Recently Apple was in the news for suing ARM device virtualization company Corellium. The company unsuccessfully sued Corellium for violating copyrights with virtual iPhone software intended for security purposes. Last week Corellium and Apple reached an agreement resulting in latter dropping the lawsuit. Now, Corellium has proposed to help researchers investigate Apple’s controversial “CSAM” feature.

Apple was caught in the crossfire after announcing a feature that detects CSAM material on iPhone by scanning photos on the device. Soon enough, Apple drew severe backlash from privacy advocates and security researchers. The company VP, Craig Federighi, attempted to clear the confusion by highlighting multiple layers of audits and other security features.

Corellium is now offering $5000 grants to security researchers to help independent public research concerning the security and privacy of mobile apps. Interestingly the ‘Open Security Initiative’ grant includes a study into Apple’s new and controversial photo scanning feature.

Corellium continues to sell its virtualization tool for iPhone. Security researchers can use a virtual iPhone to dive deep into iOS and investigate Apple’s new photo scanning feature. The research will help understand whether government or any other party can abuse the feature.

Challenging Apple’s Idea of Security and Closed Ecosystem

iPhone is known for excellent security and privacy features. However, in the recent past, iPhone’s locked down mobile ecosystem has infuriated security researchers. They blame Apple for not offering a solution that would let help in security research. The recent debacle over Pegasus being used by authoritarian government only added fuel to the fire. Government and other authorities reportedly use NSO Group-owned Pegasus software to eliminate dissent. In some cases, the spyware also helped facilitate violence.

According to researchers, investigation of iOS code is challenging, and thus, zero-day exploits would go undetected. The Cupertino companies’ new child-safety measures have caused an uproar, and we feel that Apple could be more transparent on how the new child safety feature works.