Apple Appeals Corellium Copyright Lawsuit Loss After Settling Other Claims

Back in December, Apple lost a copyright lawsuit against security research company Corellium, and today, Apple filed an appeal in that case, reports Reuters.

corellium
The judge in the copyright case determined that Corellium was operating under fair use terms and that its use of iOS was permissible, throwing out several of Apple's claims. For those unfamiliar with Corellium, the software is designed to replicate iOS exactly to allow security researchers to find bugs and vulnerabilities.

Apple claimed that Corellium illegally copied the iOS operating system and applications that run on the iPhone and iPad, and that it had violated the Digital Millennium Copyright Act by circumventing Apple's security measures.

Corellium argued that its software helps Apple by making it easier for security researchers to find flaws. Corellium also said that Apple was using its lawsuit to "crack down on jailbreaking" and that Apple's code in the product was fair use, which the judge agreed with.

Apple is appealing the verdict in this specific copyright lawsuit, which is separate from the settlement that Apple and Corellium reached earlier this month.

Apple and Corellium on August 10 settled a federal lawsuit that would have gone to trial on August 16, and this settlement was related to the DCMA claims. The terms of the settlement were confidential, and so far, Corellium is still selling its virtual iOS platform.

According to Reuters, security researchers are surprised that Apple has opted to revive its legal battle with Corellium after the settlement terms, and after Apple's Craig Federighi said that security researchers would serve as a check on its plans to scan iPhones and iPads for CSAM to make sure the scanning is limited to CSAM. Security researchers will be able to confirm that the database of images used to match CSAM content on user devices only consists of content from agencies like the National Center for Missing & Exploited Children.

Earlier today, Corellium said that it was launching an "Open Security Initiative" aimed at rewarding independent public research into mobile devices. Corellium's first focus is Apple's CSAM system and the company has called on security researchers to submit projects designed to validate "any security and privacy claims" from any mobile software vendor. Qualifying submissions will receive up to $5,000.

We applaud Apple's commitment to holding itself accountable by third-party researchers. We believe our platform is uniquely capable of supporting researchers in that effort. Our "jailbroken" virtual devices do not make use of any exploits, and instead rely on our unique hypervisor technology. This allows us to provide rooted virtual devices for dynamic security analysis almost as soon as a new version of iOS is released. In addition, our platform provides tools and capabilities not readily available with physical devices.

It's possible that Apple's decision to revive the Corellium lawsuit is related to Corellium's announcement earlier today. In a statement, Corellium Chief Executive Amanda Gordon told Reuters that "enough is enough." "Apple can't pretend to hold itself accountable to the security research community while simultaneously trying to make that research illegal," she said.

Tag: lawsuit

Top Rated Comments

ian87w Avatar
9 weeks ago

Apple, was, is, and will always be the king of secrecy.
And the king of secrecy is trying to be the moral police as well.
Score: 18 Votes (Like | Disagree)
Wildkraut Avatar
9 weeks ago
They fears that Corellium finds more (yet undiscovered) in their CSAM mass surveillance scanning.
Score: 16 Votes (Like | Disagree)
TheYayAreaLiving Avatar
9 weeks ago
How is Apple staying committed?

Clearly shows Apple hates it when their platform gets the extra attention and when their security is being looked at.
Score: 13 Votes (Like | Disagree)
Shirasaki Avatar
9 weeks ago
Apple really hates people peeking into their iOS dirty little secrets and ugly inside heh. ? Guess this is also part of the reason they don’t like jailbreak. Given general iOS software quality downgrade YOY, even if this seems only for copyright on the surface, those Apple execs prolly still reeling from other defeats.
Score: 12 Votes (Like | Disagree)
ian87w Avatar
9 weeks ago
Okay Apple, your actions are becoming a joke now. You just talked high and mighyt about allowing security researchers to audit you, but then went lawsuit happy when they are trying to.

iOS15 is definitely a no go then for me. I have disabled auto download of ios update on my iPhone. My old Mac mini will be staying on Catalina.

This is really sad news for me, as I was actually someone who was starting to warm up to the Apple ecosystem.
Score: 12 Votes (Like | Disagree)
turbineseaplane Avatar
9 weeks ago
So do you want security researchers auditing your efforts or not Apple?

Pick a side
Score: 10 Votes (Like | Disagree)

Related Stories

corellium

Apple and Corellium Agree on Settlement to Bring Lawsuit to an End

Tuesday August 10, 2021 11:36 pm PDT by
Apple this week dropped its long-standing lawsuit against Corellium, the security research company that provides security researchers with a replica of the iOS operating system, allowing them to locate possible security exploits within Apple's mobile operating system, The Washington Post reports. Apple filed a lawsuit against Corellium in 2019, claiming the security company was infringing...
appleprivacyad

Corellium Launching New Initiative to Hold Apple Accountable Over CSAM Detection Security and Privacy Claims

Tuesday August 17, 2021 1:35 am PDT by
Security research firm Corellium this week announced it is launching a new initiative that will "support independent public research into the security and privacy of mobile applications," and one of the initiative's first projects will be Apple's recently announced CSAM detection plans. Since its announcement earlier this month, Apple's plan to scan iPhone users' photo libraries for CSAM or...
apple devices security bug bounty mac iphone ipad

Security Researchers Unhappy With Apple's Bug Bounty Program

Thursday September 9, 2021 10:00 am PDT by
Apple offers a bug bounty program that's designed to pay security researchers for discovering and reporting critical bugs in Apple operating systems, but researchers are not happy with how it operates or Apple's payouts in comparison to other major tech companies, reports The Washington Post. In interviews with more than two dozen security researchers, The Washington Post collected a number...
corellium

Apple Loses Copyright Claims in Lawsuit Against Corellium

Tuesday December 29, 2020 11:12 am PST by
Corellium, a mobile device company that supports iOS, this week won a significant victory in its legal battle against Apple. Apple last year sued Corellium for copyright infringement because the Corellium software is designed to replicate iOS to allow security researchers to locate bugs and security flaws. According to The Washington Post, a Florida judge threw out Apple's claims that...
iPhone 13 Security

Apple Apologizes to Researcher for Ignoring iOS Vulnerabilities, Says It's 'Still Investigating'

Monday September 27, 2021 12:55 pm PDT by
Last week, security researcher Denis Tokarev made several zero-day iOS vulnerabilities public after he said that Apple had ignored his reports and had failed to fix the issues for several months. Tokarev today told Motherboard that Apple got in touch after he went public with his complaints and after they saw significant media attention. In an email, Apple apologized for the contact delay...
Child Safety Feature Purple

Apple's Proposed Phone-Scanning Child Safety Features 'Invasive, Ineffective, and Dangerous,' Say Cybersecurity Researchers in New Study

Friday October 15, 2021 12:23 am PDT by
More than a dozen prominent cybersecurity experts hit out at Apple on Thursday for relying on "dangerous technology" in its controversial plan to detect child sexual abuse images on iPhones (via The New York Times). The damning criticism came in a new 46-page study by researchers that looked at plans by Apple and the European Union to monitor people's phones for illicit material, and called...
iPhone 13 Security

Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

Friday September 24, 2021 10:42 am PDT by
In 2019, Apple opened its Security Bounty Program to the public, offering payouts up to $1 million to researchers who share critical iOS, iPadOS, macOS, tvOS, or watchOS security vulnerabilities with Apple, including the techniques used to exploit them. The program is designed to help Apple keep its software platforms as safe as possible. In the time since, reports have surfaced indicating...
tim cook privacy

Apple Not Trying Hard Enough to Protect Users Against Surveillance, Researchers Say

Friday July 23, 2021 6:46 am PDT by
Following the news of widespread commercial hacking spyware on targeted iPhones, a large number of security researchers are now saying that Apple could do more to protect its users (via Wired). Earlier this week, it was reported that journalists, lawyers, and human rights activists around the world had been targeted by governments using phone malware made by the surveillance firm NSO Group...
apple pay express transit london

Security Experts Warn of Apple Pay Express Transit Hack That Enables Large Unauthorized Visa Payments From Locked iPhones

Thursday September 30, 2021 12:14 am PDT by
Researchers in the U.K. have demonstrated how large unauthorized contactless payments can be made on locked iPhones by exploiting Apple Pay's Express Transit feature when set up with Visa. Express Transit is an Apple Pay feature that allows for tap-and-go payment at ticket barriers, eliminating the need to authenticate with Face ID, Touch ID, or a passcode. The device does not need to be...
Child Safety Feature Blue

Apple Says NeuralHash Tech Impacted by 'Hash Collisions' Is Not the Version Used for CSAM Detection

Wednesday August 18, 2021 1:13 pm PDT by
Developer Asuhariet Yvgar this morning said that he had reverse-engineered the NeuralHash algorithm that Apple is using to detect Child Sexual Abuse Materials (CSAM) in iCloud Photos, posting evidence on GitHub and details on Reddit. Yvgar said that he reverse-engineered the NeuralHash algorithm from iOS 14.3, where the code was hidden, and he rebuilt it in Python. After he uploaded his...