Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Corellium's CEO has been drinking her own cool aid.

I mean, Corellium are parasites; they exist by living off the caracass created by others. They have created nothing of value, really. She's trying to make them sound like the gatekeepers of security. They are no such thing. If they want to be that, they should go harden Android.
Android is open source, so it's not like anyone needs Corellium to peep into its internals...
 
If there is nothing suspicious about the CCPSAM code, what do they have to hide? Do they support flaws? ;)
 
  • Like
Reactions: So@So@So
For security researchers to be able to do their thing, they need to be able to jailbreak the iOS to be able to get root access, Corellium allows security researchers to do that. The problem will jailbreaking iOS and getting root access means third party code could be written to either disable or prevent CSAM from running on the device.

I am wondering if Apple are concerned that jailbroken iOS will allow third party code to be able to disable or prevent CSAM from working and thus they are trying to find ways to make the process illegal when it is out of the confines of Apple. At the present moment, what Corellium does is legal but I am wondering if Apple are going after them to try and get it so it is illegal and then when privateers start advertising their jailbreak services with the purposes of being able to prevent CSAM from working, Apple would have legal recourse to go after them.

At the present moment, Apple would not be sucessful in taking privateers who offer iOS jail breaking services to court because all they have to do is stand up in court and say 'Corellium is allowed to jailbreak phones, all I am doing is the same, therefore why is Apple not taking them to court and just me?'. If Apple is able to get the practice banned by stopping Corellium, Apple would then be able to go after all those who provide iOS jail break services, thereby keeping CSAM intact.
 
So do you want security researchers auditing your efforts or not Apple?

Pick a side
You just didn't get it – the security researchers are auditing Apple – not us.
They are doing this to prevent us being spied and to hep making iOS more secure.
 
For security researchers to be able to do their thing, they need to be able to jailbreak the iOS to be able to get root access, Corellium allows security researchers to do that. The problem will jailbreaking iOS and getting root access means third party code could be written to either disable or prevent CSAM from running on the device.

I am wondering if Apple are concerned that jailbroken iOS will allow third party code to be able to disable or prevent CSAM from working and thus they are trying to find ways to make the process illegal when it is out of the confines of Apple. At the present moment, what Corellium does is legal but I am wondering if Apple are going after them to try and get it so it is illegal and then when privateers start advertising their jailbreak services with the purposes of being able to prevent CSAM from working, Apple would have legal recourse to go after them.

At the present moment, Apple would not be sucessful in taking privateers who offer iOS jail breaking services to court because all they have to do is stand up in court and say 'Corellium is allowed to jailbreak phones, all I am doing is the same, therefore why is Apple not taking them to court and just me?'. If Apple is able to get the practice banned by stopping Corellium, Apple would then be able to go after all those who provide iOS jail break services, thereby keeping CSAM intact.
And then again, one would have to wonder, why such a tremendous effort for a supposedly secondary feature that isn’t even monetizable? “It’s no big deal but we’re pushing it no matter what and suing anybody who dares to interfere”

In the meanwhile, China’s tech crackdown continues… can you imagine what would happen to AAPL if Apple gets banned in China?
 
Last edited:
  • Like
Reactions: So@So@So
CSAM is only Apples first step into a complete surveillance OS. This can be proofed by the fact that the current local scanning introduced with iOS15 is completely useless and could easily be done cloud only.

The only valid question is about what Apple plans to do with its local scanning software in the future. So there is more to come. Local scanning software also implemented in macOS? Usage of Apple scanning software mandatory for all Apps?
Apple started as an underdog, fighting big and evil IBM long time ago. Now it looks like Apple became evil, too. Is this was Steve had in mind? Guess not.

Tim Cook should step back - btw all those old „evangelists“ should retire. Apple needs fresh people and fresh ideas. A rotten Apple doesn‘t taste well.

Although I agree with your statement, I completely disagree about Epic. Tim Sweeney is a hypocrite and Epic is team China. They are worse.
 
Edit: Much better reporting from 9to5mac, https://9to5mac.com/2021/08/17/appl...s-appeal-notice-in-lawsuit-against-corellium/

Apple’s notice of appeal for copyright infringement is related to the summary judgment that was set in December 2020 and published today with the final judgement. Documents seen by 9to5Macconfirm that the settlement between Apple and Corellium was only about the DMCA claim.

------------------------------------------------------

Guys you need to stop now. For some people Macrumors used to be an Apple could do no wrong forum. Pull out of EU, Germany UK, AUS, South Korea, Russia ( did I miss any? ). If you dont like x go to Android or make your own smartphone.

You need to give those Apple defender (1) some breathing space. They completely vanished. Not only do they not comment on any of those issues and try to defend Apple. They dont even press the downvote button anymore.

And this is not a joke. Most of them haven't posted a thing for the past two weeks. I was actually eager to see what they have to say about it.
(1) Or any word that are deemed appreciate in place of defender. The word I have in mind was somehow deemed inappropriate.
 
Last edited:
  • Haha
Reactions: Dremmel
CSAM is only Apples first step into a complete surveillance OS. This can be proofed by the fact that the current local scanning introduced with iOS15 is completely useless and could easily be done cloud only.

The only valid question is about what Apple plans to do with its local scanning software in the future. So there is more to come. Local scanning software also implemented in macOS? Usage of Apple scanning software mandatory for all Apps?
Apple started as an underdog, fighting big and evil IBM long time ago. Now it looks like Apple became evil, too. Is this was Steve had in mind? Guess not.

Tim Cook should step back - btw all those old „evangelists“ should retire. Apple needs fresh people and fresh ideas. A rotten Apple doesn‘t taste well.


I think they‘re already bringing the CSAM scanning to MacOS.

My guess is that they’re trying to push the idea that they can track and log activities on device, send it off to third parties, and still maintain your privacy. So, I think this something to do with tracking users for advertising.
 
I’m not sure why you’re attacking me. I made it pretty clear that I think that Apple is opening an enormous can of worms. Some people stand on the shoulders of giants, and some people slip on worms.

That said, I’m very concerned that in lashing out at me you have ulterior motives. I generally agreed with your other comments, but your diatribe indicates that there may be something else going on.

if you think my comment qualified as an attack then you’ve not been on the internet very long.

But feel free to enlighten me: what is the “alterior motive” behind my “diatribe“? I was simply pointing out that if Facebook can open source their CSAM research then why not Apple?

Edit: I will add that every system widely used “relies” to some extent on security by obscurity. There is an alternative, where the entire system is proven correct (with the caveat that you have read Gödel Escher Bach). Writing provable software (and hardware; check out Clash, a Haskell domain specific language) is something that is gaining traction, but it will be many years before that is a general expectation (and therefore widely funded). Apple furthered this by perhaps a decade by funding the LLVM project and hiring Chris Latimer (not because LLVM directly made compilation provable, but because it made compilation more easily analyzable [and therefore more easily provable]).

TLDR, we’re making progress, but most “coders” are not computer scientists or even engineers (even at Apple and Google), and provably correct software or hardware is still mostly, and unfortunately, academic.

Yes, I can see what you’re saying. I had to work with Z while I was studying, and it wasn’t pleasant. Still, I don’t believe that keeping your stuff hidden is the best way to prevent it from being breached. Exposing it to experts is the best way of finding security holes. There are a lot people outside Apple and Google who do have this expertise, and can help if they’re able to.
 
...

According to Reuters, security researchers are surprised that Apple has opted to revive its legal battle with Corellium after the settlement terms, and after Apple's Craig Federighi said that security researchers would serve as a check on its plans to scan iPhones and iPads for CSAM to make sure the scanning is limited to CSAM. Security researchers will be able to confirm that the database of images used to match CSAM content on user devices only consists of content from agencies like the National Center for Missing & Exploited Children.

Earlier today, Corellium said that it was launching an "Open Security Initiative" aimed at rewarding independent public research into mobile devices. Corellium's first focus is Apple's CSAM system and the company has called on security researchers to submit projects designed to validate "any security and privacy claims" from any mobile software vendor. Qualifying submissions will receive up to $5,000.

It's possible that Apple's decision to revive the Corellium lawsuit is related to Corellium's announcement earlier today. In a statement, Corellium Chief Executive Amanda Gordon told Reuters that "enough is enough." "Apple can't pretend to hold itself accountable to the security research community while simultaneously trying to make that research illegal," she said.

Article Link: Apple Appeals Corellium Copyright Lawsuit Loss After Settling Other Claims

Assuming those researchers actually were surprised (i.e. that they weren't being disingenuous), that would suggest a lack of understanding of the issues on their part. I think it was always a safe bet, even with the announced settlement of certain other claims, that Apple was going to appeal the infringement decision.

As for Apple's decision to file a notice of appeal being related to Corellium's announcement, Apple indicated in a filing a couple of days ago that it was going to appeal the infringement decision. Apple and Corellium filed a joint stipulation with the court asking the court to enter a final judgment so that Apple could file its notice of appeal.
 
  • Like
Reactions: hans1972
Guys you need to stop now. For some people Macrumors used to be an Apple could do no wrong forum. Pull out of EU, Germany UK, AUS, South Korea, Russia ( did I miss any? ). If you dont like x go to Android or make your own smartphone.

As an individual I have supported Apple for decades and spent hundreds of thousands on their hardware (and I don't mean the iCrap; amongst many other things, I have a 7,1 sitting on my desk which cost upwards of $35K+ -- and no, I didn't buy that to surf the internet and ultimately the simple solution is unplug it from the internet).

If people have issues with the way the company is being run, they are free to voice them. If enough shareholders have issues -- the stock actually starts to lose value, which is the only metric anybody cares about -- then perhaps Apple needs to rethink their approach.

My own reality-based path forward is: I will be placed in the completely absurd position of having to jailbreak my own property, c'est la'vie, I haven't bothered to jailbreak iPhone in many years, I guess now I need to start and add T2 devices to that list.

...

Addressing the core of your message: I do not live in China, Russia, AUS, or South Korea. Unsure why you have Germany in that list, members of German parliament seem to be writing letters asking Apple to stop with the scanning: https://forums.macrumors.com/thread...-cook-to-abandon-csam-scanning-plans.2307920/

Apple already caved in to China a long time ago. Call me selfish but I don't actually care what spyware Apple adds to snitchOS in jurisdictions which do not have due process, or the legal frameworks in place to prevent government from turning into Big Brother by having monolithic tech companies collude with them and conduct warrantless searches. I don't choose to live in China.

I understand and am fully cogent and aware that Apple didn't wake up one day and go, "hey, this is a neat idea! Let's start spying on our users and destroy one of the foundational reasons people flock to our brand in the first place -- the illusion of privacy."

Apple is under tremendous pressure with anti-trust. The board caved in, cut a deal at the 13th hour, and here we are.

Within some of the spin control attempting to mitigate the damage from their initial fumbled announcements, Craig is repeatedly mentioning "auditing and accountability." Well, okay then. I'm quite happy security researchers will be poking it with sticks and not taking Apple at their word, because their word is obviously ethically dubious, ever-shifting, and just falls under the auspices of this thing called "marketing."

Edit: Forbes piece which just came out:

 
Last edited by a moderator:
  • Like
Reactions: bobcomer
Okay Apple, your actions are becoming a joke now. You just talked high and mighyt about allowing security researchers to audit you, but then went lawsuit happy when they are trying to.

iOS15 is definitely a no go then for me. I have disabled auto download of ios update on my iPhone. My old Mac mini will be staying on Catalina.

This is really sad news for me, as I was actually someone who was starting to warm up to the Apple ecosystem.
Why would their actions be a reason not to update your software?
 
Apple have to appeal. The judge just opened the door to any company or individual taking iOS and running it in a virtual environment or anywhere else, without any agreement or control from Apple, as long as that company says, “it’s for security reasons”.
It should be our right to do exactly that.
 
True he did run it. Steve was wayyyyy more paranoid about leaks though.
Missing the point. During Steve's day the attention was just beginning. The push for clicks from many, many more sites that even existed in Steve's day. And the sheer scale of scrutiny over "everything Apple" (love or hate) is significantly higher now.

I don't really believe that Steve's Apple was more secretive than Tim's Apple. I think it is much hard to be successfully secretive.
 
  • Like
Reactions: ratspg
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.