Apple sues virtualization firm Corellium for selling iOS and iTunes knockoffs
Apple on Thursday filed a lawsuit claiming software virtualization firm Corellium, which markets its wares to security researchers, infringes on copyrights covering iOS, iTunes and other Apple assets.
Filed with the U.S. District Court for the Southern District of Florida, Apple's complaint takes issue with Corellium's mobile device virtualization solution, a product the tech giant claims infringes on various software copyrights. Apple says the suit is a "straightforward case of infringement of highly valuable copyrighted works."
"[ ... ] Corellium has simply copied everything: the code, the graphical user interface, the icons-- all of it, in exacting detail," the filing reads.
Corellium in its marketing materials advertises its virtualization product as a tool for developers ferreting out bugs, flaws and other vulnerabilities in software and hardware. Available on the web or as a $1 million-per-year "private" local installation, certain solutions present virtual versions of iOS devices running what Apple calls unauthorized copies of iOS.
Corellium itself touts the exacting detail of its product line. As noted in the filing, the firm recently presented its CORSEC product at the Black Hat conference in August, saying the software runs "real iOS -- with real bugs that have real exploits."
Apple does not license iOS, iTunes or its user interface technologies for use by Corellium.
The firm's tools enable users to create a virtual iOS device in the cloud. Customers first select a device to copy -- support includes iPads and current iPhone XR, XS and XS Max models -- then are asked to download a particular iOS build directly from Apple's servers. Corellium's platform subsequently displays a "fully functioning" replica device.
As users are able to make multiple copies of a virtual device and its underlying software, Apple believes Corellium's servers are illegally hosting numerous copies of iOS. Alleged infringement also includes iTunes.
The company does not appear to make efforts to limit its products to research and testing, nor does it require users to disclose discovered vulnerabilities to Apple, the filing notes.
Apple asserts two claims of direct federal copyright infringement for computer software and graphical user interface elements, and one claim for contributory federal copyright infringement targeting users of Corellium's products.
Apple seeks an injunction that prohibits sale and access to Corellium products, an order to return owned intellectual property, destruction or impounding of infringing materials, damages and court fees.
Filed with the U.S. District Court for the Southern District of Florida, Apple's complaint takes issue with Corellium's mobile device virtualization solution, a product the tech giant claims infringes on various software copyrights. Apple says the suit is a "straightforward case of infringement of highly valuable copyrighted works."
"[ ... ] Corellium has simply copied everything: the code, the graphical user interface, the icons-- all of it, in exacting detail," the filing reads.
Corellium in its marketing materials advertises its virtualization product as a tool for developers ferreting out bugs, flaws and other vulnerabilities in software and hardware. Available on the web or as a $1 million-per-year "private" local installation, certain solutions present virtual versions of iOS devices running what Apple calls unauthorized copies of iOS.
Corellium itself touts the exacting detail of its product line. As noted in the filing, the firm recently presented its CORSEC product at the Black Hat conference in August, saying the software runs "real iOS -- with real bugs that have real exploits."
Apple does not license iOS, iTunes or its user interface technologies for use by Corellium.
The firm's tools enable users to create a virtual iOS device in the cloud. Customers first select a device to copy -- support includes iPads and current iPhone XR, XS and XS Max models -- then are asked to download a particular iOS build directly from Apple's servers. Corellium's platform subsequently displays a "fully functioning" replica device.
As users are able to make multiple copies of a virtual device and its underlying software, Apple believes Corellium's servers are illegally hosting numerous copies of iOS. Alleged infringement also includes iTunes.
The company does not appear to make efforts to limit its products to research and testing, nor does it require users to disclose discovered vulnerabilities to Apple, the filing notes.
Apple asserts two claims of direct federal copyright infringement for computer software and graphical user interface elements, and one claim for contributory federal copyright infringement targeting users of Corellium's products.
Apple seeks an injunction that prohibits sale and access to Corellium products, an order to return owned intellectual property, destruction or impounding of infringing materials, damages and court fees.
Apple v. Corellium by Mikey Campbell on Scribd
Comments
Then Huaweis knockoff Apple Stores and knockoff Airpods.
(I wish)
I'm confused by this part:
How are these iOS builds available directly from Apple's servers without authorization? Are they using developer credentials of some form?
I doubt the vast majority of security researchers could afford 1 million/year. But, criminal organizations could...
Alternatively, it sounds like the perfect tool for governments to find iOS bugs for cyber warfare purposes.
Apple has the right, and is right, to stamp this practice/company out.
.... I want to see Corellium‘s customer list. Red flags are @#$& everywhere...
To make this legitimate:
#1 Corellium needs Apple’s permission/licensing
#2 Apple needs to approve potential customers
#3 All bugs found need to be reported to Apple, to be stamped out
Google’s Project Zero would be a legitimate customer, but I’m sure Apple has their own relationship with them. I can’t really see a reason why Apple would allow third parties (like Corellium) to be involved.
Exactly. And Apple hasn't licensed them to do so.
I also haven’t seen many broken apps (after the 32/64 bit switchover) when Apple pushes out a new iOS version.
Having a handful of iOS devices with different versions seem much cheaper than 1 million/year...
Visual Studio has an iOS Simulator... not the same thing, but there are options.
Most companies like to brag about their customers and partners... I found nothing like that on Corellium website. Apple is right to go after them to protect their interests.