Tech

Tim Culpan is a technology columnist for Bloomberg Gadfly. He previously covered technology for Bloomberg News.

Leila Abboud is a Bloomberg Gadfly columnist covering technology. She previously worked for Reuters and the Wall Street Journal.

Did Apple win? Or the U.S. government? Neither did.

Falling Apple
The shares are down almost 17% over the past year
Source: Bloomberg

The only winners in the legal fight between Apple and the U.S. government over the right to access a dead terrorist's iPhone are the security firms that play both sides of this fight.

Some work for governments and intelligence services to help them crack phones and computers, while others pitch their services to companies and individuals seeking to beef up their defenses.

On Monday, the FBI abandoned its efforts to force Apple to help them break into the iPhone of one of the San Bernadino shooters because, well, their services were no longer required.

Apple, which had been prepared to fight the request all the way to the Supreme Court, was deprived of a dramatic court battle that would have shown how willing it was to protect customers' data.

Apple had created the mystique that security was less of a problem on their smartphones than on rivals by adding security features like device encryption. With the U.S. publicly announcing that it can break into a device that it previously claimed was un-hackable, that security now looks illusory.

Because Apple tightly controls its ecosystem, there are far fewer products in the App store designed to keep your phone safe than there are in its Android counterpart.

While this outcome isn't likely to trigger a flood of security apps for the iPhone, it could be a boon for publicly traded security companies FireEye and Symantec, which offer products to consumers and businesses to keep their data safe. Shares of both companies have had a torrid 12 months amid a dearth of major public hacks or attacks.

Symantec Slips
Shares in the security software maker are down 22% over the past 12 months
Source: Bloomberg data

Symantec has struggled as PC sales have fallen, eroding revenue from the antivirus software it historically bundled with machines. But in January, the company completed the sale of its storage business to Carlyle, a move investors had been pressing it to make so it could ramp up investment in cyber-security. The following month, it attracted investments from Silver Lake, one of the most prominent technology investment firms, as well as activist investor Elliott Management.

Security Scan
FireEye shares are down 15% so far this year
Source: Bloomberg

FireEye is a challenger to Symantec and aims to detect more stealthy attacks. In 2014, it acquired Mandiant, the developer famous for outing China's most notorious state-backed hacking army the previous year. (The company is advising Bangladesh's central bank after hackers stole $101 million.)

The San Bernadino case has also shed light on a lesser-known crop of technology companies that crack security protocols for governments and law enforcement agencies. Israeli security firm Cellebrite has been helping the FBI to access the shooter's phone, according to website Ynet News, although the company and government have declined to confirm that.

As the use of PCs -- once considered the best entry point for breaking into a system -- has dwindled, hackers are separately trying to find new back doors. Cloud services, where users can store photos and music, are the most attractive target, and smartphones the most obvious entry point because the weakest link in the chain is the human user.

Apple faces a war of attrition with these hackers for hire -- as well as governments' own intelligence services. Just last week, it emerged Apple has started designing its own servers partly because of suspicions that hardware is being intercepted before it gets delivered to the company, according to the Information.

Courts and legislatures will long grapple with how to balance governments' security needs with users' privacy. Just this week, France will debate a new law which would require smartphone makers to co-operate with prosecutors or face fines, while the U.K. is weighing plans to rein in encryption. But what happens behind the scenes, in the world of security companies and hackers, will have just as much an impact, if not more.

This column does not necessarily reflect the opinion of Bloomberg LP and its owners.

To contact the authors of this story:
Tim Culpan in Taipei at tculpan1@bloomberg.net
Leila Abboud in Paris at labboud@bloomberg.net

To contact the editor responsible for this story:
Edward Evans at eevans3@bloomberg.net