A little more than two weeks have passed since the FBI announced it used a mysterious “outside party” to hack into the infamous San Bernardino iPhone 5c, thereby absolving Apple of its once-court-ordered duty. Just over a week has elapsed since the government withdrew from the court case entirely.
And — going back even farther — forty-eight days have elapsed since the beginning of this very public debacle. The court case — which was, in all seriousness, called “USA v. Black Lexus IS300,” and which Snowden called the “most important tech case in a decade” — went public when Apple was not cooperating as much as the government was telling them to cooperate. The court order quickly made national headlines when it surfaced on February 17, as the entire situation hearkened back to Edward Snowden’s leaks. Not since then had the debate between national security and personal privacy so publicly reared its head; Americans had proven altogether happy to be done expressing their opinions on those topics.
But this case was different, or so it at first appeared. For one, it revolved around a terrorist attack and Apple. The case followed, by a month, Apple’s public campaign against government-only backdoors; the government had a bone to pick. This case led protesters to dust off their Guy Fawkes masks and take to the streets. This case brought John McAfee back out of relative obscurity: after promising to unlock the iPhone for the government, he challenged Reddit via Inverse. In early March, this case led a California district attorney to posit the existence of a “dormant cyber pathogen” to obscure the fact of the iPhone 5c’s likely irrelevance. A week later, this case led President Barack Obama to offer a guarded opinion at SXSW.
Ten days later, on March 21, Apple CEO Tim Cook took his own center-stage opportunity — at the Apple Special Event — to come out swinging against the government. Evidently not averse to irony, the government called off the court order that night. The next day, McAfee weighed in for Inverse again, saying that the outside party’s identity — which he claimed to know, but which he could not share — would make Tim Cook “unhappy.” McAfee then recommended that Cook turn around and sue the government, which, as a lawyer then explained to Inverse, would not exactly be in Apple’s interest.
McAfee also predicted that we’d know the outside party’s identity within the week. And yet, here we are. Forty-seven whole days later, and we’ve still not a clue who did it. We’ve had a few false leads — like Cellebrite, the government’s longtime co-conspirator — but nothing concrete. Apple claims it has no idea who’s responsible for the backdoor; Apple also claims that it has no idea how whoever’s responsible accessed said backdoor. Apple didn’t even know there was a backdoor.
And now we’re left with nothing but lingering questions. Who did it and how? Will we, as iPhone users and citizens, ever know? Will Apple ever know? Are our own iPhones vulnerable to this hack, or will the hack only work on this particular iPhone 5c? And, most importantly, what’s next in the saga?
What’s next, in this case, is not exactly easy to see. We may reasonably predict that the outside party’s identity will soon get out. Senior Apple engineers told Reuters that they expected it to leak, saying “Flaws of this nature have a pretty short life cycle. Most of these things do come to light.” We can also predict that those same Apple engineers are already working on patching up the backdoor in the next iOS, even if they do not yet know what the vulnerability is. And we may also expect that these sorts of cases will continue to surface every once in awhile, but that the media will not pay nearly as much attention to them. Few will be as high-profile; fewer will be directly linked to a terrorist. When the next case does arise, Apple and the government will have stepped up their games.
Unless, as both sides claim to desire, the royal “we” are — read: congresspeople — able to decide an adequate solution to this debate “as a nation,” with rationality as our guide. And even then, the laws will lag far behind the technological developments, and we’ll see a similar case crop up in a decade.