Who are the winners and losers in the Apple v. FBI drama? An explainer

Late on Monday, the FBI announced that it had finally gained access to San Bernardino shooter Syed Rizwan Farook’s iPhone, effectively ending its month-long fight with Apple over unlocking the device.

Though international debate about encryption is far from over, this leaves both sides in somewhat uncomfortable positions. The FBI looks a little silly for making this into a federal case, and Apple’s device security — which has long been a selling point for its products — has taken a very public hit. Below, a quick explainer of what happened, and how each of these powerful American institutions has emerged from this long and exhausting brawl.

So wait, back up. What did the FBI do to get into the phone?

Funny you ask — that’s the question that every tech journalist in the world wants to answer. Last week, less than 24 hours before the Justice Department was set to face off with Apple lawyers in court, investigators asked to postpone the hearing because they were approached by an “outside party” who offered to help them get into the device.

Who that outside party is we do not know. But there are some pretty reasonable guesses. As Wired reported last week, the FBI has a sole source contract with the Israeli mobile forensic firm Cellebrite. Its website advertises that the company’s hackers can extract data from locked iPhones running any version of iOS up to 8.4.1. It’s possible that those forensic researchers could be exploiting a vulnerability that Apple has already patched in iOS 9.

There are a few other theories that could explain the FBI’s feat, but they get pretty deep in the technical weeds of how iOS stores memory.

A vulnerability in iOS? That’s worrying. Does the FBI have to tell Apple what that is?

Technically, no. And it’s possible they have already signed a nondisclosure agreement with the outside party that helped them do it. If the FBI happens to take Apple to court over accessing a device again, it’s possible the details of this case could come up and become public information.

How does Apple feel about all this?

On a call with journalists last week, Apple lawyers acknowledged that the FBI’s sudden discovery of a break-in method was always a possibility, and one Apple was willing to accept. Indeed, as the company has pointed out in court filings, it is constantly fighting to keep up with the latest security advancements, and patching known vulnerabilities.

But any court order to weaken Apple’s systems, it argued, would make it significantly less secure, because that would make it more likely to be targeted by cybercriminals. Apple lawyers said they hoped the FBI would share its method for breaking into the device, but that there was no way to force it to do so.

But let’s face it: Even if the vulnerability that was exploited by the FBI’s hired hackers has already been patched in later versions of iOS, the fact that law enforcement could get into Farook’s phone makes Apple’s overall security look bad. And it further supports criticism from some cryptographers that Apple could’ve done more to prevent the FBI from even requesting the access it wanted in the San Bernardino case in the first place. Even though the court case was dropped, Apple was definitely cut down in the eyes of the privacy community, and probably the public.

It’s also worth noting that the third party the FBI hired did not report whatever vulnerability it discovered in iOS to Apple. According to a report by the New York Times last week, that could possibly be because unlike most major tech companies, Apple does not offer large sums of money in exchange for finding security errors in its code.

But why did the FBI go through all that legal drama if it could’ve just taken more time to search for outside help?

During the debates spurred by the San Bernardino court case, many privacy activists and members of Congress suggested the FBI simply wanted to set a legal precedent that gave it a court-mandated way to access encrypted information on the devices of terrorists and criminals.

But, as Electronic Frontier Foundation attorney Nate Cardozo told Yahoo News last week, it seems “the government was taken by surprise by the strength of Apple’s opposition and the amount of support they were able to garner in both the tech community and the civil liberties community.” In other words, if your court case is prompting journalists to ask President Obama what he thinks about a very controversial topic, you’re probably doing something that could be embarrassing for your organization.