Apple has filed a lawsuit today against virtualization company Corellium. For those unfamiliar, Corellium allows users to virtualize iOS, pitching it as a research tool for security experts. Apple, however, says Corellium’s “true goal is profiting off its blatant infringement.”
Essentially, Corellium allows researchers to run software only virtualizations of iOS. This opens up a new set of capabilities for security researchers, as they can do things like pause the operating system completely (via Bloomberg).
The lawsuit was filed today in the Southern District of Florida. Apple alleges that Corellium is blatantly infringing upon its copyrights. “Corellium has simply copied everything: the code, the graphical user interface, the icons—all of it, in exacting detail,” Apple writes.
Apple also takes issue with Corellium’s spin that its iOS suite allows researchers to better discover vulnerabilities. Corellium does not require researchers to report their discoveries to Apple, which Apple says encourages the vulnerabilities to instead be sold on the market:
One thing Apple notes is that it strongly supports “good-faith” security research – and has never before pursued legal action against a security researcher.
Through this lawsuit, Apple is seeking an injunction against Corellium sales, a court order requiring Corellium to notify its customers they are violating Apple’s copyright, destruction of products using Apple’s copyright, and cash compensation.
Apple’s lawsuit against Corellium comes after the company significantly revamped its bug bounty program last week with higher payouts and a new device program that gives researchers what are essentially “pre-jailbroken” iPhones.
