Apple Files Appeal In Corellium Copyright Lawsuit

Apple has on Tuesday appealed a copyright case it lost against virtualisation software provider Corellium, after settling one against it last week.

The bad blood between Apple and Corellium, when the iPhone maker failed to purchase Corellium in 2018.

Corellium with its iOS virtualisation tool essentially allows customers to create and interact with virtual iOS devices, all within the browser. The frameworks of an iOS simulator is commonly used by security researchers for example to detect vulnerabilities in iPhones etc.

Multiple lawsuits

Apple then launched a lawsuit against Florida-based Corellium in August 2019, and in December 2019 Apple added another lawsuit to include a claim of copyright infringement against Corellium’s virtualisation software.

It claimed at the time that the firm was profiting from “perfect replicas” of iOS.

Corellium immediately hit back at Apple in an open letter, and warned that developers and jailbreakers should be “concerned” by Apple’s move.

However in December 2020, a US court ruled in favour of Corellium over the copyright issue, saying its software emulating the iOS operating system that runs on the iPhone and iPad amounted to “fair use” because it was “transformative” and helped developers find security flaws.

Judge Smith also said at the time Corellium “adds something new to iOS” by letting users see and halt running processes, take live snapshots, and conduct other operations.

Last week Apple dropped one of its lawsuit against Corellium, before that issue was due to go to court on 16 August. This was a lawsuit that had alleged that Corellium had violated the Digital Millennium Copyright Act by circumventing Apple’s security measures.

In that case, the two sides reached an undisclosed settlement, but Corellium continues to sell its virtual iOS platform.

But Apple has now filed an appeal against the December 2020 copyright ruling in favour of Corellium, Reuters reported.

CSAM investigation retaliation?

It comes after Corellium had announced this week that it was launching an “Open Security Initiative” aimed at rewarding independent public research into mobile devices.

Corellium’s first focus however is Apple’s controversial CSAM system and the company has called on security researchers to submit projects designed to validate “any security and privacy claims” from any mobile software vendor.

Qualifying submissions will receive up to $5,000.

“We applaud Apple’s commitment to holding itself accountable by third-party researchers. We believe our platform is uniquely capable of supporting researchers in that effort,” said Corellium.

“Our ‘jailbroken’ virtual devices do not make use of any exploits, and instead rely on our unique hypervisor technology,” it added. “This allows us to provide rooted virtual devices for dynamic security analysis almost as soon as a new version of iOS is released. In addition, our platform provides tools and capabilities not readily available with physical devices.”

There is speculation that Apple’s decision to revive the Corellium copyright lawsuit is related to Corellium’s announcement.

In a statement, Corellium CEO Amanda Gordon reportedly told Reuters that “enough is enough.”

“Apple can’t pretend to hold itself accountable to the security research community while simultaneously trying to make that research illegal,” she reportedly said.