
Apple subpoenas Santander and US intelligence contractor on use of Corellium - willstrafach
https://www.forbes.com/sites/thomasbrewster/2020/02/22/apple-just-demanded-santander-and-a-50-billion-us-intelligence-contractor-reveal-how-they-use-iphone-hacking-tech/
======
lolc
A lot of interesting stuff may become public from this.

1\. Is Apple scared that backdoors will be found in Ios? It's much easier to
find them in a virtual environment.

2\. As the article mentions, there may be zerodays for Ios developed by
Corellium. It would be great to know the extent of this.

3\. We might learn more about current phone cracking capabilites in general.
That may open a few eyes, including mine.

I'm currently just very happy to have learned that people are poking at
Apple's walled garden. Watching from the sidelines, I will appreciate any and
all punches in this conflict. When secretive organizations battle in court,
collateral exposure may happen :-)

~~~
threeseed
You seem to have a very flippant attitude on this.

Backdoors in Android and iOS costs lives. There are many governments who today
kidnap, torture and kill citizens and even non-citizens based on compromised
phones e.g. Jamal Khashoggi.

And to have companies like Correlium enabling and profiting from this is
utterly reprehensible. They aren't altruistic or making the world safer or
being selective in who they sell their technology. They are simply the modern
day equivalent of a shady arms dealer.

~~~
kick
Security by obscurity is no security at all, because any repressive government
will already be shining a flashlight at it to try and find anything they can.
Making it faster for security researchers to find vulnerabilities means that
there are less people vulnerable.

~~~
threeseed
I am not advocating against this sort of technology at all.

I am against it being a product sold exclusively and secretly to enterprises
and governments. The sort of entities who are not informing Apple and Google
about vulnerabilities but instead using them for unethical and criminal means.

------
roseway4
> In his own words, as filed with the court, Federighi said: “On Saturday
> February 8, 2020, a process server was outside of my home. He came to my
> front door and attempted to serve a subpoena to me, but my wife turned him
> away.”

That's not harassment. It's due process.

~~~
Keverw
Wonder if it's normal to serve people at their homes instead of at the office?
But sounds pretty standard stuff otherwise if you have to serve them.

------
exabrial
Apple is just mad someone is doing virtualization, a technology the refuse to
embrace.

~~~
colejohnson66
While they may not _embrace_ virtualization, they certainly don’t stop people
from doing it. If they wanted to, they _could_ disable the Intel VMX
instructions, but VM programs on macOS clearly show that they don’t.

As for Hackintoshes, that’s just because Apple doesn’t have a financial
incentive to write drivers for hardware that isn’t their own; They make money
from the hardware, not software (macOS is actually free and has been for a few
years). You’re free to buy compatible hardware or write your own drivers. In
fact, many do write drivers for incompatible hardware; That’s how the
Hackintosh hardware selection grows.

~~~
jayd16
The EULA states you're only allowed to run two OSX VMs on a machine already
running OSX or to install OSX on a Apple hardware.

It does not grant permission to install on custom hardware.

If you can show me how I can legally run a virtualized OSX build farm please
please tell me how.

[https://images.apple.com/legal/sla/docs/macosx107.pdf](https://images.apple.com/legal/sla/docs/macosx107.pdf)

~~~
youngtaff
Installing Apple's OS on non Apple hardware is at most a Breach of Contract
which is very different from being illegal.

~~~
wyldfire
While it's not criminal, infringement or breach of contract does create an
opportunity for Apple to bring suit and have discovery.

