Apple has lost its copyright lawsuit against Corellium, a security research company that helped its customers in finding bugs in iOS.
Corellium was taken to court by Apple due to alleged violations of copyright law, as it allowed users to run virtual versions of iOS on their desktop computers. This helped researchers in finding security bugs without using an iPhone. iOS only runs on Apple’s own devices, and the company is notoriously popular for not allowing other its operating systems to run on other hardware, natively or virtually, without permission.
Apple loses lawsuit against Corellium
The lawsuit was thrown out by a federal judge in Florida, and the ruling stated that Corellium had not violated any copyright laws by creating virtual iPhones for desktops, as it was only doing so to help improve security for iPhone users. It was not a competing product, but only a research tool for customers. The judge also added that Apple’s argument in the claims was “Puzzling, if not disingenuous”, as Corellium was following a vetting process before selling its products to customers.
As per The Washington Post, David L. Hecht, founder of law firm Hecht Partners and co-counsel for Corellium, said on the ruling:
“We are very pleased with the Court’s ruling on fair use and are proud of the strength and resolve that our clients at Corellium have displayed in this important battle. The Court affirmed the strong balance that fair use provides against the reach of copyright protection into other markets, which is a huge win for the security research industry in particular.”
It is important to note that Apple had tried to acquire Corellium in 2018, and only sued the company after acquisition talks fell through. Even though the copyright law claim has been dismissed by the court, Corellium has still been found in violation of the Digital Millennium Copyright Act, as it circumvented Apple’s security measures to create its virtual iPhone software.
As Corellium’s product is intended only for security research and does not compete with Apple’s iPhone in any way, the court found that the company met the requirements of fair use and can continue to sell its product.
This ruling has been hailed by the security research community, which has to rely either on tools provided by companies, or third-party developers like Corellium, to help find bugs and improve the security of operating systems.
Apple has not made it easy for security researchers to work on its devices and only recently started a new program through which it provides special iPhones to participants of its Security Research Device Program. It also has a bug bounty program through which it rewards researchers for reporting issues.
In a world where sophisticated iPhone hacks are being used by states and organizations with deep pockets, Apple needs to get the good guys on its side to help find and close security flaws before the bad actors get to them.