The favored Docker-OSX venture has been faraway from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown request, alleging that it violated its copyright.
Docker-OSX is an open-source venture created by safety researcher Sick.Codes that enables for the virtualization of macOS on non-Apple {hardware}. It may be hosted on any system that helps Docker, together with Linux and Home windows.
The venture is beneficial for builders who want to check software program on macOS or safety researchers attempting out numerous configurations to uncover bugs or to analysis malware.
Its reputation is mirrored in its 750,000 downloads and 500 stars on Docker Hub, in addition to its 40,000 stars on GitHub.
Apple nukes the repository
On Wednesday, Docker-OSX customers reported that they had been unable to drag the newest macOS photographs from the Docker Hub repository, getting 404 errors.
“docker: Error response from daemon: pull entry denied for sickcodes/docker-osx, repository doesn’t exist or might require ‘docker login’: denied: requested entry to the useful resource is denied,” learn an error message when a consumer tried to put in the picture.
After different customers reported the same problem accessing the Docker picture, the developer, Sick.Codes, replied that it was gone from their account and have acquired no data as to why.
After posting in regards to the removing on X, Docker confirmed it with Sick.Codes that the picture was eliminated after they acquired a DMCA takedown request from Apple.
Within the DMCA request despatched to Sick.Codes and shared with BleepingComputer, a legislation agency representing Apple asserted that the “docker-osx” repository accommodates photographs of Apple’s macOS installer, that are protected by copyright.
The discover specifies that Docker-OSX reproduces Apple’s content material with out authorization, which constitutes copyright infringement beneath U.S. legislation, and requests that Docker act “expeditiously” to take down the repository.
“It has come to our consideration that photographs of Apple’s macOS installer and set up have been posted at https://hub.docker.com/r/sickcodes/docker-osx,” reads the DMCA infringement notification despatched by Apple’s attorneys at Kilpatrick, Townsend and Stockton LLP.
“Apple has unique rights in its macOS installer and set up. See macOS Sonoma. Docker-OSX reproduces this content material with out authorization. The unauthorized replica of Apple’s content material constitutes copyright infringement and is a violation of the DMCA.”
Crossing authorized boundaries
From a authorized perspective, Apple’s actions are justified on this case, as its EULA for macOS restricts using the working system to Apple-branded {hardware}, and enforcement of those licensing phrases is inside its rights.
Sick.Codes advised BleepingComputer that Apple’s motion would primarily impression safety researchers utilizing Docker-OSX to assist make macOS safer.
“Each time I am at a safety convention, like DEFCON or http://Hardwear.io, different researchers come up and say that they used Docker-OSX to do bug bounty. It is basically one of many one methods to take part in Apple’s bug bounty program with out an precise Mac,” defined Sick.Codes.
Sick.Codes added that Apple contradicts itself by encouraging safety analysis contributions and bug experiences however targets the tasks that assist researchers carry out this exercise. With that stated, the researcher says his devotion to assist in Apple safety analysis stays unwavering.
“It is a authentic good-faith safety analysis venture that I, and over 700,000 others, have used to try to discover bugs in macOS.
They [Apple] explicitly allow researchers to check their merchandise as a part of the Apple Bug Bounty program, of which I’m a participant and have submitted bugs to Apple earlier than.
And can proceed to take action.”
❖ Sick.Codes
In the meantime, Docker-OSX stays obtainable on GitHub on the time of writing, however the repository there solely accommodates the venture’s code, not the installer binaries, so Sick.Codes doesn’t count on a DMCA request there.
In the end, the case highlights the authorized challenges that may come up for open-source tasks when coping with proprietary software program that’s topic to mental property rights enforcement at any second.
BleepingComputer has requested for a remark from each Apple and Docker, however we now have not acquired a response by publication.