Some security researchers say they’re too scared to buy, use, or even talk about the controversial iPhone emulation software Corellium, whose makers are in a legal battle with Apple.
Last year, Apple accused a cybersecurity startup based in Florida of infringing its copyright by developing and selling software that allows customers to create virtual iPhone replicas… Very few people, especially current and former customers and users, want to talk about Corellium, which sells the eponymous software that virtualizes iPhones and Android devices. During the lawsuit’s proceedings, Apple has sought information from companies that have used the tool, which emulates iOS on a computer, allowing researchers to probe potential iPhone vulnerabilities in a forgiving and easy-to-use environment.
“Apple has created a chilling effect,” a security researcher familiar with Corellium’s product, who asked to remain anonymous because he wasn’t allowed to talk to the press, told Motherboard… Several other cybersecurity researchers expressed fear of retribution from Apple for using Corellium.
MacDailyNews Take: Again, there is a reason why too many failed attempts to unlock disable an iOS device: Security.
Corellium allows this important security feature to be sidestepped allowing for brute-force attempts to unlock devices, among other things.
Apple offers a $1 million “bug bounty” for anyone who discovers flaws in iOS and gives custom “dev-fused” iPhones to legitimate researchers.
Again, you couldn’t beg for a lawsuit from Apple any better than Corellium, and that’s a list that includes the likes of Psystar!
To thwart brute-force attempts to unlock you devices, always use long, custom, alphanumeric passcodes. Use at least seven characters – even longer is better – and mix numbers, letters, and symbols.
To change your passcode in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code