Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Corellium Accuses Apple of Using Lawsuit to 'Crack Down on Jailbreaking'
- Thread starter MacRumors
- Start date
- Sort by reaction score
Actually your post is silly and misinformed. To jailbreak is to remove security and make the phone less secure. No idea where you got your out of date information from.
The point isn’t that a jailbroken phone is still just as secure as one that isn’t, the point is that someone jail breaking THEIR phone does not make YOUR phone less secure. The jail breaking community puts constant pressure on Apple to improve security which benefits everyone.
That may be the point, but a lot of people in this thread have said that jail breaking a phone does not make the phone less secure.
Jailbreaking a phone gives you root access. It doesn't make it less secure unless you're dumb (many users are).
What Apple wants is security by obscurity; making everyone think iOS is more secure by hiding security issues. Corellium does the opposite of that; it helps researchers find vulnerabilities easier. But Apple would rather have a good image than actual good security. It gives them more money. Corellium just benefits users, but too bad, users don't understand it. And don't use the word "uncrackable", there's no such thing as long as perfect humans don't exist.
[automerge]1577889585[/automerge]
It's not a replica of iOS, it's the real iOS. Its purpose is not mimicking the interface or functionality, it's making it easier to find security flaws.
[automerge]1577889781[/automerge]
That's not what they're doing. Their purpose isn't copying iOS, but making finding flaws on iOS easier. They do that by installing iOS in custom hardware.
[automerge]1577889904[/automerge]
That's not what they're doing. Their purpose isn't copying iOS, but making finding flaws on iOS easier. They do that by installing iOS in custom hardware.
They are installing iOS in their own hardware and with their own bootloader. This allows them to disable security features on iOS and have unrestricted debugging, which is then used to find security vulnerabilities.
[automerge]1577890023[/automerge]
It's not a ripoff, a replica or a copy of iOS. They're installing the real iOS in their own hardware they have full control over and giving researchers remote control to these devices so that they can find security flaws.
[automerge]1577890083[/automerge]
No. And it's specifically marked as legal by a DMCA exemption.
[automerge]1577890271[/automerge]
It's not an emulator and it's not duplicating iOS. They are taking the real iOS firmware from Apple's website and virtualizing it in their own hardware.
Last edited:
Yes it is against the EULA, but not against the law. An EULA isn't a legally binding contract. Apple can punish you for breaking it (such as ignoring your warranty status) but the law cannot, unless the action you did is specifically against the law.
[automerge]1577891178[/automerge]
When you buy an iOS device you're not paying for the right to remotely control iOS on someone else's device. You're paying for a copy of iOS in hardware that you own. So you're not just looking at Mona Lisa, it is like asking Da Vinci to make you an exact copy of it. He can give you a warranty that if you ruin the painting accidentally, he will fix it for you. But along with that, he also gives you some terms you have to agree on, like "you are not permitted to paint over the painting". If you break those terms, you won't go to jail, you'll just not get your painting fixed. The same thing with the EULA, if you break it, you haven't commited a crime, you just won't get support from Apple.
Last edited:
Apple, IMO, won’t lose. Corellium will likely be found guilty and probably put out of business. (And they should)
[automerge]1577893601[/automerge]
It’s too bad, I’m going to guess what Corellium did was illegal and will be found to run afoul of the DCMA. But you never know.
I do not get why nobody sees the real reasons why Apple is suing Corellium. It's not copyright, Corellium hasn't copied or openly redistributed anything made by Apple. It is very obvious why Apple hates Corellium. They're helping people find security vulnerabilities easier, and they aren't requesting anyone to report the vulnerabilities to Apple. That might seem like the right thing but not telling Apple doesn't automatically imply those vulnerabilities will be used for malicious purposes. People might keep them private, release them for free for the jailbreak community, or sell them to a trustworthy buyer that doesn't have malicious intentions. Apple wants vulnerabilities at all cost in their hands and that's understandable, but they also want them away from the public. They don't care if vulnerabilities cannot be really used maliciously (like checkm8; it's useless for attackers) or if they might help other people get into the research scene (and therefore help Apple even more in securing their product). All they care about is their image, I'm pretty sure many people looked at checkm8 as "oh an unpatchable exploit, the security of those devices is screwed", even though that wasn't true, it harmed Apple's reputation, and so do exploit releases or public jailbreaks; there will always be ignorant people that think security is the sum of all released security issues.
All the talk about Corellium being an iOS ripoff or that it's harming iPhone sales is just Apple finding stupid arguments as an attempt to end Corellium. Corellium doesn't copy iOS, it takes the real iOS and installs it in custom hardware. It is against the EULA, but the EULA isn't legally-enforceable. In fact, so is jailbreaking or hackintoshing that are still legal. And Corellium's purpose is not giving iPhone replacements that people can use without buying an actual iPhone. That would be piracy, but the thing is that's not the purpose at all, Corellium isn't even usable as an iPhone, it's slow, it's got limted functionality and it probably costs more than an iPhone, its purpose is solely aiding in security research.
Corellium could very well lose, but if that happens, it'll be because Apple is way more powerful as a company, because the court doesn't really understand what Corellium is doing and Apple's lawyers managed to convince them with their biased arguments, or both of these reasons.
Again, that's incorrect. The EULA grants you the right to use copyrighted materials. The EULA revokes your right when its terms are not met. If you do not delete the software after your rights are revoked, then you are committing a copyright violation, which is both a civil and criminal charge.
This also applies to open-source license agreements, like the GPL.
It doesn’t matter what I think, but what the courts think. But imo, Corellium is trafficking tools that infringe in the DCMA. That seems to be the real reason of the suit.
They aren't. I wrote whole paragraphs explaining why. Not gonna repeat myself.
[automerge]1577910578[/automerge]
An EULA is not legally-enforceable and look no further than jailbreaking. Jailbreaking is against the EULA but also legal.
Last edited:
Selling a custom installation for $1M seems to be in the realm of trafficking. But your opinion and my opinion are irrelevant, the courts opinion is the only relevant opinion.
Years of work went into making Corellium possible. Installing iOS in non-Apple hardware is no easy work. With all that effort, they can't just make this available for everyone or for free. They're not just making money off iOS, they're making money off a lot of hard work. Not just that but had it been free/open-source, Apple would just break it in an iOS update.
And that is why, imo, Apple is going to win this, even if it goes to the Supreme Court. Remember Aereo? They thought they had a air-tight business model. Supreme Court shut them down.
Last edited:
Right, so I'm going to install Windows on any computer that walks into my shop, in violation of the EULA and see how long that lasts.
Conversely, I'm going violate the terms of the GPL and incorporate Linux code in proprietary software. That's fine since the EULA is invalid, right?
We went through this argument. Two separate laws apply. It's legal by one law, not the other. Scroll up.
It's civil, not criminal. A judge won't send you to prison for jail breaking. The judge can order you to stop. The judge can order you to pay Apple lots of money. If you don't the Judge can send you to jail for disobeying his legal order.
Fun fact, there has been serious talk in National Security circles of jail breaking being a terrorist threat. If you get control of the baseband and you plan to do something bad in a city, you can make all of the targeted phones dial 911, hang up, then dial again, all in an endless loop. You can even prevent the user from turning off the phone. You might be able to get the phone to over discharge the battery and cause it to burn.
Right, “convicted” was the wrong word. Any private person been brought to trial?
Not because of a lack of legal standing. Only because, Apple does not care to charge individuals. If you want to make a Hackintosh in your garage, they mostly think it sounds like fun. If you sell them for money, then they care.
It's like saying I should be able to paint a smile on my copy of the Mona Lisa which I paid for, and keep in my home.
I know the software on our phones doesn’t really belong to us, but honestly, why shouldn’t it? If this were a question of online services I suppose it would be different. You could argue the OS is simply a front-end to the data in a suite of online services. But the entire reason me and a lot of other people jailbreak our phones is to remove restrictions on how that data is presented to us. Like the fact you can’t put place icons anywhere on a homescreen in 2020 is beyond ridiculous. I'd also like iOS to change my wallpaper automatically, the way Mac has done for 20 years. And I shouldn’t have to keep switching keyboards to type numbers and special characters, yet SwipeExtender is way more reliable than any third-party keyboard. The fact this can only be done by essentially hacking the device into compliance is far, far from ideal.
Now imagine if your copy of the Mona Lisa could not be separated from its tamper-resistant frame (secure boot chain), the contents of which must be verified successfully or else it would refuse to show a picture to you at all. And there was no other way in hell to own a copy of the Mona Lisa. But imagine if all painted portraits (iOS devices) came with these same restrictions, none of them were smiling, and the only alternative was to buy a landscape (Android). Then you can imagine the sort of frustration that plagues jailbreak users.
Also, I know what Corelium is doing is not quite the same, but I honestly can’t blame them for trying to paint their own Mona Lisa and getting caught for it.
[Edited to clarify]
Last edited:
That's exactly what I did. Rooted all of my Android devices.
Then moved to a solid usable locked down iPhone 7+ that I've now owned longer than any of my previous Androids. Not one Android phone I owned lasted longer than 18 months. My 7+ is going on 3 years now.
[automerge]1577973114[/automerge]
Just to clarify this point, every 3 years the Library of Congress makes rulings on this, and the rulings all expire every 3 years.
If it wasn't for the organizations such as the EFF then these exemptions would expire.
Last edited: