That is probably a fair hunch. However I was thinking.. there may be a way to do this with stock iOS without tipping off the target device in any way.
Whenever an iMessage client wants to message the target, it gets a list of target device public encryption keys from Apple. It then sends a separately-encrypted copy of each message to each of those recipients.
What Apple could do is to "bug" the lists that are sent to the devices wanting to sending something to the target, without modifying the list that the target device sees. So all incoming messages to the target would get cc'd to law enforcement. This could probably be done completely server-side.
As for outgoing messages, Apple could do the same thing in reverse: whenever the target device asks for the list of recipient devices, just add the monitoring device to it. Again, all by simply modifying the device directory server, no client changes.
The bigger point here is that Apple claims their hands are tied due to the design of the encryption. But as long as the directory service is still under their central control, there is still a technical means for complying with law enforcement requests to monitor iMessage communication.
Perhaps law enforcement just needs to get more specific with their demand. Don't demand "decryption" anymore.. demand a wiretap.
Whenever an iMessage client wants to message the target, it gets a list of target device public encryption keys from Apple. It then sends a separately-encrypted copy of each message to each of those recipients.
What Apple could do is to "bug" the lists that are sent to the devices wanting to sending something to the target, without modifying the list that the target device sees. So all incoming messages to the target would get cc'd to law enforcement. This could probably be done completely server-side.
As for outgoing messages, Apple could do the same thing in reverse: whenever the target device asks for the list of recipient devices, just add the monitoring device to it. Again, all by simply modifying the device directory server, no client changes.
The bigger point here is that Apple claims their hands are tied due to the design of the encryption. But as long as the directory service is still under their central control, there is still a technical means for complying with law enforcement requests to monitor iMessage communication.
Perhaps law enforcement just needs to get more specific with their demand. Don't demand "decryption" anymore.. demand a wiretap.