Apple encourages benevolent 'white hat' hacking, but claimed Corellium simply enables customers to sell security flaws to the highest bidder.
- Apple is suing Corellium, a company which claims to create perfect virtual copies of Apple devices within a web browser so customers can probe them for security vulnerabilities.
- Apple alleges Corellium is infringing on its copyright by replicating its iOS.
- Apple encourages benevolent "white hat" hacking, but claims Corellium simply enables customers to sell security flaws to the highest bidder — including foreign intelligence agencies.
- Visit Business Insider's homepage for more stories.
Apple on Thursday filed a lawsuit suit against Corellium, a company which creates virtual versions of Apple's operating system, iOS, within a web browser so people can test it for security flaws.
In its suit, filed in the Southern District of Florida and first spotted by Bloomberg, Apple claimed that Corellium's replication of iOS constitutes copyright infringement.
"Corellium's business is based entirely on commercializing the illegal replication of the copyrighted operating system and applications that run on Apple's iPhone, iPad, and other Apple devices," the suit said. It added that Corellium had no licence from Apple.
"There is no basis for Corellium to be selling a product that allows the creation of avowedly perfect replicas of Apple's devices to anyone willing to pay," Apple wrote in the suit.
Like many big tech companies, Apple encourages "white hat" hacking, which involves getting hackers to find flaws in its code then report them. Apple incentivizes this with cash rewards — last week, for example, it announced a bounty of $1 million for people that can pull off a specific iPhone hack.
Apple noted in its suit that it doesn't want to dissuade "good-faith security research." However, Apple alleged that Corellium is marketing its product for more nefarious purposes.
"Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder," Apple alleged. "Enough is enough," it added.
In one example, Apple points to a tweet from Corellium's official account offering customers an alternative to buying on eBay "jailbroken iPhones," which allow users to download apps that are not authorized by Apple.
—Corellium (@CorelliumHQ) January 22, 2019
Apple also honed in on a reported customer of Corellium's, a security company called Azimuth. "Azimuth's customers reportedly include foreign governments, including foreign intelligence agencies," Apple alleged, citing a Motherboard article from last year.
Apple and Corellium were not immediately available for comment when contacted by Business Insider.