The IT security company Corellium offers virtual iOS instances that can be used, for example, to detect possible weaknesses in the mobile operating system. For this reason, Apple filed a lawsuit against Corellium in August, alleging that the company was violating the iPhone manufacturer’s copyright. In cyber security circles, Apple’s decision caused great displeasure because the virtual iOS instances also significantly simplify the work of serious security researchers and have already in the past led to the discovery of serious security vulnerabilities in Apple products. Ultimately, the work of legal hackers, who transmit the found vulnerabilities to the manufacturer and do not exploit them, thus also benefits the owners of iPhones and iPads.
Corellium therefore argues in the opposition that its software “makes the world a better place”. In contrast to troubleshooting physical iPhones, virtual machines significantly speed up the work of the security community.
As an alternative, Apple has launched a program that distributes special iPhones to selected security researchers for troubleshooting purposes. According to Corellium, this is not enough, because Apple decides who can search for bugs and which found security problems can be reported to the public. Corellium also argues that maximum security is only possible if the hardware, software and services can be investigated by as many independent people as possible.
