Corellium, a security firm that provides virtualization software for testing purposes, just won a major preliminary victory against Apple.
A federal judge threw out Apple’s lawsuit claiming Corellium had violated copyright law with its software, The Washington Post reported yesterday. Corellium is a relatively small startup with an industry-shaking idea: provide a virtual iOS platform that can run on just about any computer. This virtualization software is marketed mostly as a tool for testing software on iOS without actually, you know, testing it on an iPhone.
Judge Rodney Smith, in a motion for summary judgement for the U.S. District Court for Southern Florida, found that Corellium’s use of the iOS code constitutes fair use. Smith’s judgement knocks down Apple’s arguments one by one until the company’s lawsuit has nothing left to stand on.
Apple’s fight against Corellium isn’t over just yet, though — the court system still has other allegations to review.
Tale as old as time — Virtualization software is nothing new; companies like VMWare and Oracle have been creating virtual operating systems for decades. But Apple has always been incredibly stingy with its software code. There’s a reason not many companies offer services like Corellium’s.
Apple’s case against Corellium, which began in August 2019, relies mostly on the argument that Corellium is unlawfully profiting off Apple’s hard work. As Judge Smith points out in his ruling, this is a pretty flimsy argument — Corellium’s software doesn’t replace an iPhone, and it’s missing pivotal functionality like the ability to be a phone.
Smith writes in his ruling: “Corellium makes several changes to iOS and incorporates its own code to create a product that serves a transformative purpose. Hence, Corellium’s profit motivation does not undermine its fair use defence, particularly considering the public benefits of the product.”
More to come — Corellium’s victory here is nothing to sneer at, but it’s also not definitive. Apple’s lawsuit goes beyond copyright law, accusing Corellium of bypassing Apple’s authentication servers to secure the code needed for its software. Apple’s vendetta against Corellium is pretty standard for the iPhone-maker; the company is infamous for putting the full strength of its massive resources toward crushing any and all potential competition.
Apple’s reliance on brute force — arguing repeatedly that Corellium just wants to profit off its copyrighted work — might prove to be its own downfall. There’s nuance to Corellium’s work: it allows security researchers to better understand flaws in iOS and respond accordingly. That’s an invaluable service, and one that Apple doesn’t provide itself.