Fears of chilling effect on security tool development lifted

Apple has dropped a lawsuit against a developer of iOS virtualisation software

Apple has dropped a controversial intellectual property lawsuit against virtualization software maker Corellium just days before the case was due to go to trial.

Corellium’s software technology enables users to create virtual iOS devices within a browser, allowing security researchers to more easily test for bugs and exploits.

The same virtualization technology allows tech journalists to research stories into App Store security issues or run disposable instances of Signal.

Apple filed suit in August 2019, contending that Corellium was replicating its operating system without permission.

BACKGROUND Apple-Corellium lawsuit raises concerns among security research community

Corellium – which had been selling its technology for some time prior to the lawsuit – said its software was comparable to popular desktop virtualization tools from VMWare and Virtual Box.

Corellium strongly disputed Apple’s claims of copyright infringement, as previously reported, suggesting Apple had launched its legal offensive after its attempt to acquire Corellium floundered in 2018.

Sealed settlement

The action raised concerns in the security community that it could stifle security research, with others seeing the lawsuit as an example of Apple’s tendency to act as something of a control freak.

Part of Apple’s case hinged on claims that Corellium circumvented Apple’s security measures in violation of the controversial Digital Millennium Copyright Act (DMCA).

Last December, US District Judge Rodney Smit rejected Apple’s copyright infringement claims whilst allowing the DMCA strand of its lawsuit to proceed despite describing Apple’s legal protestations as “puzzling, if not disingenuous”.

Read more Apple security news

The case was due to be heard before a federal court in Florida starting next week (August 16) but the case has reportedly been settled. “The terms of the settlement were confidential,” the Washington Post reports.

The Daily Swig approached Corellium for comment. We’ll update this story as and when we receive a reply.

Back in June, security research firms included Bishop Fox and McAfee joined with the EFF in launching a campaign “against use of Section 1201 of the Digital Millennium Copyright Act (DMCA) to suppress software and tools used for good faith cybersecurity research”.

RECOMMENDED International cybercrime gang charged with Covid-19 business email compromise fraud