Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Apple Targets Jailbreaking in New Complaint Against Corellium

Apple has filed an amended complaint in the lawsuit against Corellium and the virtualization company has responded by claiming that the tech giant is using the lawsuit to crack down on jailbreaking.

Apple has filed an amended complaint in the lawsuit against Corellium and the virtualization company has responded by claiming that the tech giant is using the lawsuit to crack down on jailbreaking.

Corellium provides a virtual iPhone that can be used to find vulnerabilities and test the functionality of mobile apps on different versions of the iPhone and iOS. Apple has accused the company of copyright infringement, stating that Corellium was not authorized to copy its products.

Apple’s initial complaint only mentioned jailbreaking, but the new complaint includes several paragraphs focusing on jailbreaking.

Apple has shared examples of instances where Corellium advertised its platform as an alternative to purchasing jailbroken iPhones, and where the company openly admitted that its solutions helped developers create a jailbreak dubbed “unc0ver.”

“Corellium has admitted not only that its product is designed to circumvent technological protection measures Apple puts in place to prevent access to and infringement of its copyrighted works in iOS, but that it has aided and abetted the creation and trafficking of other software that is also designed to circumvent those same technological measures,” Apple said.

In a statement published on its website in response to Apple’s new complaint, Corellium warned that the tech giant’s claims should raise concerns.

“Apple is asserting that anyone who provides a tool that allows other people to jailbreak, and anyone who assists in creating such a tool, is violating the DMCA. Apple underscores this position by calling the unc0ver jailbreak tool ‘unlawful’ and stating that it is ‘designed to circumvent [the] same technological measures’ as Corellium,” explained Corellium CEO Amanda Gorton.

“Apple is using this case as a trial balloon in a new angle to crack down on jailbreaking. Apple has made it clear that it does not intend to limit this attack to Corellium: it is seeking to set a precedent to eliminate public jailbreaks,” Gorton said.

Gorton noted that jailbreaking not only helps researchers and developers, but also Apple, which has benefited from the work of the jailbreak community.

“Many of the features of iOS originally appeared as jailbreak tweaks and were copied by Apple, including dark mode, control center, and context menus. In addition, jailbreak creators regularly contribute to the security of iOS. The developer behind the unc0ver jailbreak was acknowledged and credited by Apple for assisting with a security vulnerability in the iOS kernel – a vulnerability he discovered while using Corellium,” she added.

The response filed by Corellium to Apple’s lawsuit was initially heavily redacted, but the company published an unredacted version in mid-November. The unredacted document revealed that Corellium believes Apple filed a lawsuit in response to a failed acquisition attempt.

“[This] lawsuit is not driven by Apple’s genuine belief that Corellium infringes its copyrights, but rather by its frustration at not being able to make Corellium’s technology its own,” Corellium said.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...