
Apple files lawsuit against Corellium for iOS emulation - rvz
https://www.bloomberg.com/news/articles/2019-08-15/apple-seeks-to-shut-down-corellium-s-perfect-replicas-of-ios
======
gjsman-1000
To confused HN commenters: Correlium works by offering VMs of iOS and all
models of Apple device, and allowing Terminal access (i.e. pre-jailbroken)
access the operating system underneath.

For example, as a security researcher, I could order a copy of iOS 11.1
running on an iPhone 6 32GB. It would be spun up and accessible in about 3 or
4 minutes, and I could run direct commands on the Darwin kernel underneath.

Why is this illegal? Correlium DOES NOT have a physical iPhone 6 that it is
screen recording. They actually have made copies of various iOS releases, and
are running them on virtualization software, while making big bucks from the
researchers for this technology.

Will Apple win? Well, if you look at the Apple vs Psystar case of 2007 (in
which Apple won pretty much every case and appeal and every injunction they
filed for), the odds of victory from Correlium is about as likely as Bill
DeBlasio winning the 2020 Election.

~~~
blazespin
There is a fair use case here. My understanding is that you're allowed to do
this sort of thing for purpose of security research.

It most definitely is not unethical. Illegal perhaps, but unethical? Please.

If they are trying to make money off selling to people doing something other
than security research (say, playing games and using apps), than yeah, that'd
be unethical.

~~~
gjsman-1000
To make copies of iOS (against ToS), run it on non-Apple-branded devices
(against ToS), and make profit off it?

Like, I could see fair use for an individual security researcher, but a
business making profit circumventing Apple's ToS and security in multiple
ways, and encouraging others to do the same? I find it unlikely to pass.

~~~
blazespin
I hope it does. Why are researchers doomed to make their own tools from
scratch?

~~~
lokedhs
Isn't this exactly the same restrictions that IBM imposes on licensees of the
z/OS operating system?

You can run z/OS just fine on Hercules (mainframe emulator) but IBM does not
allow it, and for this reason no one does it.

Given the potential profit in providing emulated z/OS hardware, the fact that
no one provides this is quite telling.

~~~
Aloha
Lots of folks do it, no one is tries to make money off of it (or at least
stops trying after the initial letters from IBM legal arrives).

Hercules is an interesting case because it's widely rumored to be used inside
IBM to run modern System Z releases.

In this case however the company in question isn't just making and selling an
emulator you can run iOS on, its selling hosted iOS as a service, which is a
clear license violation - just making the emulator and instructions for use
available for sale would be quite legal.

~~~
fragmede
The Psystar case (or at least, my read of Apple's opinion of that situation),
implies that Apple (circa early 2000s) considers making such an emulator
available would not legal.

~~~
Aloha
The issue with the Psystar people was they were selling configured systems
loaded with software, not a kit the end user would assemble themselves.

------
gradschool
Does anything in copyright law entitle Apple to impose conditions on the use
of software it gives away for free online (e.g., that it may be run only on
Apple hardware)? It would seem analogous to me writing a book and offering it
free online but licensed only to be read in a comfy chair with a nice cup of
tea. Maybe I'm in the furniture business and my livelihood depends on
everyone's compliance. I bring this up because I wonder if fanboyism is
clouding our collective judgment where we might otherwise greet these so
called terms of service with the contempt they so richly deserve.

~~~
torstenvl
> _Does anything in copyright law entitle Apple to impose conditions on the
> use of software it gives away for free online (e.g., that it may be run only
> on Apple hardware)?_

No. Nothing in copyright law allows this. However, everything in contract law
allows this.

Copyright law forms the underlying background situation only. Under 17 U.S.C.
§ 106, the default is that only the copyright owner may make copies
(including, e.g., the copy made when installing the software or the copy made
into memory when running it).

However, those exclusive rights may be licensed to others. (Under 17 U.S.C. §
117, a software licensee, or the lawful owner of a _copy_ of the software, may
always copy the software to install/run or to make an archival copy.)

Licenses are governed by contract law. Contract law typically consists of an
offer, acceptance, and some thing of value traded by each side. Restatement
(Second) of Contracts, § 17(1).

The thing exchanged can be a promise, a forbearance (i.e., a license), a
conditional promise, or any number of things. Restatement (Second) of
Contracts, §§ 71-81.

In this case, the license to copy the software to your internal storage and
from there into RAM is offered conditionally. In return, you promise not to
run it on non-Apple systems. If you break your promise, the conditions of
Apple's license to you are triggered and your license terminates. All of that
is governed by contract law.

The backstop to that, though - the legal stick - is that now you're using an
unlicensed copy and continuously copying it into RAM to use it. That is what
opens you up to copyright violation liability.

~~~
wayneftw
I thought there needed to be 2 parties in agreement to enter a contract. I
don't know much about how Corellium does business, but if they can get their
hands on iOS images without specifically agreeing to a contract - is there a
contract?

Perhaps the whole EULA thing is old news but I'm still not sure if I'm bound
to every condition stated in a EULA when my cat clicks "Agree"... I thought at
one point, the courts ruled that EULAs are pretty toothless. These are honest
questions - I have no clue.

~~~
zimpenfish
> if they can get their hands on iOS images without specifically agreeing to a
> contract - is there a contract?

If I can get my hands on your car without specifically agreeing a contract to
pay for it, ...

~~~
saghm
The issue with this argument is that there can only ever be once instance of
my car in existence at a given time. If you take my car, I don't have it. If
you download a copy of my software that I give away for free and use it in a
way I don't want you to, that doesn't stop me (or anyone else) from using it.
That's not to say that there isn't some argument that using software against
the terms of a license should be illegal; I just don't think the analogy to
physical goods is a very good one.

~~~
torstenvl
What's the difference between you owning a car and you having the right to use
a communal car?

The core of the legal concept of property is the _right to exclude_ others.
This is an academic philosophical lens to view it through, but it's
fundamental to understanding how the law treats these things. "Property" isn't
a physical thing itself, it's your right to exclude others. (This, by the way,
is also a useful lens through which to view Fourth Amendment jurisprudence).

The property you're "stealing" in a copyright infringement case isn't the bits
themselves. The property is the right to exclude others from copying, publicly
performing, etc. By doing so without a license, you're denying the software
licensor the ability to exclude you.

------
emdowling
I co-founded a company called App.io which ran from 2012 to 2015. We let
people run iOS apps in the browser and we did it by streaming the simulator
from virtualised macOS instances. We were running EXSi on Mac Minis colocated
in data centres around the world and the system ultimately worked really well
(we definitely had scalability issues with such an unconventional setup).

We were quite tight with Apple. We had meetings on campus with senior
executives that led to a pilot program with iAd where people could actually
play games as an interstitial ad unit. We had employees at Apple who were
dedicated to working with us to run this pilot program. Apple ultimately
decided to shut down iAd which doomed our collaboration and possible
acquisition opportunities.

So this move is really fascinating to me personally. Apple knew how we were
doing it and embraced it, probably because we weren't competing against them
or undermining the security of their OS.

~~~
threeseed
It's all about the security of the OS.

Apple is depending on privacy and security to be a key differentiator with
other phones, tablets and computers. Especially as the markets for all three
are slowing as new features are harder to invent.

This company undermines this by allowing anyone to find bugs whilst
encouraging them to profit off it instead of working with Apple.

~~~
pr0zac
Its not about security and privacy, its about obscurity and PR.

Corellium is heavily used by security researchers, killing it will reduce the
number of bugs that are found in iOS and make the platform less secure
overall.

Apple wants to project the appearance they have minimal security flaws and
they accomplish this largely by making security research more difficult to
perform.

I'm also confused why you seem to think security researchers don't deserve to
get paid for their work. Bug bounties have been around for a while now for a
reason.

~~~
fragmede
Not GP poster but the contradiction is Apple (wants to be) serious about
security. Thus, Apple will pay for (certain kinds of) bugs. Corellium is used
to find bugs. Apple is trying to shut down Corellium.

This move by Apple seems to contradict the notion that Apple is serious about
security - how are researchers supposed to find bugs without this?(a
successful lawsuit would also set precedent that no US entity could run a very
similar service)

Sure, there's workarounds (eg buy a pile of iPhones), but why is Apple making
it harder to secure their product?

------
fuzz4lyfe
>“Although Corellium paints itself as providing a research tool for those
trying to discover security vulnerabilities and other flaws in Apple’s
software, Corellium’s true goal is profiting off its blatant infringement,”
Apple said in the complaint. “Far from assisting in fixing vulnerabilities,
Corellium encourages its users to sell any discovered information on the open
market to the highest bidder.”

Why doesn't Apple simply outbid whomever is outbidding them? Why is Apple
entitled to security research at anything less than the current market rate?

~~~
Iv
For the same reason a host is entitled to prior disclosure of its unfixed
vulnerabilities.

Selling vulnerabilities on an open market should be outlawed. Either disclose
them publicly for free, or participate in a bounty program by the software
owner. People selling undisclosed vulnerabilities should be considered
accomplice of people who then use it to break into systems.

~~~
kjksf
U.S. has very strong free speech protections, codified as First Amendment in
the Constitution.

As such it's unlikely that such restrictions would survive a constitutional
challenge.

~~~
youareawesome
The 1A is about freedom to express any idea or opinion, not about literally
publishing or saying whatever you want. Purposeful lying, for instance, is not
covered under 1A. Finding bugs for the purpose of selling them to people with
malicious intent is malicious itself, and is very likely not covered under 1A.
All rights imply a commensurate duty. You don't have freedom of speech for the
purposes of harming others.

~~~
jimktrains2
> Purposeful lying, for instance, is not covered under 1A.

Yes, it is. The restrictions to the first amendment are very tight and very
narrow.

> You don't have freedom of speech for the purposes of harming others.

So, that's complicated. You can't incite violence, but you're more than
allowed to disparage groups of people.

------
steeve
Corellium is an amazing product and I wish they win. They fill a massive gap
that Apple is not addressing. Apple is not very good at doing good dev tools (
_cough_ xcode monolith _cough_ ), so when somebody enters the game and gets
dev excited again about their platform, I think they should embrace it and buy
them.

------
ikeboy
[https://www.courtlistener.com/docket/16064642/apple-inc-v-
co...](https://www.courtlistener.com/docket/16064642/apple-inc-v-corellium-
llc/)

Some documents here.

------
United857
Just to clarify, it's not 'emulation' \-- they have patched a copy of iOS
itself to run on stock ARM devices, virtualizing hardware as needed.

It's the same idea as a 'Hackintosh' but with iOS/ARM instead of macOS/Intel.

------
michaelmrose
Can anyone explain the exact nature of the infringement here? Presumably
illegally copying the software from a device to a vm? Is there a logical
strategy to counter this claim by Corellium?

~~~
Iv
If that's the case I would have much more sympathy for Apple if there were a
legal way of doing this.

~~~
saagarjha
They’re planning on making “research devices” available to a select group of
people soon.

------
blazespin
Interesting case. Corellium should be allowed to sell to bonafide security
researchers, Apple even admits it themselves - "“Corellium is not selectively
limiting its customers to only those with some socially beneficial purpose.”".

That said, who gets to be a bonafide sec researcher? Love to see how apple can
define that.

The fact that they encourage vulns to be sold to an open market is likely a
problem. They might have to shut that down and move to a wink wink mode.

Very interesting case indeed.

~~~
gjsman-1000
It may, however, be that Apple thinks that pointing out they aren't selling to
only security researchers or other "socially beneficial" people is easier than
getting into a fight about fair use, which would also bring bad PR.

------
bangonkeyboard
Corellium looks amazing. It or something like it may be our best chance for
preserving what iOS/app history is still available.

------
matheweis
This comes hot on the heels of an announcement from Apple that they are
starting up a new program to allow select security researchers access to
iPhones with a majority of security features disabled. I wonder if it is
somehow related.

[https://www.bloomberg.com/news/articles/2019-08-08/apple-
to-...](https://www.bloomberg.com/news/articles/2019-08-08/apple-to-give-
researchers-special-iphones-to-up-its-security)

------
adamnemecek
Does anyone know how Corellium works?

~~~
saagarjha
It’s a custom bootloader and hardware that loads iOS images that Apple
distributes.

~~~
adamnemecek
What hw? There's no iphone involved?. Or is this in addition to iPhone?

~~~
saagarjha
There’s no iPhone.

~~~
adamnemecek
That's pretty crazy. Is this like custom PCBs or off-the-shelf HW.

~~~
tbodt
Off-the-shelf ARM systems

------
ihuman
How does this compare to Sony vs Bleem? Bleem was a commercial Playstation 1
emulator that Sony sued. Bleem won, but the company shut down due to the cost
of the legal fees.

~~~
gjsman-1000
Bleem didn't violate any of Sony's patents or rules. It allowed unauthorized
code to run through the use of a bug, but it didn't, you know, come with
illegal copies of the games, or copy the PlayStation ROMs. It didn't copy any
Sony code. It let users use the console in a way Sony didn't like, but didn't
ACTUALLY "harm" Sony in any way.

This is different. In the US, bugs are actually "legal" to buy and sell and
protected by the 1st. However, how you USE those bugs is a different matter.

What is happening here? Corellium has copied iOS code, is running it on non-
Apple hardware by virtualization, and justifies what would typically be a
majorly illegal process (i.e. what if HTC made a phone running iOS?) by
claiming "security researchers."

------
firecall
How does this work then?

Are they able to fully emulate an iPhone?

------
SomeOldThrow
> There is no basis for Corellium to be selling a product that allows the
> creation of avowedly perfect replicas of Apple’s devices to anyone willing
> to pay.

It's hard to be sympathetic when Apple's business model is built around
preventing users from using the software they pay for in ways Apple does not
approve of—sometimes you can frame this around profit, but the problems hardly
stop there (e.g. they exercise political control of their platform, too). If
this isn't a legitimate market, I don't see any good that comes from making
this market illegal.

That said Corellium doesn't seem to be aimed at anything good, either, so this
should be fun to watch.

~~~
wayneftw
Absolutely. I have zero sympathy for Apple and I hope they lose this and their
anti-trust case. At the very least, I hope it costs them billions.

IMO, it should be illegal for companies to sell computer hardware and then
block users from sideloading.

------
tyingq
Expect a new startup in Russia or similar if Apple crushes them.

------
mlindner
I think this is reasonable. Corellium is committing blatant copyright
violation for profit. I think this is a pretty open and shut case win for
Apple.

------
buboard
How could they change their service to circumvent apple here? E.g. what if
they provided the VMs but the user had to manually upload the OS image?

------
paulcarroty
Corellium actually does mobile hackintosh, very cool. I suppose they collected
money for lawyers before started the big business.

