Apple loses copyright lawsuit against Corellium

A U.S. federal judge Tuesday dismissed Apple’s copyright infringement lawsuit against cybersecurity startup Corellium.

Apple loses copyright lawsuit against Corellium
iPhone passcode lock screen

The product Corellium offers is a “virtual” version of Apple mobile hardware products, accessible to anyone with a web browser. Specifically, Corellium serves up what it touts as a perfect digital facsimile of a broad range of Apple’s market-leading devices—recreating with fastidious attention to detail not just the way the operating system and applications appear visually to bona fide purchasers, but also the underlying computer code. Corellium does so with no license or permission from Apple. — Apple Inc.

Agence-France Presse:

Judge Rodney Smith said Apple failed to show a legal basis for protecting its entire iOS operating system from security researchers… The judge ruled that Corellium’s work, which is designed to find security holes in the software, was “fair use” of copyrighted material.

“From the infancy of copyright protection, courts have recognized that some opportunity for fair use of copyrighted materials is necessary to fulfill copyright’s purpose of promoting ‘the progress of science and useful arts,'” Smith wrote.

The ruling, if upheld, represents a victory for security researchers who could face civil or criminal penalties for reproducing copyrighted software as part of efforts to find vulnerabilities. It also limits Apple’s efforts to exercise full control of its iPhone software and its ability to force third parties to use its proprietary security research tools.

MacDailyNews Take: We expect Apple will appeal this one.

Again, there is a reason why too many failed attempts to unlock disable an iOS device: Security.

Corellium allows this important security feature to be sidestepped allowing for brute-force attempts to unlock devices, among other things.

Apple already offers a $1 million “bug bounty” for anyone who discovers flaws in iOS and gives custom “dev-fused” iPhones to legitimate researchers.

To thwart brute-force attempts to unlock your devices, always use long, custom, alphanumeric passcodes. Use at least seven characters – even longer is better – and mix numbers, letters, and symbols.

To change your passcode in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code


    1. Yes it will be interesting to see if Chinese companies are allowed similar rights if not then I think we know the answer, then it shows that this does indeed encourage security breaches… just turns a blind eye to those deemed favourable to the authorities.

    1. Uh, no, adding case sensitivity to passwords adds 26 characters to the complexity possible of the password in one fell swoop. Removing case sensitivity makes it much easier to crack a password.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.