Apple lawsuit scares security researchers away from Corellium emulator
Apple's lawsuit against cybersecurity firm Corellium is reportedly having a "chilling effect" on some types of iOS security research, according to several experts in the field.
In August 2019, Apple levied a copyright lawsuit against security specialist Corellium, saying the company's iOS emulation software "copied everything" about the tech giant's mobile operating system.
Since then, Apple has escalated its legal fight with the Florida-based firm, subpoenaing records from Santander Bank and intelligence firm L3Harris Technologies about their use of Corellium's emulator.
The escalating legal dustup has created a "chilling effect" in the iPhone-focused security industry, one researcher told Motherboard. A handful of security researchers that the publication spoke to expressed fear of retribution from Apple for using the Corellium emulator software.
Some of those experts also claim that Apple's copyright lawsuit is less about intellectual property and more about retaining control over iOS security research and snarling the development of third-party iPhone hacking tools.
In several court filings, Apple maintains that the purpose of its lawsuit is "not to encumber good-faith security research," but to simply stop Corellium from commercializing its copyrighted works.
As part of its legal defense, Corellium said that its emulator product helps secure Apple devices by allowing researchers to find vulnerabilities in the company's platform.
"This litigation presents an existential threat to an open and healthy security research community not only for Apple products but for consumer devices in general," Corellium said in a statement sent by its lawyers.
The U.S. Justice Department recently asked that Apple's deposition of Corellium cofounder Chris Wade be delayed until it could review the evidence Apple's lawyers would present before they question him.
On Friday, Apple's counsel filed a motion opposing that order, stating that the government had provided "no compelling reason, much less any evidence," for the delay.