tech2 News StaffAug 16, 2019 10:32:41 IST
Apple has filed a lawsuit against Corellium, a company that has apparently replicated iOS and is selling virtualised versions to whoever’s interested.
Corellium has replicated iOS, including the underlying code and UI, and claims to offer the platform to security researchers. However, Apple alleges that Corellium is doing so without a license from Apple, and, more importantly, is simply selling the platform to the highest bidder rather than legitimate security firms.
A virtualised OS is something similar to something like a Nintendo emulator for playing games on your PC. With Corellium’s tools, you’re basically running iOS without needing an iPhone or iPad.
Such a virtualised platform is very dangerous in the wrong hands and extremely useful to hackers and security researchers. Since the entire operating system is virtualised, an analyst could freeze the OS at any point and analyse the running code at that point in time.
This makes it extremely convenient for finding vulnerabilities in the code.
Since Corellium is selling the platform for profit rather than to researchers, Apple is understandably worried that the likes of state-sponsored hackers, and even law enforcement, could find exploits that would leave the entire iOS ecosystem vulnerable. Corellium also enforces no obligation on the disclosure of vulnerabilities to Apple, which is yet more reason to worry.
Via the lawsuit, Apple is seeking an injunction on Corellium to prevent the company from either marketing or selling its iOS virtualisation tools.
Apple recently started a bug bounty program for iOS, macOS, tvOS and its other platforms. It also offers security researchers a custom-built iPhone specifically for probing iOS for vulnerabilities.
Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.