Twitter | Search | |
Pwn All The Things Nov 9
So this filing in security research company v has some pretty interesting details. And it doesn't exactly look good for Apple.
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
(For those not up-to-speed on the case, is a firm that provides security researchers with "virtualized" iOS devices for security research, and is suing them, alleging copyright infringement over it)
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
So it turns out that until Apple suddenly decided to sue Corellium, everyone was good friends. Apple's security chief tried to hire the chief architect of it, and Apple was in the process of trying to buy Corellium and got their own private access to the platform.
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
Apple actively encouraged Corellium's product, had intimate knowledge of how it worked, and told Corellium that it could "have a big impact". Apparently Apple were even sufficiently excited by it that they wanted to buy the whole company.
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
Apple invited Corellium to take part in a private bug bounty program, promising payment for submitted bugs. Corellium, thinking everything is OK, submits bugs. Apple doesn't pay-up.
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
Corellium also alleges that Apple, having failed to pay-up for those bugs, are now also trying to use the discovery process to extract other bugs Corellium might be aware of for free.
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
If true, this is a gross case of monopoly abuse by Apple: 1) Apple actively encouraged Corellium's product, cited no problems 2) Apple tried, failed to buy C 3) Apple launches invite-only competitor to C 4) Apple withholds contractual payments and tries to sue C out of existence
Reply Retweet Like
Pwn All The Things Nov 9
Replying to @CorelliumHQ @Apple
The tl;dr is this case isn't about copyright or exploits, it's about Apple capturing the security market for iOS bug hunters, and shutting down all the avenues of non-invited security research on their platform.
Reply Retweet Like
Pwn All The Things Nov 15
Update to this: is now helping on this lawsuit, so will be interesting to watch how it progresses.
Reply Retweet Like
Clint Barton Nov 12
They care about one very specific kind of security: DRM.
Reply Retweet Like
418: No Coffee 4 U 🤖 Nov 9
OK, since we can't trust Apple it's time ti switch to then
Reply Retweet Like
Sabri Nov 9
Not the first time they ignore to talk about fails or bad decisions by Apple
Reply Retweet Like
martums Nov 9
🧐😳🤬 hey pls unroll 🥳
Reply Retweet Like
Thread Reader App Nov 9
Hallo you can read it here: Thread by : "So this filing in security research company v has some pretty interesting details. And it doesn't ex […]" Talk to you soon. 🤖
Reply Retweet Like
Coursey Nov 9
Good writeup, thanks!
Reply Retweet Like