Categories
Apple's Lawsuit

Apple’s lawsuit against Corellium Was partly thrown out

Back in August of last year Apple filed a lawsuit against the virtualization software company Corellium, arguing that the product infringed its copyright and later adding claims that Corellium’s product violates the DMCA. While the DMCA claims will still need to be settled in court, a judge in Florida has tossed out Apple’s copyright claims.…

Back in August of last year Apple filed a lawsuit against the virtualization software company Corellium, arguing that the merchandise infringed its copyright and later adding claims that Corellium’s product violates the DMCA.

While the DMCA claims will still need to get settled in court, a judge in Florida has tossed out Apple’s copyright claims.

So what’s Corellium? To over simplify it, Corellium allows security researchers to spin up a virtualized ARM device (including iOS apparatus ) in a browser and take a deep look under the hood to detect potential security bugs. Like I wrote last year:

Corellium might allow, for instance, a security researcher to rapidly develop a simulated iPhone and search for potential bugs. If one is found, they can quickly load up before versions of iOS to see just how long this bug has existed. When a bug”bricks” the virtual iOS apparatus and leaves it unusable, it’s an issue of just booting up a new one instead of obtaining a completely different phone. Virtualized devices can be paused, providing researchers a detailed look at its exact state at any given moment.

Writes Judge Rodney Smith in a docket filed this morning as first spotted by the Washington Post:

Having reviewed the evidence, the Court doesn’t find a shortage of good faith and fair dealing. Further, considering all the needed aspects, the Court finds that Corellium has met its burden of establishing fair use. Therefore, its use of iOS in relationship with all the Corellium Product is permissible. On these grounds, Corellium’s Motion for Summary Judgment is allowed on Apple’s copyright claim.

Smith cites Corellium’s ability to do things like”(1) see and halt running processes; (2) modify the kernel; (3) use CoreTrace, a tool to view system calls; (4) use an app browser and a file browser; and (5) take live snapshots” as proof that the product is”not merely a repackaged version of iOS” and should be considered fair use.

Smith also notes that this legal action comes after Apple considered obtaining Corellium.

Between January 2018 and the summer of 2018, the parties participated in discussions regarding Apple’s potential acquisition of Corellium. During this time, the parties met in-person and telephonically. Corellium explained to Apple the technology behind the Corellium Product and how it functions, and discussed Corellium’s business and intention to commercialize the Corellium Product.

And:

If Apple had acquired the Corellium Product, the item would have been used internally for validation and testing (which is, for verifying any system flaws and functioning of devices).

While this conclusion swipes away the copyright asserts (possible appeals aside), there was no such rapid conclusion about the DMCA claims. Apple asserts that Corellium is working around built-in authentications and security checks, whereas Corellium asserts that such matters are implemented at a hardware level and the firmware they’re dealing with (the iOS IPSW documents ) are”left unencrypted, unprotected, unlocked, and out in the open for the public to access, copy, edit, distribute, perform, and display.”

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *