TECHNOLOGY

Docker-OSX image dilapidated for security study hit by Apple DMCA takedown

Apple

The popular Docker-OSX project has been remote from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown ask, alleging that it violated its copyright.

Docker-OSX is an initiate-provide project created by security researcher In heart-broken health.Codes that permits for the virtualization of macOS on non-Apple hardware. It’ll be hosted on any machine that helps Docker, including Linux and Home windows.

The project is precious for builders who have to test tool on macOS or security researchers attempting out varied configurations to expose bugs or to analyze malware.

Its popularity is reflected in its 750,000 downloads and 500 stars on Docker Hub, as effectively as its 40,000 stars on GitHub.

Apple nukes the repository

On Wednesday, Docker-OSX users reported that they were unable to drag the newest macOS pictures from the Docker Hub repository, getting 404 errors.

“docker: Error response from daemon: pull secure entry to denied for sickcodes/docker-osx, repository does no longer exist or can even require ‘docker login’: denied: requested secure entry to to the helpful resource is denied,” read an error message when a consumer tried to set up the image.

After varied users reported a identical problem having access to the Docker image, the developer, In heart-broken health.Codes, spoke back that it used to be long gone from their fable and personal bought no data as to why.

404 errors seen by Docker-OSX users
404 errors viewed by Docker-OSX users

Source: In heart-broken health.Codes

After posting about the removal on X, Docker confirmed it with In heart-broken health.Codes that the image used to be removed after they bought a DMCA takedown ask from Apple.

Within the DMCA ask sent to In heart-broken health.Codes and shared with BleepingComputer, a guidelines firm representing Apple asserted that the “docker-osx” repository contains pictures of Apple’s macOS installer, that are real by copyright.

The search specifies that Docker-OSX reproduces Apple’s mumble material without authorization, which constitutes copyright infringement below U.S. guidelines, and requests that Docker act “quick” to take dangle of down the repository.

“It has come to our attention that pictures of Apple’s macOS installer and installation were posted at https://hub.docker.com/r/sickcodes/docker-osx,” reads the DMCA infringement notification sent by Apple’s attorneys at Kilpatrick, Townsend and Stockton LLP.

“Apple has uncommon rights in its macOS installer and installation. Glimpse macOS Sonoma. Docker-OSX reproduces this mumble material without authorization. The unauthorized replica of Apple’s mumble material constitutes copyright infringement and is a violation of the DMCA.”

Apple's DMCA takedown request to Docker Hub
Apple’s DMCA takedown ask to Docker Hub

Source: In heart-broken health.Codes

Crossing apt boundaries

From a apt viewpoint, Apple’s actions are justified on this case, as its EULA for macOS restricts the employ of the working machine to Apple-branded hardware, and enforcement of those licensing phrases is within its rights.

In heart-broken health.Codes instantaneous BleepingComputer that Apple’s action would primarily impression security researchers the utilization of Docker-OSX to abet secure macOS safer.

“Whenever I’m at a security conference, like DEFCON or http://Hardwear.io, varied researchers come up and pronounce that they dilapidated Docker-OSX to attain malicious program bounty. Or no longer it’s if truth be told one among the one techniques to take dangle of half in Apple’s malicious program bounty program without an real Mac,” explained In heart-broken health.Codes.

In heart-broken health.Codes added that Apple contradicts itself by encouraging security study contributions and malicious program reports however targets the tasks that abet researchers produce this activity. With that acknowledged, the researcher says his devotion to abet in Apple security study remains unwavering.

“Right here’s a first payment apt-faith security study project that I, and over 700,000 others, personal dilapidated to take dangle of a search for at and procure bugs in macOS.

They [Apple] explicitly allow researchers to test their products as section of the Apple Trojan horse Bounty program, of which I am a participant and personal submitted bugs to Apple before.

And can proceed to attain so.”

❖ In heart-broken health.Codes

Within the intervening time, Docker-OSX remains readily available on GitHub at the time of writing, however the repository there most productive contains the project’s code, no longer the installer binaries, so In heart-broken health.Codes does no longer query a DMCA ask there.

Within the kill, the case highlights the apt challenges that would possibly presumably arise for initiate-provide tasks when facing proprietary tool that is field to psychological property rights enforcement at any 2nd.

BleepingComputer has requested for a comment from each Apple and Docker, however we now personal no longer bought a response by e-newsletter.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button