Corellium Accuses Apple of Using Lawsuit to 'Crack Down on Jailbreaking'

[realtuner]

Corellium did this with the full knowledge of Apple. As I said earlier, Apple even had them as one of the invite-only devs working on the Bounty Program. It's not as if this was an under the radar stealth operation.

To piggyback on your example. If AMango was invited by Adobe to join a select group of devs in their Bug Bounty Program and devs use AMango's emulator to find bugs in Adobe's software...

Now Adobe is well within it's rights to change it's stance about what you and others have done for them in the past using your software. Especially since they think they developed a better tool - the special dev iPhone APhone. I'm hard pressed to see stolen.

Interesting wording here. Why did you choose the word “knowledge”? A better word would be “support” or “authorization”. And what specifically did Apple authorize them to do?

Corellium being invited to find bugs is NOT the same as Corellium copying code and reselling for profit.

To use the Adobe example, Adobe hires outside contractor to help with finding exploits in their code for Photoshop. Contractors get full access to the codebase to do their work. Contractors copy the code and resell it to others. You think this is acceptable behavior?

 

[bytesynthesis]

But hey, let's not forget that this product discovered bugs which were reported to Apple, that were fixed and not paid out (as a donation to a non-profit, as was requested.)

And what about if there are bugs that were never reported? Do we know if they vet exactly who they sell the private installations of their product to (according to the suit, for a cool million dollars a year)? We have no idea. What kind of buyer would pony up that sort of cash? It's a scary thought.

 

[Will Tisdale 🎗]

While I am not supporting Corellium here, I would have to say the opposite: security through obscurity is always a bad idea. But note that there are two separate issues here: If you want security, don't jailbreak which may open up more vulnerabilities vs allowing researchers to find bugs and report them to Apple for the bounty or use them for jailbreaks which then provides the bug to Apple for free.

Essentially Corellium is providing an emulator which allows people (whether CS researchers or jailbreakers) to follow the path of execution of the code running the entire phone. This helps them find security issues which can then (hopefully) be reported to Apple or provided as a jailbreak which then is obvious to Apple what the problem is. For example, one might be able to find a stack overflow or buffer overflow etc which can then be used as a code injection vector.

Personally, I would like Apple to provide this to developers as they do with the special iPhones for security researchers (Apple's iOS Security Research Device program). It is cheaper than providing special iPhones and gets a lot more people looking at the code trying to find problems and then reporting them to Apple for the bounty. Apple should just buy them and be done with it.

I'd much prefer to have the information out there so that Apple can fix it vs have it hidden so only the CIA/NSA/Russian Intelligence/Chinese Intelligence/Israeli intelligence etc know about it and can then exploit it.

Totally. The fact that Apple is so scared of people fully seeing inside the guts of its software makes you wonder what they are trying to hide, and whether the huge number of visible bugs with iOS 13 in particular translates to lots of hidden, exploitable bugs that they already suspect are there.

We’re in 2019, soon to be 2020. Not 2009. Security researchers are generally allowed free reign providing they aren’t malicious, as companies recognise that they are far more helpful than a hinderance.
Why won’t Apple get its head out of its stuffy corporate arse and embrace that concept?

 

[bsolar]

The law says you have no automatic rights to use Apple's copyrighted software. That is the point of copyright. Apple has granted limited rights to you in exchange for money and promises. It is not illegal to revoke those rights if you violate those promises.

First of all, in general, it's absolutely possible in some cases to legally use copyrighted works without the need for a license. Fair use allows such usage in many scenarios. Not sure of Corellium's position though: AFAIK they claim research purposes, but they are also selling a product... I'd bet on no fair use for them, but the courts will tell. It's still important not to forget that copyright in general is not at all absolute.

Furthermore, not all "promises" in a contract are necessarily legally valid. In case one or more of these "promises" are found in court to be invalid, typically the contract in general still stands, excluding for the invalid parts. What can or cannot be legally valid in a contract depends a lot on the jurisdiction, meaning that some EULA clauses can range from "likely valid" to "laughably invalid" depending on where you are testing them.

E.g. here the most limiting clauses against an end user would need to be separately, individually signed on paper to even have a chance to be considered legally valid. A court would very likely declare the contract in general still valid, bar for the invalid clauses.

 

[amgff84]

Jailbreaking stopped being cool after the 4. Having Siri on my 4 was fun. Having unlimited lollipops in Candy Crush was fun. After that? No thanks. Now its all kids crying about snapchat tweaks who offer nothing to the jailbreaking community. Drove out all the pioneers who made the scene what it was.

Same with Rooted Androids. I actually lost interest in Android when the S8 came out and became much harder with Samsung devices. Then I went to Motorola, who actually allows it, but at this point all the devs stopped caring. Too many complainers, not enough people helping out in the community. Since then, I bought an SE, and then slowly became entwined in the Mac ecosystem to the point where I can't even live a day without it.
[automerge]1577755354[/automerge]

Totally. The fact that Apple is so scared of people fully seeing inside the guts of its software makes you wonder what they are trying to hide, and whether the huge number of visible bugs with iOS 13 in particular translates to lots of hidden, exploitable bugs that they already suspect are there.

We’re in 2019, soon to be 2020. Not 2009. Security researchers are generally allowed free reign providing they aren’t malicious, as companies recognise that they are far more helpful than a hinderance.
Why won’t Apple get its head out of its stuffy corporate arse and embrace that concept?

Remember the San Bernardino shooting? Remember how Apple claimed they wouldn't allow the FBI a back door into their system? I always suspected it was because they didn't want the public to know how vulnerable we actually are.

 

[69Mustang]

Interesting wording here. Why did you choose the word “knowledge”? A better word would be “support” or “authorization”. And what specifically did Apple authorize them to do?

Corellium being invited to find bugs is NOT the same as Corellium copying code and reselling for profit.

To use the Adobe example, Adobe hires outside contractor to help with finding exploits in their code for Photoshop. Contractors get full access to the codebase to do their work. Contractors copy the code and resell it to others. You think this is acceptable behavior?

Not really interesting. I chose that phrasing because I didn't want to imply that Apple specifically authorized or supported anything. Neither word -support or authorization- would have been appropriate for what I was conveying. I purposely used that phrase to imply exactly what I did: Apple knew about their software and what it did. ← Now is that claim supposition? Yup. 100%. But I would argue it's an entirely valid assumption considering we're discussing Apple. The chances of Apple inviting Corellium into their Bounty Program without vetting them and their software... I don't think any of us would believe that.

The analogy you presented doesn't work here. Corellium didn't join the Bounty Program and gain full access to Apple's code. Afaik, Corellium was already emulating iOS well before the original iOS Bounty Program even existed. Researchers were already using their emulator to find bugs. Hence the: Corellium did this with the full knowledge of Apple. I'd guess that's one of the reasons they got the invite in the first place. That's why I question the "thief in the night" narrative that seem to be pervasive in the thread.

 

[I7guy]

Not really interesting. I chose that phrasing because I didn't want to imply that Apple specifically authorized or supported anything. Neither word -support or authorization- would have been appropriate for what I was conveying. I purposely used that phrase to imply exactly what I did: Apple knew about their software and what it did. ← Now is that claim supposition? Yup. 100%. But I would argue it's an entirely valid assumption considering we're discussing Apple. The chances of Apple inviting Corellium into their Bounty Program without vetting them and their software... I don't think any of us would believe that.

The analogy you presented doesn't work here. Corellium didn't join the Bounty Program and gain full access to Apple's code. Afaik, Corellium was already emulating iOS well before the original iOS Bounty Program even existed. Researchers were already using their emulator to find bugs. Hence the: Corellium did this with the full knowledge of Apple. I'd guess that's one of the reasons they got the invite in the first place. That's why I question the "thief in the night" narrative that seem to be pervasive in the thread.

The courts have their way of deciding case law, no matter what the opinions in this thread is. I don't know why, the cases aren't the same, but this discourse brought to mind Aereo, an internet streaming service who thought they make a dime by rebroadcasting TV. They at first won against the giants, but ultimately were shut-down by the Supreme Court. We'll see how this goes for Corellium.

 

[albebaubles]

So here's the deal: do we want our phones to be secure or not? If we want them to be uncrackable, then we should support Apple on this lawsuit. If we really want to jailbreak them (for what?), then we are giving up security. Cant have both.

It'd be nice to be able to unlock the damned things and use for other purposes. No?

 

[cmaier]

Same with Rooted Androids. I actually lost interest in Android when the S8 came out and became much harder with Samsung devices. Then I went to Motorola, who actually allows it, but at this point all the devs stopped caring. Too many complainers, not enough people helping out in the community. Since then, I bought an SE, and then slowly became entwined in the Mac ecosystem to the point where I can't even live a day without it.
[automerge]1577755354[/automerge]


Remember the San Bernardino shooting? Remember how Apple claimed they wouldn't allow the FBI a back door into their system? I always suspected it was because they didn't want the public to know how vulnerable we actually are.

The FBI didn’t want them to “allow a back door.” They wanted Apple to write, and give to them, a version of iOS that when installed on a device would remove encryption. Yeah, no chance at all that this code would escape into the wild and put all of us at risk. Not like the NSA and other government agencies have lost code like this before. Oh, wait...

 

[amgff84]

The FBI didn’t want them to “allow a back door.” They wanted Apple to write, and give to them, a version of iOS that when installed on a device would remove encryption. Yeah, no chance at all that this code would escape into the wild and put all of us at risk. Not like the NSA and other government agencies have lost code like this before. Oh, wait...

You know, that's a good point. I wrote a paper on this in school and I recall that to be more accurate. I know there was a lot of concern from Apple regarding this. At the time, it made Apple look like heros, and to be honest I was an avid Android fanboy, but hearing that opened me up to Apple. It was only a year later when I got my first iPhone. However, I am a skeptical kind of person. I will say, I am with Apple 100% now as I trust their security over Androids open source. Happy to pay the Apple tax, even for used devices.

 

[satanicangel]

This is really really funny. I seldom post here but after getting some good laughs I think I should really contribute by educating some people here(note that this is not related to the actual Corellium lawsuit, but to the discussion in this thread):

1. Jailbreaking is legal, by law. Apple did mention that you can't use their software if you modify them, and if you do that you break the contract with Apple. Apple can deny service to you blabla, but that doesn't make it illegal. Whether it is ethical or not, that is another question. You can verify this by.. I don't know, Google? If you can't even do this I think you can stop reading this now.

2. Developing jailbreak does not makes iOS less secure. I am not sure whether some of you here are technologically illiterate or not, but a jailbreak is accomplished by an exploit, and that can usually(except the recent rain) be fixed by Apple once they are aware of it. Banning jailbreak will just keep some of the exploits in dark, and your device will probably be less secure than you think it is.

3. Jailbreak is still useful. Control center tweaks, showing cellular strength, displaying battery percentages for the newer phones, preventing your iphone from switching off in case of a theft and many more. I guess some of you won't get it, but the point is even though it is useless to you because you are ignorant, it doesn't mean that jailbreak is useless.

4. To the point mentioning I should go to Android - I don't understand where you are coming from really. I prefer iOS due to its optimization and if I can get the same level of freedom as I get while jailbroken, why should I go for Android? It is the best of both worlds.

5. Fun fact: Jailbreaking your phone also doesn't make the jailbroken phone less secure, other than the default SSH password which can be changed, and you should anyway already know this if you are jailbreaking. It maintains the same security level as an unjailbroken phone, unless some shady tweaks are installed.

Thanks for the jokes guys, really enjoyed it and please enjoy your new year. Oh yes, if you want to discuss any points with me please make sure you read and understand point 1.

 

[69Mustang]

The courts have their way of deciding case law, no matter what the opinions in this thread is. I don't know why, the cases aren't the same, but this discourse brought to mind Aereo, an internet streaming service who thought they make a dime by rebroadcasting TV. They at first won against the giants, but ultimately were shut-down by the Supreme Court. We'll see how this goes for Corellium.

Wheat and chaff of forum life, bud. So many opinions boil down to "I like Apple so they are right" or "I don't like Apple so they are wrong". I try to ignore most of those and deal with the ones in the middle. You're right, the courts will decide. I said as much in an earlier quote. Right now all we know is Apple is claiming X and Corellius is claiming Y. The veracity of those claims will either be adjudicated in a court of law or settled privately. But that ain't gonna stop us from speculating. It's kinda one of the bedrock points of forums.

 

[amgff84]

This is really really funny. I seldom post here but after getting some good laughs I think I should really contribute by educating some people here(note that this is not related to the actual Corellium lawsuit, but to the discussion in this thread):

1. Jailbreaking is legal, by law. Apple did mention that you can't use their software if you modify them, and if you do that you break the contract with Apple. Apple can deny service to you blabla, but that doesn't make it illegal. Whether it is ethical or not, that is another question. You can verify this by.. I don't know, Google? If you can't even do this I think you can stop reading this now.

2. Developing jailbreak does not makes iOS less secure. I am not sure whether some of you here are technologically illiterate or not, but a jailbreak is accomplished by an exploit, and that can usually(except the recent rain) be fixed by Apple once they are aware of it. Banning jailbreak will just keep some of the exploits in dark, and your device will probably be less secure than you think it is.

3. Jailbreak is still useful. Control center tweaks, showing cellular strength, displaying battery percentages for the newer phones, preventing your iphone from switching off in case of a theft and many more. I guess some of you won't get it, but the point is even though it is useless to you because you are ignorant, it doesn't mean that jailbreak is useless.

4. To the point mentioning I should go to Android - I don't understand where you are coming from really. I prefer iOS due to its optimization and if I can get the same level of freedom as I get while jailbroken, why should I go for Android? It is the best of both worlds.

5. Fun fact: Jailbreaking your phone also doesn't make the jailbroken phone less secure, other than the default SSH password which can be changed, and you should anyway already know this if you are jailbreaking. It maintains the same security level as an unjailbroken phone, unless some shady tweaks are installed.

Thanks for the jokes guys, really enjoyed it and please enjoy your new year. Oh yes, if you want to discuss any points with me please make sure you read and understand point 1.

you’re so cool.

 

[Carnegie]

...

The lawsuit has been ongoing since August, but it is heating up after Apple amended its lawsuit in late December with a Digital Millennium Copyright Act (DMCA) filing, suggesting the Cupertino company believes jailbreaking is a violation of the DMCA. Corellium, says Apple, facilitates jailbreaking through its software.

...

This isn't quite accurate. Apple's December 27th filing doesn't suggest that the company believes jailbreaking is a violation of the DMCA. Rather, the filing suggests that the company believes that trafficking in tools which are designed to facilitate jailbreaking is a violation of the DMCA. On that point I think Apple would be right.

The so-called jailbreaking exemption which the Librarian of Congress has adopted applies to (otherwise would-be) violations of 17 USC §1201(a)(1). In adopting that exemption the Librarian of Congress has been clear in that it doesn't have authority to adopt exemptions from violations of §1201(a)(2) or §1201(b).

That means there's an exemption from the prohibition on "circumvent[ing] a technological measure that effectively controls access to" a copyrighted work. That exemption would, under many circumstances, protect jailbreaking.

But there isn't an exemption from the prohibition on "manufacturer[ing], import[ing], offer[ing] to the public, provid[ing], or otherwise traffic[king] in any technology, product, service, device, component, or part thereof, that... is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to" a copyrighted work. (There are other related violations, for which there isn't an exemption, that I won't get lost in.) In other words, there isn't an exemption for providing tools designed to facilitate jailbreaking. That is what Apple is accusing Corellium of - violations of §1201(a)(2) and §1201(b), not §1201(a)(1).
[automerge]1577766001[/automerge]

note: "legal to jailbreak in United States" Apple has not read the DMCA laws lately. It may be against the EULA, but the EULA is not law.. its only the service you use which says.

Apple isn't, in the amended complaint referred to in the OP, asserting that jailbreaking is a violation of the DMCA. It's asserting that trafficking in tools designed to facilitate jailbreaking is a violation of the DMCA.

There's an applicable exemption (adopted by the Librarian of Congress, in accordance with the DMCA) from 17 USC §1201(a)(1). But there isn't a similar exemption from 17 USC §1201(a)(2) and 17 USC §1201(b). In other words, generally speaking, it isn't illegal to jailbreak but it is illegal to provide tools designed to facilitate jailbreaking.

 

[Lalatoon]

Well, you really don't own your iPhone in a sense you are just renting it
In Android side, you may loss warranty but you can do anything with your Android phone including installing a different rom and in that sense you truly own the device

it is what it is...

and also breaking EULA is not a crime but you may loss warranty..

 

[amgff84]

Well, you really don't own your iPhone in a sense you are just renting it
In Android side, you may loss warranty but you can do anything with your Android phone including installing a different rom and in that sense you truly own the device

it is what it is...

and also breaking EULA is not a crime but you may loss warranty..

On the Android side, we had ROM-hopping. That was when you would change ROMs frequently because it was easy. Miss those days.

 

[Lalatoon]

On the Android side, we had ROM-hopping. That was when you would change ROMs frequently because it was easy. Miss those days.

I did not exeperienced what you called ROM-hoping.. I used cyanogenmod and since it is already dead in the water I am now using LineageOS and I would say it has better security compared to iOS or other Android OS out there.

 

[cmaier]

I did not exeperienced what you called ROM-hoping.. I used cyanogenmod and since it is already dead in the water I am now using LineageOS and I would say it has better security compared to iOS or other Android OS out there.

You can say it.

doesn’t t make it true.

 

[Lalatoon]

You can say it.

doesn’t t make it true.

 

[diddl14]

So they make a business on offering iOS on non-Apple hardware? How is this not theft of intellectual property?

 

[bollman]

Well Swedish law is different. You buy it, you own it. I can do whatever with iOS I want, decompile, modify and whatnot. I'm not allowed to make copies available, but I'm allowed copies "for backup purposes".
The EULA that Apples requires us to accept has a lot of parts that would not hold up in court. As a matter of fact, it's even debateable that just pressing a button to "accept" a contract is actually accepting a contract.

 

[chris1958]

I’m definitely with Apple on this one. I’m tired of companies that exist simply to exploit or steal the intellectual property of others.

It is not about stealing something. The problem with Apple is that the do security by obscurity. And this simply doesn't work. Security researchers must have a way to analyze the software and disclose the findings to Apple before some obscure companies do the analysis behind closed doors and sell there findings to the country or organisation who pays most.

 

[amgff84]

I did not exeperienced what you called ROM-hoping.. I used cyanogenmod and since it is already dead in the water I am now using LineageOS and I would say it has better security compared to iOS or other Android OS out there.

Lineage is the followup to Cyanogenmod, Many of the same Devs worked on both, I believe, but there was also SlimRom, Dirty Unicorns, Resurrection Remix, Liquid Smooth, just to name a few of the more common ones. Interestingly enough, they were all either based on TouchWiz or Cyanogenmod. I still have my Note 2 with CM12.1 on it. That was the last supported ROM for my Sprint Note 2. Everything else was buggy because testing and development fell off the earth by the time Marshmallow came out for the Note 2. If you install these ROMS and remove Root, it would have been just as secure as stock Android.

 

[Lalatoon]

Lineage is the followup to Cyanogenmod, Many of the same Devs worked on both, I believe, but there was also SlimRom, Dirty Unicorns, Resurrection Remix, Liquid Smooth, just to name a few of the more common ones. Interestingly enough, they were all either based on TouchWiz or Cyanogenmod. I still have my Note 2 with CM12.1 on it. That was the last supported ROM for my Sprint Note 2. Everything else was buggy because testing and development fell off the earth by the time Marshmallow came out for the Note 2. If you install these ROMS and remove Root, it would have been just as secure as stock Android.

Even if you have root installed it is still much secure than any OEM Android or iOS since it does not have any bloatware or it will never call home like iOS or Android OEM. Mine is rooted since I need root capability to be able to ceate/mount luks container.

 

[amgff84]

Even if you have root installed it is still much secure than any OEM Android or iOS since it does not have any bloatware or it will never call home like iOS or Android OEM. Mine is rooted since I need root capability to be able to ceate/mount luks container.

I respectfully disagree. By allowing Root, you are essentially sleeping with your back door wide open. I know what you are saying, and there is some truth behind removing bloatware to provide a more secure environment, but we live in an age where we have to accept the risk of using technology.