Apple drops lawsuit against virtualization firm Corellium

Apple filed its lawsuit against Corellium in 2019, claiming the company's products infringe on copyrights covering iOS, iTunes and other technologies. Corellium sells virtualized versions of Apple's iPhone and other products to developers and security researchers, who use the tool to surface bugs, flaws and other vulnerabilities.

The case was scheduled to go to trial in Florida on Aug. 16, but the parties agreed to settle the action today, according to court filings reported by The Washington Post. Terms of the agreement are confidential.

As noted in the report, Apple's legal play was viewed skeptically by the security research community, which voiced concern that a ruling in Apple's favor could have dissuaded future independent research efforts.

Corellium's tools allow users to create virtual devices in the cloud. Support spans from iPads to current iPhone models, each of which runs iOS builds directly from Apple's servers. The result is a "fully functioning" device replicated in software.

While Corellium itself claimed its tools run "real iOS," Apple did not license its proprietary software to the firm. Corellium, Apple argued, broke security measures to create "unauthorized copies" of iOS and thereby ran afoul of the Digital Millennium Copyright Act.

"[ ... ] Corellium has simply copied everything: the code, the graphical user interface, the icons— all of it, in exacting detail," Apple's original filing reads.

In December, U.S. District Court Judge Rodney Smith tossed Apple's copyright claims, saying Corellium met its burden of establishing fair use. Judge Smith did not, however, dismiss the DMCA assertions that were subsequently slated to be heard in court next week.

Apple upped the ante over the ensuing months and at one point issuing subpoenas for records of contractors who used the software.

Court filings reveal Apple attempted to acquire Corellium in 2018 and filed suit against the firm as negotiations stalled.

The iPhone maker later created the Security Research Device program, an alternative to products like Corellium that provides security researchers with specialized iPhones to ferret out bugs and vulnerabilities.

Perhaps not coincidentally, Corellium COO Matt Tait defended Apple's recently announced child sexual abuse material tools, arguing that potential expansion of the system through database modification — a major concern for privacy advocates — is an unlikely risk.

Apple's Child Safety initiative is a multi-pronged effort that uses on-device processing to detect and report CSAM images uploaded to iCloud Photos, as well as protect children from sensitive images sent through Messages. The feature will roll out in iOS 15.