We know that Apple is giving away special iPhones to certain security researchers
who are looking for a big payday that could add up to as much as $1.5 million. The big jackpot will go to the researcher who finds a flaw in the iPhone and iOS that will allow a hacker to take full control over an iPhone without the phone's owner having to touch any part of the device. That discovery is good enough for $1 million dollars. Any vulnerability found on beta software will reward the researcher with a 50% bonus. That's because the discovery is taking place before the software has been disseminated to the public.
To help researchers find flaws in iOS, a company called Corellium has been offering them a virtual version of the iPhone and iOS over the last few years. According to Bloomberg
, Apple is not taking this sitting down and has filed a lawsuit in the United States District Court for the Southern District of Florida for what it calls "a straightforward case of infringement of highly valuable copyrighted works." Apple points out that without obtaining a license or permission from Apple, Corellium offers a "virtual" version of Apple's devices with "fastidious attention to detail." The tech giant says that not only does the facsimile look and respond the same on a web browser as the mobile device that its customers pay for, Corellium also includes the appropriate computer code.
And sure, you might say that Corellium is doing Apple a big favor by selling the virtual iPhone because it will help researchers pass along their findings to Apple. However, as Apple points out in the suit, those who paid to use the virtual iPhone ended up selling discovered flaws to third-party exploit traders. This makes sense because a private installation of the virtual iPhone costs as much as $1 million according to the court papers filed by Apple.
"This is a straightforward case of infringement of highly valuable copyrighted works. Corellium’s business is based entirely on commercializing the illegal replication of the copyrighted operating system and applications that run on Apple’s iPhone, iPad, and other Apple devices. The product Corellium offers is a “virtual” version of Apple mobile hardware products, accessible to anyone with a web browser. Specifically, Corellium serves up what it touts as a perfect digital facsimile of a broad range of Apple’s market-leading devices—recreating with fastidious attention to detail, not just the way the operating system and applications appear visually to bona fide purchasers, but also the underlying computer code. Corellium does so with no license or permission from Apple."-Excerpt from Apple's lawsuit
Corellium's subscribers can choose the iPhone model and the version of iOS they want to virtually run
Apple claims that at the Black Hat security conference that took place earlier this month, Corellium "specifically emphasized" that its Apple Product is an exact copy of Apple's copyrighted works and was created to help researchers and hackers test iOS for vulnerabilities. Apple even points out that 15 days after unveiling the iPhone XS
, iPhone XS Max
and iPhone XR
on September 12, 2018, Corellium announced that its Apple Product supported the new phones and the latest version of iOS.
A Real Apple iPhone X and Corellium's virtual copy side-by-side
An image included in the suit shows how Corellium subscribers can even choose which virtual iPhone they want to use and then select the version of iOS that they want to run on it. Once a subscriber has created a virtual iPhone, copies of the virtual device and the iOS version selected can be made. Apple alleges that Corellium's servers contain "numerous copies of iOS."
Subscribers to Corellium's Apple Product select the iPhone they want to use...
Apple is seeking a permanent injunction against Corellium and an order preventing the company from marketing, selling, and distributing its Apple Product. Apple also wants to stop all subscribers from using the virtual iPhone and wants the defendant to issue a notice to past and present subscribers telling them that use of the product infringes on Apple's copyrights. Apple also wants all infringing material destroyed and is seeking damages, lost profits, court costs and attorney’s fees.
...along with the version of iOS they want to run on the virtual device