Security Researchers Afraid to Use iPhone Virtualization Corellium After Apple Lawsuit

[alien3dx]

What a great comment! That alone just proves Apple's case. Lets emulate the OS so no one needs to purchase devices. I can test code.. sell my services..all thanks to someone else ripping off Apple.. oh but I didn't do anything wrong here. You have got to be kidding me.

it's no joke. Some people don't understand xcode just pure simulator not emulator. We need to test real device for deployment purpose. if just apple make emulator like android.

 

[einsteinbqat]

This has nothing to do with security. It's all about piracy.

 

[brinary001]

Is amazon allowed to sell access to virtual machines running macOS without Apple's authorization?

If not, why is Cerillium claiming they can do so for iOS?

I’m pretty sure AWS only has Linux and Windows VMs. But I haven’t used it in a while so maybe that’s changed, but I doubt it.

 

[StevieD100]

They should be afraid. Very afraid.
Who in their right mind would want to get on the wrong side of the most powerful and tenacious law firm on earth?

I think you might find that Big Pharma and Big Agri Chem have the most tenacious lawyers. Take Monsanto filing suit because the wind blew some pollen/seed from one of their GM crops onto another property. Those [redacted] think that they are god.

 

[AdmiralTriggerH]

I see somebody that knows nothing about cyber security.

Time for some education: Security through obscurity: Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component. Security experts have rejected this view as far back as 1851, and advise that obscurity should never be the only security mechanism.

In short: Apple wants to sue people who research their OS to keep their secrets proprietary, which means only black hat hackers would be the ones trying to break Apple products for nefarious purposes, compared to white-hat security people who actually want to make software more secure.

Apple doesn't care about security or privacy.
[automerge]1588725933[/automerge]

When they get their asses sued off by the consumers [again], it will become their financial perogative.

This is a very very flawed statement, Apple cares a great deal about security
See https://developer.apple.com/security-bounty/ for one example. They are willing to payout up to $1000,000 dollars yes 1 Million! For security issues.
Also large parts of Apple’s OSes are Open source (https://developer.apple.com/opensource/) which is the complete opposite of Security through obscurity.

This whole case is about a company stealing IP and selling a service using it. Then when the get caught they claim that they provide an essential service for Security research as their defence. It might be a helpful tool for research but it doesn’t make up for stealing someone else’s IP.
I hope the court rules that they they must hand it all to Apple and then Apple can assess it for legitimate use.

 

[m4mac]

"Apple has created a chilling effect" a security researcher said.
Why is Apple painted as the bad guy here? It's basic copyright 101 and Apple has every right to defend its property. Nothing sinister about it.

 

[Picard J.L.]

What on God’s green earth are you babbling about?

He is using that old “argument” that only open source software can be secure. That is not true. There are advantages to both.

 

[mannyvel]

Security through obscurity has it's place. Ask any safe cracker or lock picker; if you know the manufacturer and the model number you're halfway there. If they had to open something cold, with no information, it would make their job harder.

The idea that "security through obscurity" is bad is one of those sayings that was probably made popular by the NSA, because by seeding this idea it made their work easier.

STO isn't so you can hide your poor implementation; STO is all about giving your adversary less information so they have to do more work.

The fact that people spew "security through obscurity is not security" shows how mindless people can be, even otherwise intelligent people.