The favored Docker-OSX venture has been faraway from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown request, alleging that it violated its copyright.
Docker-OSX is an open-source venture created by safety researcher Sick.Codes that enables for the virtualization of macOS on non-Apple {hardware}. It may be hosted on any system that helps Docker, together with Linux and Home windows.
The venture is helpful for builders who want to check software program on macOS or safety researchers attempting out numerous configurations to uncover bugs or to analysis malware.
Its recognition is mirrored in its 750,000 downloads and 500 stars on Docker Hub, in addition to its 40,000 stars on GitHub.
Apple nukes the repository
On Wednesday, Docker-OSX customers reported that they had been unable to tug the most recent macOS photos from the Docker Hub repository, getting 404 errors.
“docker: Error response from daemon: pull access denied for sickcodes/docker-osx, repository does not exist or may require ‘docker login’: denied: requested access to the resource is denied,” learn an error message when a person tried to put in the picture.
After different customers reported the same problem accessing the Docker picture, the developer, Sick.Codes, replied that it was gone from their account and have acquired no data as to why.
Supply: Sick.Codes
After posting in regards to the removing on X, Docker confirmed it with Sick.Codes that the picture was eliminated after they acquired a DMCA takedown request from Apple.
Within the DMCA request despatched to Sick.Codes and shared with BleepingComputer, a regulation agency representing Apple asserted that the “docker-osx” repository comprises photos of Apple’s macOS installer, that are protected by copyright.
The discover specifies that Docker-OSX reproduces Apple’s content material with out authorization, which constitutes copyright infringement below U.S. regulation, and requests that Docker act “expeditiously” to take down the repository.
“It has come to our attention that images of Apple’s macOS installer and installation have been posted at https://hub.docker.com/r/sickcodes/docker-osx,” reads the DMCA infringement notification despatched by Apple’s legal professionals at Kilpatrick, Townsend and Stockton LLP.
“Apple has exclusive rights in its macOS installer and installation. See macOS Sonoma. Docker-OSX reproduces this content without authorization. The unauthorized reproduction of Apple’s content constitutes copyright infringement and is a violation of the DMCA.”
Supply: Sick.Codes
Crossing authorized boundaries
From a authorized perspective, Apple’s actions are justified on this case, as its EULA for macOS restricts using the working system to Apple-branded {hardware}, and enforcement of those licensing phrases is inside its rights.
Sick.Codes informed BleepingComputer that Apple’s motion would primarily influence safety researchers utilizing Docker-OSX to assist make macOS safer.
“Every time I’m at a security conference, like DEFCON or http://Hardwear.io, other researchers come up and say that they used Docker-OSX to do bug bounty. It’s essentially one of the one ways to participate in Apple’s bug bounty program without an actual Mac,” defined Sick.Codes.
Sick.Codes added that Apple contradicts itself by encouraging safety analysis contributions and bug stories however targets the initiatives that assist researchers carry out this exercise. With that stated, the researcher says his devotion to assist in Apple safety analysis stays unwavering.
“This can be a official good-faith safety analysis venture that I, and over 700,000 others, have used to attempt to discover bugs in macOS.
They [Apple] explicitly allow researchers to check their merchandise as a part of the Apple Bug Bounty program, of which I’m a participant and have submitted bugs to Apple earlier than.
And can proceed to take action.”
❖ Sick.Codes
In the meantime, Docker-OSX stays out there on GitHub on the time of writing, however the repository there solely comprises the venture’s code, not the installer binaries, so Sick.Codes doesn’t anticipate a DMCA request there.
Finally, the case highlights the authorized challenges that may come up for open-source initiatives when coping with proprietary software program that’s topic to mental property rights enforcement at any second.
BleepingComputer has requested for a remark from each Apple and Docker, however we now have not acquired a response by publication.
