Corellium, a mobile device company that supports iOS, this week won a significant victory in its legal battle against Apple. Apple last year sued Corellium for copyright infringement because the Corellium software is designed to replicate iOS to allow security researchers to locate bugs and security flaws.
According to The Washington Post, a Florida judge threw out Apple’s claims that Corellium had violated copyright law with its software. The judge said that Corellium successfully demonstrated that it operates under fair use terms.
A very unlikely victory, considering the massive financial means difference between these two companies. A good one, though – this was just the world’s largest corporation being annoyed a small upstart made their products look bad by giving security researchers the tools they need to find bugs and security flaws in iOS.
Being annoyed your forced Uighur-labour brand might get tarnished should not be grounds for a legal case.
How did Corellium manage to reverse engineer iOS anyway? It took Haiku/AROS/ReactOS years to get compatible with BeOS/AmigaOS/Windows
j0scher,
Corellium doesn’t really belong in the same group as those you mentioned because they did not build compatible software. Their service actually downloaded IOS from apple servers, installed IOS on Corellium’s ARM servers and gave customers remote access. Also, keep in mind that apple’s hardware locks don’t really come to play in this scenario since it isn’t running on apple’s hardware. Since Corellium used their own hardware, they already have full control over it and don’t have to hack into it.
If we were talking about the hardware side of things, Corellium’s approach would likely not work at all on original iphone hardware because it locks owners out of the hardware. In fact apple’s hardware locks in the latest iphone 12 are so draconian that the phone won’t allow owner to turn on normally if they use a 3rd party for repairs.
http://www.youtube.com/watch?v=FY7DtKMBxBw
The video even shows that apple booby trapped some software to break (panoramic photos disabled, bad frame rates, etc) even when repaired with authentic apple parts from donor phones. These are “features” apple deliberately adds to the iphone to make 3rd party repair shops appear incompetent in the eyes of consumers. The real travesty though is the damage that unreparable phone does to our planet… This is quite tangential to the Corellium case, but Corellium’s service could theoretically help 3rd parties find ways to perform iphone repairs in the future. Although IMHO it would be far better just to have an explicit right to repair law in the first place!
Corporate made law versus the market is a tricky issue lately. Security is the issue but at the bottom of it security for whom? Vested interest or public interest? Like a lot of things right to repair existed until they took it away and there isn’t even a law enabling this removal of rights. You would think Tim Cook of all people would be receptive to this but I have found some in his position have a craving for legitimacy with the establishment so they end up replicating what they perceive as approved behaviour. How would he react to being jailed simply for being who he is? Not very well I suspect.
Viewing Corellium’s website for Android at least it looks like they provide a virtual phone via the cloud? I’m guessing they provide something similar for IOS? Apple probably aren’t happy and were trying to pull similar arguments they used to shut down clone companies like Pystar, or pull an Oracle
Statute and case law varies around the world. One thing which irritates me is how the US seems to think US law applies all over but this is by the by. Another pet irritation is how many people get US “fair use” law wrong. Loads of people make the assumption that just because they can see something they can copy it, or assume a simple “creative” modification covers copying for fair use. In reality you have to go through a number of due diligence steps. Even if the use is covered by “fair use” missing one of these steps will invalidate any claim to fair use and render the work unlawful. I’ve read through legal commentary on this and it can get very involved. I have no idea about the ins and outs of this case but one US IP lawyer made a comment: https://forums.macrumors.com/posts/29447280 Following on from this comment another irritation about the big social media platforms is complaints almost always default to US law.
For Youtube you have to make a seperate complaint writing up your legal argument if you believe an issue is covered by a none US jurisdiction. With regard to Thoms comment about human rights this is especially irritating. Youtube in particular default to US “freedom of speech” and tend to ignore any hate speech which would be unlawful in other jurisdictions. Unless you want to make a seperate complaint for each jurisdiction the net result is US law is being exported via “corporate made law” even when the content is unlawful in the jurisdiction which it is viewed. It’s no surprise nothing is done about this in the UK but I am slightly surprised the EU Commission hasn’t done anything about this. I’m guessing it may be because it’s not covered by the powers granted to the EU but might fall under trade issues. There’s certainly an “undue burden” issue and possibly an unfair trade advantage but this would require an expert in EU law to comment.
This past week I’ve slowly been working through some material produced by a lawyer who should know better. The short version is I had look past human rights law and to dig into contract and other law then compare it to the story they were telling which wasn’t a direct lie but more a lie of misdirection and omission so still a lie. I won’t go into details but it involved an unreasonable denial of services and systemic discrimination and, no surprise, maximisation of profit during the pandemic hidden behind the weasily excuse of providing quality services for clients. This is especially bad in the UK with its very weak regulatory environment and lack of strategic legal cases which you will note contribute to persistent systemic discrimination.
The fact a small company won is a victory for justice. The reason why, sadly, is law is often law as implemented. If you don’t fight for your rights you can lose them. as your rights are eroded this can be normalised then codified. Once a loss of rights is codified whether through case law or statute it can be decades before you get your rights back.
Sorry about rambling on but this kind of thing really really irritates me.
This situation is reinforced by non-US enforcement agencies as well, as I recently experienced: Engadget offered no way to opt-out of ad tracking (one of my pet peeves) so I lodged a GDPR complaint against them in Ireland where the Verizon Media office is registered. I received the following response:
So as an EU citizen residing in an EU country, it turns out the GDPR offers no protection for me against Verizon, who can do whatever they like with my dubiously-collected data.
Apologies for getting a little off-topic here as I realise this has nothing to do with copyright law. Nevertheless I think it does serve again to highlight the difficulty of legal jurisdiction in the Internet age. Plus I thought you might find it interesting!
@flypig
I think you made a useful comment. If people don’t know they don’t know which means they cannot protest to their local politician or advocacy agencies. Facebook decided to shift UK data over to the us as if GDPR or other safeguarding law no longer exists with the excuse of “Brexit”. GDPR and case law hasn’t changed just because of Brexit. You would think Nick Clegg (fomer UK Liberal democrat party leader and former deputy Prime Minister in the previous coalition government would know but he has taken a large salary to act as Facebooks mouthpiece. Yes, all good points about jurisdiction and given this has been pulled not just with US companies operating in the UK but also within the EU as you highlight it does show there is a bit of problem.
I cannot comment on the Republic of ireland but the case law in England and Wales (Scotland may be different) is that where a significant audience is in jurisdiction then the law of the land applies so they can be sued in England and Wales.
Government agencies can be notoriously pedantic and sometimes ignorant of or sometimes unwilling to apply the law for various reasons. It may come under the jurisidction of another agency. I don’t know EU law well enough to say but transferring data to a dodgy country (such as the US where both UK and EU case law has determined is not a safe harbour due to things like the Patriot Act and companies claiming they own your your data I suggest there may be a European Convention issue. This may bring your case within the remit of the European Court of Human Rights and possibly the ECJ either directly or via horizontal law. (ECHR judgments often transfer sideways to the ECJ because the ECJ itself is bound by the Convention.) This may open the door to a claim of human rights abuse being used to gain a trade advantage. (Anyone following Brexit will know the EU takes this very very seriously.) This will put issues within the remit of the EU who are responsible for trade agreements and tariffs. The European Union treaties also cover security so this is another angle to consider. I suggest it may be worth chasing up your Euro MP or one of the EU commissioners. Depending on their worldview and attitude if there is anything in this they may explore things a little further and will have access to much better quality opinions than I can offer.
That makes sense, thanks! I’m surprised Apple lets you download iOS from their servers
j0scher,
I’m not sure this still works today, but I believe it was downloading IOS the same way real iphones did. I suspect that apple either will or already has blocked direct unauthenticated downloads for the future.
On a related note, apple recently ceased distribution of its standalone macos installer.
http://www.osnews.com/story/132749/apple-has-stopped-providing-standalone-installers-for-macos-updates/
So I think it’s safe to say apple closing these easy paths so going forward it may be necessary to use software exploits or hardware mod to study the software. This obviously won’t stop well funded 3 letter agencies, but could be a barrier for independent researchers.
Cue the debate between security by obscurity versus widespread public analysis, haha.
CPUs with randomised instruction sets might be fun. #brainfart
Being annoyed your forced Uighur-labour brand might get tarnished should not be grounds for a legal case.
Trump level misdirection there. You did read the actual report right? Which clearly says that at no time was Uighur labor used on this Apple supplier production lines for anything related to Apple.
Apple has been on my boycott list for years due to their management and walled garden and gouging. The supply lines Apple uses may be clean but Apple have been caught with their hands in the cookie jar over child labour and there is the issue of being indirectly subsidised by a supplier with questionable practices so I think it was fair comment. I’m also not a huge fan of seperatism or hotheads but agree Chinas has implemented some questionable policies which have given rise to human rights problems.
An interesting treaty has been concluded between the EU and China addressing trade issues and forced labour.
https://www.theguardian.com/world/2020/dec/29/china-and-eu-poised-to-sign-long-delayed-investment-deal
Ok but this specific suppliers biggest customer is Samsung. Do you also boycott Samsung? They also supply HTC, which manufactures the Pixel, do you boycott HTC and Google too?
@ikristoph
I will redirect you back to the policy. It’s been neogtiated by senior policy makers, domain experts, and lawyers. If you want change there is the change. It also puts the US governments self-interest and lag on issues in the frame and the US won’t be happy with that. On other issues the EU negotiated a Brexit agreement which contains human rights penalty clauses on trade. (As a sidebar the ICC prosecution of the UK government over Iraq warcrimes is on hold until new evidence emerges and is not cancelled. The US of course has opted itself out of ICC jurisdiction.)
We can squabble all day over injustices and boycotts but this is all it would be. A squabble. The policy is there and provides a roadmap. Governments can be slow and I can assure you that getting anything done in three years is greased lightning for governments. Wait for the implementation and monitoring.
As a force the EU is arguably the leading moral authority in the world. I’m still somewhat distraught over Brexit and have legal arguments to question its legality. (imho Supreme Court court cases on this were a stitch-up to preserve the legal myth of parliamentary sovereignity.) If anyone thinks China needs monitoring carefully you know nothing about the UK or Tories. See also: Chagos Islands (and this is just the tip of the iceberg). If the UK ever wishes to rejoin the EU I recommend the EU insist on the UK having a modern written constitution and various problems sorted out first. I will be surprised if the EU does not trigger trade tariffs or sanctions against the UK if the Tory regime carries on.