Apple sues Corellium for selling access to "perfect replicas" of cloud-based iOS



[ad_1]

Apple CEO Tim Cook at the Apple Worldwide Developers 2019 conference.
Photo: Jeff Chiu (AP)

Apple sues a company, Corellium LLC, which illegally claims virtual copies of its iOS operating system under the pretext of legitimate security research, Bloomberg said Thursday.

Corellium is "the first and only platform offering iOS, Android and Linux virtualization on ARM". Through TechCrunch, the company allows users to interact with simulated iOS devices such as an iPhone or iPad via a web portal, allowing researchers to quickly compare iOS versions to see the duration of a bug or simply start another instance if their interference makes the virtual device unusable. As TechCrunch has noted, Corellium's earlier coverage has underscored the fact that some of its founders have roots in the iOS jailbreaking scene.

According to Bloomberg, Apple has accused Corellium in court of copying "its operating system, its graphical user interface and other aspects of the devices without authorization" and to have violated the law. author by selling access to simulated iOS devices. While Corellium claims that its goal is to allow hackers (those whose intent is to discover and report rather than exploit vulnerabilities), Apple wrote in the lawsuit that "the true purpose of the company is to take advantage of its flagrant breach.Not to help address vulnerabilities, Corellium encourages its users to sell any information discovered on the open market to the highest bidder. "

Apple further accused Corellium of copying the new versions of iOS and failing to implement the user-reported requirements to the flaws of its products discovered by Apple, Bloomberg said:

"For a million dollars a year, Corellium will even provide a" private "installation of its product to any buyer," said Apple. "There is no basis for Corellium to sell a product that allows the creation of perfect replicas of Apple devices to anyone willing to pay."

According to the complaint, Apple said that "it's enough" when it comes to Corellium, including those that compete with the Apple Developer Program.

Apple's prosecution is closely following the extension of its bug bonus program with an increased maximum gain of $ 1 million for critical vulnerabilities, such as those that could allow an attacker to gain total control of a device without interaction from a user, as well as from the distribution. iPhone "dev" with privileged access to trusted security researchers.

Corellium's intellectual property policy states that the company "respects the intellectual property rights of third parties and expects its users to do the same". However, Ars Technica indicated that its website did not explain how its products complied with Apple's copyright laws.

According to Motherboard, the move has angered some members of the cybersecurity community, comparing the move to Microsoft's theoretical crackdown on virtual machines. As VentureBeat noted, Apple has so far refused to address the relatively small and mostly amateur community using so-called "Hackintosh" devices – essentially any computer running macOS outside approved limitations. from Apple – but she made sure that the screen The researchers would have no way to put 'the complete interface of the iPhone or the iPad on a computer screen for even indirect manipulation of the user '. Apple seems to target Corellium because it seems to "sell imitated iOS access for profit," said VentureBeat, as well as his desire. for "total control over how and where its operating systems can be run".

An Apple employee speaking on condition of anonymity told Motherboard, "You really can not ask for more legal action than Corellium":

The employee explained that, in the way that Apple licenses its software to software, you can not run a virtual version of MacOS on VMware or other virtualization platforms if it does not run on a computer Mac. Corellium does something similar, but with iOS.

According to Ars Technica, Apple allegedly wrote in the lawsuit that Corellium had been announced "as an alternative to buying jailbroken iPhones on eBay" and accused it of working with jailbreakers and jailbreakers. brokers operating. Corellium says on its website that it indemnifies end users against accusations that its software violates the copyright, Ars Technica added.

In its lawsuit, Apple asks for an order blocking the sales of Corellium's Apple product, so that the company can inform its customers that it infringes Apple's copyrights, the destruction of any illegal product and damages, writes Bloomberg.

[ad_2]

Source link