arrow_upward

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Apple v. Corellium
#1
As an avid Apple user, I thought this story was interesting when I first heard about it a couple years ago. Corellium is a ARM virtualization company that specializes in bug bounty and virtualized developer tools for iOS and Android. Now the iOS piece of the company has been very interesting over the past couple years with Apple claiming that the virtualization of iOS violates United States Trademark Laws, so they were forced to take down that stem of there services. In this overview I will break down things in relation to the case and then my personal thoughts of the matter.

1. Apple's View of Security
When Apple first went after Corellium I did not understand why to be honest, I started off my Apple journey with an iPod Classic then got an iPhone 3GS that I jailbroke to make compatible with T-Mobile at the time, as AT&T was the only cellular company that had the license rights to the handset. From my point of view, Apple always cherished the Jailbreak/Hackintosh community under Steve Jobs as we continued to use their technologies and showed them what could be done with them. This focus shifted as the FBI requested Apple to unlock an iPhone belonging to the individual behind the San Bernardino bombing in 2015, Apple upholding their Privacy Policy to their users and this marking a pivotal moment in the company's history to the rhetoric of "Actions speak louder than Words." We soon after started seeing companies try to use methods created by the Jailbreak community to serve law enforcement with a brute force tool that could bypass the Lock Screen of any iPhone just by plugging it into a black box. Apple stood their ground and the Supreme Court of the United States ruled in favor of Apple that a tech company, even with a warrant, does not have to disclose the information of a user or provide a backdoor into their operating system for law enforcement agencies. Flash forward to 2018, Apple files a lawsuit agains Corellium for virtualizing their operating system iOS 12. Corellium quickly removed the stem from their services and the court hearings began. Apple citing "services such as this not sponsored by Apple could lead to backdoor vulnerabilities compromising the entire ecosystem for all of our customers." December 2020, the court ruled in Corellium's favor with the case currently at an impasse for Apple.

2. My view
Initially I thought Apple was just trying to control the share of the market for services such as this, simply using privacy as the vehicle for their case. Though I appreciated the notion of privacy and keeping the kernel of the operating system in a controlled environment, the kernel has realistically been exposed to the community for years just from the Jailbreak community alone. I always gravitated towards Apple due to their security and privacy policies, but in app development with Android, Google has a pretty solid grasp on security updates especially when it comes to their Pixel/Nexus line of handsets. I feel as if though Corellium won this stage of the battle, but Apple will find the source of the vulnerabilities of which Corellium used to virtualize the OS in the first place, especially with the new Bug Bounty Program they established over the past year. I would love to hear everyone's views on this matter, as I am on the fence with this one. Is it more Apple control or valid security concerns?

3. What's next?
This is the part that interests and excites me, especially when it comes to Post4VPS and the VPS community. With the virtualization of iOS, does that also open up the prospect of macOS virtualization? The operating system being a unix-like operating system would easily run on a KVM node especially if we the community/developers were able to modify to ktexts to be compatible with the networking adapters presented for that specific VPS and then would be able to bake in flagging to force the terminal shell instead of the GUI. What are some of your "wishlist" items that you would hope to see come out of this case?

Thanks for reading everyone, I can't wait to hear everyone's thoughts and hopefully have some great discussions out of this.
Thank you to CubeData and Posts4VPS for the services of VPS 8.
#2
Let's start saying that virtualization isn't a crime. Running the software without a proper license is the right problem.

Who know how Apple manages its OSes regarding licensing but running an emulated iOS or an Hackintosh (macOS running on a non-apple hardware) is illegal. The software is developed to run on specific hardware and with virtualization or hackintosh you are faking it.

Apple is on the right but...... let's say that Apple is like Nintendo: ultra aggressive on defending its own property, better saying its earning.

For example Microsoft Windows Mobile Lumia phone has been modded with public announcements and Microsoft did nothing to the modders community. If we were speaking of Apple... DMCA or worsen could have been happen.
Thanks to Post4VPS and Bladenodefor VPS 14
#3
(12-30-2020, 04:14 PM)LightDestory Wrote: Let's start saying that virtualization isn't a crime. Running the software without a proper license is the right problem.

Who know how Apple manages its OSes regarding licensing but running an emulated iOS or an Hackintosh (macOS running on a non-apple hardware) is illegal. The software is developed to run on specific hardware and with virtualization or hackintosh you are faking it.

Apple is on the right but...... let's say that Apple is like Nintendo: ultra aggressive on defending its own property, better saying its earning.

For example Microsoft Windows Mobile Lumia phone has been modded with public announcements and Microsoft did nothing to the modders community. If we were speaking of Apple... DMCA or worsen could have been happen.

Yes, I see where you are coming from, but macOS and iOS are freeware since we do not pay for updates, the anti-piracy laws do not apply to freeware and Darwin of which macOS is built on falls under the Apple Public Source License and Unix/Darwin are GPL compliant. I do not see an issue with virtualization of the OS, if you are paying for the hardware of the virtualization so in VPS terms, we are paying for the data store, IP etc. and the OS is "free" and then if you want Windows you have to provide your own license for it. The same terms should fall for macOS and iOS, as it does with Android.
Thank you to CubeData and Posts4VPS for the services of VPS 8.
#4
Very good read, In my opinion I think It's just apple being overprotective of their environment. I think it has to do with the fact that Apple wants to limit the "Apple Experience" to their products only. Because otherwise just like you stated, people will find ways to install macOS on their windows laptops and ultimately damage Apple's sales? The same can also be said abt the iOS, if you can simply virtualize it on an android phone then why bother buying a 1000$ iPhone Smile
Thanks to ShadowHosting and Post4VPS for my VPS 5!
#5
I am against a private company having the right to not disclose a customer information even if all circumstantial evidence strongly suggest that we are talking about a person who is guilty with a very high probability. Also sure as hell they should allow into the data of people proven to be guilty. People with tags like hardcore criminals or assassins or terrorists should with adequate proof of their deeds should not any right to privacy whatsoever. especially when it comes to data they have on their devices. Any company claiming to take measures to guard that data should get totally dismantled and thrown to the wolves.

end of my rant here.

Now when it comes disclosing data totally based on suspicion that someone might be hiding something big or just because a big entity wants that data, then not allowing that is very praiseworthy ...

Though I wish they would allow more tinkering in their system. I feel so restricted when using apple device. I do not like how their mobile devices work.
Sincere Thanks to VirMach for my VPS9. Also many thanks to Shadow Hosting and cubedata for the experiences I had with their VPSs.
#6
(12-31-2020, 05:32 PM)Honey Wrote: Very good read, In my opinion I think It's just apple being overprotective of their environment. I think it has to do with the fact that Apple wants to limit the "Apple Experience" to their products only. Because otherwise just like you stated, people will find ways to install macOS on their windows laptops and ultimately damage Apple's sales? The same can also be said abt the iOS, if you can simply virtualize it on an android phone then why bother buying a 1000$ iPhone [Image: smile.png]

I honestly don't think it damages their sales at all, these pockets of the community are still rather fringe if you ask me and its a niche market for sure. I see what you are saying for sure, like in my case, I have a 2019 MacBook Pro and I took a MacPro G5 that I had bought comparable parts to the current generation MacPro. My G5 was outmoded years ago, but I've been able to breath new life into it and Apple isn't out anything. They still get all of my business from subscriptions, developer program fees and so on.

(12-31-2020, 05:32 PM)rudra Wrote: I am against a private company having the right to not disclose a customer information even if all circumstantial evidence strongly suggest that we are talking about a person who is guilty with a very high probability. Also sure as hell they should allow into the data of people proven to be guilty. People with tags like hardcore criminals or assassins or terrorists should with adequate proof of their deeds should not any right to privacy whatsoever. especially when it comes to data they have on their devices. Any company claiming to take measures to guard that data should get totally dismantled and thrown to the wolves.

end of my rant here.

Now when it comes disclosing data totally based on suspicion that someone might be hiding something big or just because a big entity wants that data, then not allowing that is very praiseworthy ...

Though I wish they would allow more tinkering in their system. I feel so restricted when using apple device. I do not like how their mobile devices work.

Yes, I agree with you to an extent, but then it sets a precedent. If Apple was to build a back door for law enforcement how many more people will see incarceration for petty crimes or app developers can exploit that backdoor for leaking our data to marketing publishers or governments, terror groups or black hats using them for espionage against the state and citizens. It's that double edge sword, pandoras box situation where if you just barely crack the lid then chaos ensues after.
Thank you to CubeData and Posts4VPS for the services of VPS 8.


Possibly Related Threads…
Thread
Author
Replies
Views
Last Post

person_pin_circle Users browsing this thread: 1 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting