Steve Jobs has become rather chatty these days, the latest example of which is last week's brief "letter" posted without a permanent link (but reproduced in "," 2007-10-17) in Apple's Hot News section, in which the Apple CEO announced that a third-party software development kit (SDK) for the iPhone and the iPod touch will be released in February 2008. (See " ," 2007-10-10, for our scoop on that front.)
A Short, Ambiguous History -- While there was no consensus in the existing Mac developer community as to whether Apple would ever fully open up the iPhone platform for third-party applications - a view reinforced by Apple's early reluctance to make any commitment - Jobs did state at the D: All Things Digital conference in May 2007 that Apple was looking into how to allow other software "later this year." Daring Fireball  from a not-quite-yes but not-quite-no to "later this year." (Note: This paragraph progressed in its drafts from me writing that Jobs first said "no" and then later "absolutely" after I heard from some developers who pointed out it was more nuanced than that: Jobs and Apple were ambiguous and sometimes negative in January about third-party apps, and by May had changed their tune into a more positive, but not 100-percent affirmative message.)
At Apple's Worldwide Developers Conference, we all freaked out briefly when it seemed like Jobs meant that the SDK would simply involve Web applications using AJAX, which would require a persistent Internet connection, and allow no two-way interaction with the underlying system beyond letting a Web page specify a phone number to call or map to display. (Wil Shipley of Delicious Monster wrote on the matter in which he said no thanks to AJAX, but that he was willing to wait for Apple to build a real SDK, which he understood took some time.)
Jobs's latest letter had a bit of the tone of, "Hey, you kids, get off my lawn! We still have to get rid of the gophers, re-sod the grass, and finish the main house before we let you on it in a few months, you little...." The statement emphasized the high level of risk for viruses and malware to spread among phones, and the widespread hallucination engaged in (or promoted by) the cell phone industry that such problems don't already exist. Fair enough, although what he's really saying is, "We've been too busy to work on the iPhone and Leopard at the same time; now we can focus on the iPhone again."
Unmentioned in the letter was the issue of unlocking, although it's a safe bet that Apple's SDK won't allow such behavior, and the cat-and-mouse game is undoubtedly still in play. In fact, it's possible that Apple hopes to distract attention and resources from iPhone unlocking efforts by legitimizing third party application development. When no changes to the iPhone were allowed, developing a game for the iPhone was equally as "wrong" as unlocking the iPhone. Lumping the two types of hacking together may have encouraged people who wouldn't think twice about installing a game to consider unlocking as well.
My prediction that Apple was nearing some kind of announcement must have stemmed from the company showing off or discussing with other parties the delay in the SDK and previewing what was to come. They must have spoken to a number of developers for me to have heard such a buzz last week, as Apple itself is so tight-lipped; none of what I was told came from inside Apple.
In talking about the virus risk and other issues, Jobs noted that Nokia had recently added digital signing to applications - the, after the dominant worldwide smartphone platform that Nokia is heavily invested in - that provides more certification and accountability for third-party software that runs on their mobile phones. He called that a "first step." In my article on the SDK's near-term announcement, I noted that there could be two levels of iPhone application certification requirements: a high level for access the cell data network, and a lower level for applications that run entirely locally or use only Wi-Fi for communication.
Why February? Apple slipped the Leopard ship date to October 2007 because the company needed to shift resources from Leopard to the iPhone in order to ship the device on time (see " ," 2007-04-16). Apple has repeatedly noted that the iPhone runs Mac OS X, a fact confirmed by all the hackers and crackers who installed software, unlocked the phone, and developed exploits. (An automated way to crack a current iPhone through a flaw in TIFF image display code has been  by one of the developers of Metasploit, a framework for running and analyzing massive sets of attacks and inserting payloads. The TIFF flaw has been used to , and revert it to 1.0.2 software to restore functionality. Thanks to  for the Metasploit link.)
It appears, from what the hackers have discovered, that the iPhone currently runs a hybrid of Tiger and Leopard elements. As such, it makes no sense to release an SDK that uses at least parts of an operating system you're about to deprecate in favor of a new one, especially one that has a better internal security model. In the original timing, perhaps Apple planned to ship Leopard, and have an iPhone version of Leopard ready to go for the iPhone launch in June 2007. I've heard nothing about that, but it might have been the case.
Here's my view of the timeline: Leopard ships 26-Oct-07. Apple announces a new iPhone model (perhaps with 3G cell data support; see "," 2007-10-14) at Macworld Expo on 15-Jan-08. The new model ships along with an updated operating system that's based entirely on Leopard; it's made available to existing iPhone and iPod touch users as a software update by early February 2008. The iPhone SDK appears shortly thereafter.
In the meantime, it will be interesting to see what the iPhone hacking community does. I suspect they'll continue to explore the innards of iPhone 1.1.1, both to bring back existing third party applications for the four months and to figure out how to unlock the iPhone again. The final reason hackers won't just wait patiently until February? Because hacking the iPhone is a challenge.