Apple filed a second lawsuit against the virtual operating system developing company Corellium. Apple accused Corellium of copyright infringement as the latter is releasing a product that can emulate Android OS on iPhones. Though the software supports older versions of the iPhone, Apple still sees this as a risk to its product. This new jailbreak software known as Sandcastle uses Checkra1n’s jailbreak function to implement Apple into Android.
Back in August 2019, the lawsuit claimed violation of copyright infringement and vulnerability of security breach on the iOS operating system. Corellium disagreed and denied these claims. The company further added that it only targets well respected financial institutions, security researchers and government agencies.
Corellium also pointed out Apple for encouraging the development of its software in the past and accepting it as a participant in bug bounty programs. Apple even offered to pay for software bugs and utilized bug report submissions by Corellium.
The new software bypassed through iOS 13 but is only applicable to old devices. These include the iPhone 7, iPhone 7 Plus and iPod touch. Although this holds no threat to newer devices such as iPhone 11, Apple sees it as bigger matter. Some accusations also indicated the risk of losing market shares in courtesy of Corellium. This may not be the case however as a single virtual software is no way near capable of replacing Apple devices.
Corellium’s virtualization software targets software engineers for testing, teaching and research purposes. By replacing a whole rack of different apple devices with a virtual one, it saves both money and time for small groups of software engineers giving them more room for growth.
Corellium’s statement added:
By requiring that security researchers use its physical development devices to the exclusion of other products, including its attempt to stop Corellium from offering a more efficient alternative to its dev devices, Apple is trying to exclusively control how security research is performed, and who is able to perform that research.
With this whole dispute still in process, it is to be noted that Apple accused Corellium of the violations just a few days after launching its iOS security research device program, where a few pieces of research will have access to a slightly less limited version of the iOS devices in order to seek vulnerabilities in the operating system. With Corellium bringing valid points in defense, we have yet to see a conclusion of this lawsuit claim.