Corellium Responds to Apple Lawsuit, Claims its iOS Virtualization Software Helps Apple

Apple in August filed a lawsuit against Corellium, a mobile device virtualization company that supports iOS, with Apple accusing Corellium of copyright infringement for replicating the operating system that runs on the iPhone and iPad.

As noted by Motherboard, Corellium today filed its response to Apple's lawsuit, accusing the Cupertino company of owing $300,000 and claiming that its software helps Apple by making it easier for security researchers to track down iOS bugs.

corellium

A virtual ‌iPhone‌ on Corellium's website used as evidence in Apple's lawsuit against the company

According to Apple, Corellium's product infringes on its copyrights by creating digital replicas of iOS, iTunes, and other apps and software. "Corellium has simply copied everything: the code, the graphical user interface, the icons - all of it, in exacting detail," reads Apple's lawsuit.

Corellium designed its software to create virtual iOS devices able to run iOS, and has encouraged researchers and hackers to use it to find and test vulnerabilities.

According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices. With this lawsuit, says Corellium, Apple is aiming to control who is allowed to find vulnerabilities in its software. This is a position that is also supported within the security community, according to Motherboard, and many security researchers were surprised by Apple's initial lawsuit.

Through its invitation-only research device program and this lawsuit, Apple is trying to control who is permitted to identify vulnerabilities, if and how Apple will address identified vulnerabilities, and if Apple will disclose identified vulnerabilities to the public at all.

One of Corellium's key arguments is that its customers are seeking bugs with the intention of alerting Apple of their existence, which Motherboard points out is just an assumption and, based on evidence, not true. One customer highlighted in Corellium's legal response, for example, is Azimuth, a company that does not report bugs to Apple.

Instead, Azimuth sells hacking tools based on those bugs to law enforcement and intelligence agencies in countries like the United States and Canada.

Corellium also argues that Apple has known about the company for years and has been friendly to Chris Wade, one of Corellium's founders. Corellium says that Wade was invited to join Apple's bug bounty program. Wade has since reported seven bugs to Apple without receiving payment, which is why Corellium argues that Apple owes $300,000.

Apple declined to provide Motherboard with a comment on Corellium's legal response. Apple is continuing to seek a permanent injunction to prevent Corellium from offering a product that replicates iOS. Apple also wants Corellium to destroy all infringing materials that it's collected, and pay Apple damages, lost profits, and attorney fees.

Popular Stories

iCloud General Feature Redux

iPhone Users Who Pay for iCloud Storage Receive an All-New Perk

Thursday February 6, 2025 11:21 am PST by
If you pay for iCloud storage on your iPhone, Apple has a new perk for you, at no additional cost. iCloud+ is the official name for Apple's paid iCloud storage plans, which range from 50GB for $0.99 per month to 12TB for $59.99 per month in the United States. iCloud+ plans already come with multiple perks for free, such as Hide My Email and HomeKit Secure Video, and now there is another one...
2007 iPhone

Apple Discontinuing This 18-Year-Old iPhone Feature

Saturday February 8, 2025 3:51 pm PST by
The end of an 18-year era is on the horizon for the iPhone. Apple reportedly plans to announce a new iPhone SE as soon as next week, and the device is expected to feature a full-screen design with Face ID, instead of a Touch ID home button. That means Apple will no longer sell any new iPhone models with a home button, for the first time since the original iPhone launched. The home button...
iOS 18

iOS 18.4 Will Include These New Features for Your iPhone

Wednesday February 5, 2025 7:15 am PST by
iOS 18.3 was released last month, so the first iOS 18.4 beta should be coming soon. iOS 18.4 is expected to be a more substantial update for the iPhone, with several new features and changes related to Apple Intelligence and beyond. Apple's website suggests that iOS 18.4 will be released in April, following beta testing. Below, we outline what to expect from the update so far. Apple...
iPhone SE 4 Single Camera Thumb

iPhone SE 4 Launching as Soon as Next Week

Thursday February 6, 2025 3:30 pm PST by
Apple's next-generation iPhone SE could debut as soon as next week with a launch to follow later in February, reports Bloomberg's Mark Gurman. Apple isn't expected to hold an event for the iPhone SE 4, and will instead unveil the device through a press release. The iPhone SE 4 is expected to have an iPhone 14-style design, with Apple eliminating the thick bezels and Touch ID Home button of...
iCloud General Feature Redux

Apple Ordered by UK to Create Global iCloud Encryption Backdoor

Friday February 7, 2025 2:37 am PST by
The British government has secretly demanded that Apple give it blanket access to all encrypted user content uploaded to the cloud, reports The Washington Post. The undisclosed order is said to have been issued last month, and requires that Apple creates a back door that allows UK security officials unencumbered access to encrypted user data worldwide – an unprecedented demand not before...
iOS 18

iOS 18.3.1 Update Coming Soon for iPhones

Thursday February 6, 2025 7:31 am PST by
Apple is internally testing iOS 18.3.1 for iPhones, according to our website's analytics logs, which have been a consistently reliable indicator of upcoming iOS versions. The software update should be released within the next few weeks. iOS 18.3.1 should be a minor update that addresses software bugs and/or security vulnerabilities. Apple Intelligence notification summaries for news and...
Apple Leak Feature

Apple Leaker Issues Apology: 'Profound and Expensive Mistake'

Friday February 7, 2025 9:21 am PST by
Last year, we reported that Apple sued its former software engineer Andrew Aude for providing journalists with confidential information about the company's future plans, including details about the Journal app, Vision Pro headset, and more. As reported by 9to5Mac, the Superior Court of Santa Clara County on Thursday dismissed the lawsuit after Apple and Aude reached an agreement to resolve...
imac video apple feature

Apple to Announce New Products Next Week

Saturday February 8, 2025 10:55 am PST by
Apple has yet to release any new devices in 2025, but at least two new products are expected to be announced next week, according to rumors. Below, we outline the new Apple products that are likely to be unveiled next week. iPhone SE 4 Apple plans to announce the long-rumored iPhone SE 4 as soon as next week, according to Bloomberg's Mark Gurman. The new iPhone SE is rumored to...

Top Rated Comments

chucker23n1 Avatar
69 months ago
Regardless of where you stand, this argument doesn't hold water.


According to Corellium, Apple's code in its product is "fair use" and the software makes the world better by allowing security researchers to look into iOS, find flaws, and inform Apple so the bugs can be fixed.

Corellium argues it's easier for researchers to find and test bugs in iOS using virtual instances of iOS rather than physical devices.
Really? Your product is for security purposes? That's weird, because your anemic website makes the completely different case that it's for mobile development.

That’s no simulator.
Mobile Device Virtualization:
The Future of Mobile Development
Guess the legal team needs to quickly tell the marketing team what the product is allegedly for?

And secondly, suppose it is secondarily intended for security purposes. Why does this matter? I can't just declare something "fair use" just because I personally find my use case noble. That's not remotely how copyright works.

If you agree with Corellium's point of view, then at best, Apple is being grossly negligent by not letting third parties use Corellium to discover potential security issues. And if you feel that way, you should alert Apple's customers about that. But from a copyright point of view, that's still for Apple to decide.
Score: 13 Votes (Like | Disagree)
bbeagle Avatar
69 months ago
So, according to Corellium, I could break into people's homes if I'm there for the purpose of helping them out.

I'll break into people's homes, open their refrigerators, check the expiration dates on their eggs and milk. And if they're expired, I'll write the home-owner a note on the kitchen table letting them know.
Score: 12 Votes (Like | Disagree)
markgpearse Avatar
69 months ago
Seems like a slam dunk for Apple.
Score: 9 Votes (Like | Disagree)
chucker23n1 Avatar
69 months ago

Bud, I don't care how lawyers argue intellectual property rights or EULA.
And yet you literally joined a thread about a lawsuit about intellectual property rights. Weird.
Score: 5 Votes (Like | Disagree)
Peace Avatar
69 months ago
They can do this because they think they are helping Apple..

Priceless..

Say..I'm helping Apple so I'm gonna make copies of Mac O/S..
Score: 5 Votes (Like | Disagree)
Kabeyun Avatar
69 months ago

Too many here are not getting the use case for this, equating it to plain 'thievery'. This seems like a pretty neat research tool, that does what vmware/vbox/parallels do for desktop virtualization.

Regardless of the turn out for this, Apple really just wants to control how people are able to do security research on their devices. Considering how things went this past summer for webkit security and their response and the mess that has been the current 13/15 releases, they probably should do a better job opening up the system for security research. (yes I know about the recent changes to the bug bounty program)
I’m so relieved that Corellium has explained this for Apple’s lawyers. Once Apple realizes they were actually incorrect to sue them, I’m sure they’ll drop the lawsuit.
Score: 3 Votes (Like | Disagree)