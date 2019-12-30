Loading...

The intensity of the lawsuit Apple has filed against software virtualization company Corellium has reached a different level because the latter's CEO says that a recent DCMA from Apple claims it is "engaged in human trafficking" and that Apple is trying to set a precedent for "public" eliminate "jailbreaks. "Corellium CEO Amanda Gorton has written an open letter in which she expresses her conviction that" Apple & # 39; s latest indictment of Corellium should give all security researchers, app developers, and jailbreakers cause for concern. "

Apple filed the lawsuit in August with the claim:

Corellium explicitly markets its product as a product that can be used to create "virtual" Apple devices. For a million dollars a year, Corellium even delivers a & # 39; private & # 39; installation of his product to every buyer. There is no basis for Corellium to sell a product that makes it possible to make perfectly perfect replicas of Apple's devices to anyone willing to pay.

At the time, we also noted that "Apple is also having problems with the spin from Corellium that allows its iOS suite to help investigators discover vulnerabilities better" with the aim of winning a court order against the sale of Corellium.

Gorton has published an open letter of concern for Corellium about what the final submission could mean.

Apple's latest application against Corellium should give all security researchers, app developers, and jailbreakers cause for concern. The submission claims that because Corellium "allows users to jailbreak" and "one or more people have access … to develop software that can be used to jailbreak", Corellium "engages in human trafficking" in violation of the DMCA . In other words, Apple claims that anyone who offers a tool that allows other people to jailbreak, and anyone who helps create such a tool, violates the DMCA. Apple underlines this position by calling the unc0ver jailbreak tool "illegal" and saying that it is "designed to bypass [the same] technological measures" as Corellium.

Apple is using this case as a test balloon in a new perspective to solve jailbreak. Apple has made it clear that it is not going to limit this attack to Corellium: it wants to set a precedent for eliminating public jailbreaks.

We are deeply disappointed by Apple's continuing demonization of jailbreaking. Throughout the industry, developers and researchers rely on jailbreaks to test the security of both their own apps and third-party apps – tests that cannot be performed without a jailbreak device. For example, a recent analysis of the ToTok app revealed that an Apple-approved chat app was being used by the United Arab Emirates government as an espionage tool, and the researchers behind this analysis said this work would not have been possible without jailbreak .

You can read the full open letter here.

Some important jailbreak developments have recently taken place:

Meanwhile, Apple has officially opened its bug bounty program, which also includes larger payouts, its new iOS Security Research Device program. From our previous report:

Apple says it is an "unprecedented Apple-supported iOS security research platform" with "ssh, a root shell and advanced debugging capabilities."

