What just happened? At the Black Hat Conference earlier this month, a small startup called Corellium showcased a tool that is claimed to provide customers access to virtual iOS devices inside a web browser. Apple has sued for damages and asked for an immediate ban on the sale of Corellium’s product. The iPhone maker argues the tool is an “unlawful commercialization of Apple’s valuable copyrighted works,” or in other words an exact replica of iOS down to the underlying code.
The Cupertino giant is well known for its hard stance on user privacy and for being overly protective of its intellectual property. After all, this is the company that has shown it is willing to go as far as is technically possible to prevent you from repairing your device somewhere else.
Today, Apple filed a lawsuit against Corellium for selling what it describes as an “illegal replication of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other Apple devices.” Corellium is a startup focused on mobile device virtualization that offers iOS and Android virtualization on Arm for more convenient development and testing.
The way Correllium’s product works is that it creates an exact digital replica of iOS, the default apps, and all the essential UI elements and provides access to them via a web-based platform. Apple says this isn’t a mere reproduction or a fair use case, as Corellium “has simply copied everything: the code, the graphical user interface, the icons—all of it, in exacting detail.”
Corellium allegedly makes unlicensed replicas of new versions of iOS as soon as they are officially launched and Apple has asked a federal judge in the Southern District of Florida to stop the violations. It also doesn’t help that Corellium pitches its product as a research tool for security experts and developers, and promises to deliver a “private installation” for any buyer willing to pay a million dollars a year.
Apple notes that it strongly supports efforts to discover security vulnerabilities on its platforms as long as it stays in the realm of “good-faith security research.” The company offers a $1 million “bug bounty” for anyone who can showcase any flaws in iOS, and supplies “special” iPhones to “legitimate” researchers.
Interestingly enough, Forbes took a close look at the “super stealth startup,” and found that its co-founders are some of the early pioneers in the jailbreaking scene. At the recent Black Hat conference in the US, Corellium extolled the ability of its product to offer iOS replicas to everyone, including “foreign governments and commercial enterprises.”
Apple wants Corellium to destroy all the infringing codebase and seeks cash compensation. It also asked for a court order for the startup to notify its customers that they violate Apple’s rights, and noted that “there is no basis for Corellium to be selling a product that allows the creation of avowedly perfect replicas of Apple’s devices to anyone willing to pay.”