third parties use Corellium to discover potential security issues. And if you feel that way, you should alert Apple's customers about that. But from a copyright point of view, that's still for Apple to decide.
Score: 13 Votes (Like | Disagree)
bbeagle Avatar
23 months ago
So, according to Corellium, I could break into people's homes if I'm there for the purpose of helping them out.

I'll break into people's homes, open their refrigerators, check the expiration dates on their eggs and milk. And if they're expired, I'll write the home-owner a note on the kitchen table letting them know.
Score: 12 Votes (Like | Disagree)
markgpearse Avatar
23 months ago
Seems like a slam dunk for Apple.
Score: 9 Votes (Like | Disagree)
chucker23n1 Avatar
23 months ago

Bud, I don't care how lawyers argue intellectual property rights or EULA.
And yet you literally joined a thread about a lawsuit about intellectual property rights. Weird.
Score: 5 Votes (Like | Disagree)
Peace Avatar
23 months ago
They can do this because they think they are helping Apple..

Priceless..

Say..I'm helping Apple so I'm gonna make copies of Mac O/S..
Score: 5 Votes (Like | Disagree)
Kabeyun Avatar
23 months ago

Too many here are not getting the use case for this, equating it to plain 'thievery'. This seems like a pretty neat research tool, that does what vmware/vbox/parallels do for desktop virtualization.

Regardless of the turn out for this, Apple really just wants to control how people are able to do security research on their devices. Considering how things went this past summer for webkit security and their response and the mess that has been the current 13/15 releases, they probably should do a better job opening up the system for security research. (yes I know about the recent changes to the bug bounty program)
I’m so relieved that Corellium has explained this for Apple’s lawyers. Once Apple realizes they were actually incorrect to sue them, I’m sure they’ll drop the lawsuit.
Score: 3 Votes (Like | Disagree)

Top Stories

AirPods Pro Beta Firmware

AirPods Pro Beta Firmware Now Available

Wednesday July 21, 2021 6:50 am PDT by
Upcoming AirPods Pro firmware updates are now available to Apple Developer Program members as beta versions. AirPods Pro firmware beta one features FaceTime Spatial Audio and Ambient Noise Reduction. Custom Transparency mode, including Conversation Boost, was initially expected to be included in the beta but appears to have been delayed for a later version. Apple made the announcement...
maxresdefault

Apple Music to Livestream Premiere of Kanye West's New Album 'Donda' on Thursday

Wednesday July 21, 2021 1:49 am PDT by
Apple Music on Thursday will host a global livestream for the premiere of Kanye West's tenth studio album, titled "Donda." The sold-out event will take place at the Mercedes-Benz Stadium in Atlanta, Georgia, and Apple Music's livestream will start at 8:00 p.m. Eastern Time. The livestream was revealed in a Beats Studio Buds ad that aired during the NBA Finals. The ad features U.S. track...
General Apps Messages

All Three Major U.S. Carriers and Google Adopt Rich Communication Services, But No Sign of Apple Interest

Tuesday July 20, 2021 1:15 pm PDT by
For the last several years, Google has been pushing a new communications protocol called Rich Communication Services, or RCS. RCS is designed to replace SMS, the current text message standard, and it offers support for higher resolution photos and videos, audio messages, bigger file sizes, better encryption, improved group chat, and more. Verizon today announced that it is planning to adopt...
ios wifi settings

Apple Confirms iOS 14.7 Fixes WiFi Bug and Many Other Vulnerabilities

Wednesday July 21, 2021 11:38 am PDT by
Following the release of iPadOS 14.7 this morning, Apple has shared details on the security updates that are included in iOS 14.7, iPadOS 14.7, macOS Big Sur 11.5, watchOS 7.6, and tvOS 14.7, all of which came out this week. Notably, Apple's documentation confirms that the iOS 14.7 and iPadOS 14.7 updates address a WiFi-related vulnerability that could impact iOS devices when joining a...
macOS Malware Feature

Common Windows Malware Can Now Infect Macs

Wednesday July 21, 2021 8:13 am PDT by
A common form of malware on Windows systems has been modified into a new strain called "XLoader" that can also target macOS (via Bleeping Computer). Derived from the Formbook info-stealer for Windows, XLoader is a form of cross-platform malware advertised as a botnet with no dependencies. It is used to steal login credentials, capture screenshots, log keystrokes, and execute malicious files. ...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.5 With Podcast App Updates and Bug Fixes

Wednesday July 21, 2021 10:15 am PDT by
Apple today released macOS Big Sur 11.5, the fifth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur 11.5 comes two months after the release of macOS Big Sur 11.4. The new ‌‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. macOS Big Sur...
idos 2 app ios

Apple to Pull 'iDOS 2' DOS Emulator From App Store

Thursday July 22, 2021 3:22 pm PDT by
iDOS 2, an app designed to allow users to play classic DOS games, will soon be pulled from the App Store, the app's creator said today. According to iDOS developer Chaoji Li, he tried to submit an iDOS update with bug fixes to the App Store, but was told that the update was rejected because it violated the 2.5.2 App Store guideline that says apps cannot install or launch executable code.Durin...
airpods 3 gizmochina Feature

AirPods 3 Rumored to Launch Alongside iPhone 13 at Expected September Event

Friday July 23, 2021 12:54 am PDT by
The third-generation AirPods will likely launch at the same event revealing Apple's upcoming iPhone 13 lineup, according to a report from DigiTimes, which makes the claim citing sources familiar with the matter. The report as a whole echoes previous reporting that production of the third-generation AirPods will kickstart in August, meaning a launch shortly after can be easily expected. DigiTi...
iPad mini pro feature

Next-Generation iPad Mini Will Reportedly Feature a Mini-LED Display

Thursday July 22, 2021 9:03 am PDT by
Apple is widely rumored to be planning a new iPad mini with a significant redesign, including a larger 8.5-inch to 9-inch display with slimmer bezels, a Touch ID power button instead of a home button, a USB-C port instead of a Lightning connector, and more. According to a paywalled preview of a DigiTimes report today, the sixth-generation iPad mini will also feature a mini-LED display:BLU...
airpods 3 gizmochina Feature teal

AirPods 3 Mass Production Said to Kick Off in August

Tuesday July 20, 2021 8:40 pm PDT by
Mass production of the third-generation AirPods will kick off in August, according to a new report from Nikkei Asia. They will reportedly join a number of other products such as the iPhone 13 lineup and redesigned MacBook Pro models as launches coming before the end of the year. Renderings of rumored third-generation AirPods design Rumored launch dates for the third-generation AirPods have...