> Quite a number of backdoors from the baseband to the actual processor of the phone have been discovered over the last few years
Every single one is a security vulnerability, not an intentional blessed mechanism by which the OS can be updated. And every single one is patched as soon as Apple learns of it.
> it's hardly unreasonable to think they could compel both Apple and your carrier to assist them, in the form of Apple generating a custom wiretap update and your carrier silently pushing it.
Except a) any known mechanisms by which this could be done would have already been patched, and b) I find it highly implausible that the government could compel Apple into deliberately breaking the fundamental security architecture of their product. If Apple already had the keys to decrypt the message, they could be compelled to hand them over, but that's very different than compelling them to actually modify their end-user software.
If the government did have the power to compel Apple to do something to aid wiretapping, it would be to compel them to add the ability to suppress the popup into a future OS update. It would certainly not be to compel them into creating and installing an OS update on the fly to a specific phone. Security implications aside, installing custom OS updates to specific phones would also have tremendous consequences on a lot of other stuff, including future OS updates (installing an OS update certainly can't brick the phone even if it's running an unknown custom OS), customer support (what if the target brings their phone in to an apple store?), even their internal build process.
That said, I don't believe the government can compel Apple to deliberately violate the advertised security guarantees of their product. Especially when such tampering is potentially visible to the target (which this would be; people have reverse-engineered the iMessage protocol, which means it's possible to intercept and analyze the traffic, which means it would be possible to write a tool to dump out the keys that your message is going to, which can be used to detect when new keys are added even if the OS doesn't alert you).
> Again, we're talking about responding to a sealed court order to aid in tapping a telephone
No we're not. iMessage isn't a telephone. The fact that the device you're using iMessage on almost certainly also has phone capabilities is irrelevant (and of course you can use iMessage without a telephone, by using a Mac or an iPod Touch).
> I find it highly implausible that the government could compel Apple into deliberately breaking the fundamental security architecture of their product.
Well I don't know what news you've been reading the past year, but personally I've been given the impression that your NSA will try and compel whoever to do whatever they please, be it through court order, economic/political pressure and/or psy-ops.
> If Apple already had the keys to decrypt the message, they could be compelled to hand them over, but that's very different than compelling them to actually modify their end-user software.
It's also very different from the NSA actively hacking into, breaking security infrastructure of their ALLIES. Which is what they've done repeatedly.
It's also been shown that the NSA doesn't (can't or won't) really make a very fine distinction between who/what exactly are enemy, allied or US-targets. In particular if they really really want certain information that can be considered of high tactical value in their pursuit of foreign targets. Such as, say, private encryption keys for OS updates or whatnot.
While this is not proof that this happened or is happening, I'm arguing that there is very little stopping the NSA if they wanted to.
It's one thing to say "you have a communications product, give us access to the server". It's a rather different thing to say "you have a communications product where your server can't decrypt the messages; go radically break your security architecture in a software update".
Every single one is a security vulnerability, not an intentional blessed mechanism by which the OS can be updated. And every single one is patched as soon as Apple learns of it.
> it's hardly unreasonable to think they could compel both Apple and your carrier to assist them, in the form of Apple generating a custom wiretap update and your carrier silently pushing it.
Except a) any known mechanisms by which this could be done would have already been patched, and b) I find it highly implausible that the government could compel Apple into deliberately breaking the fundamental security architecture of their product. If Apple already had the keys to decrypt the message, they could be compelled to hand them over, but that's very different than compelling them to actually modify their end-user software.
If the government did have the power to compel Apple to do something to aid wiretapping, it would be to compel them to add the ability to suppress the popup into a future OS update. It would certainly not be to compel them into creating and installing an OS update on the fly to a specific phone. Security implications aside, installing custom OS updates to specific phones would also have tremendous consequences on a lot of other stuff, including future OS updates (installing an OS update certainly can't brick the phone even if it's running an unknown custom OS), customer support (what if the target brings their phone in to an apple store?), even their internal build process.
That said, I don't believe the government can compel Apple to deliberately violate the advertised security guarantees of their product. Especially when such tampering is potentially visible to the target (which this would be; people have reverse-engineered the iMessage protocol, which means it's possible to intercept and analyze the traffic, which means it would be possible to write a tool to dump out the keys that your message is going to, which can be used to detect when new keys are added even if the OS doesn't alert you).
> Again, we're talking about responding to a sealed court order to aid in tapping a telephone
No we're not. iMessage isn't a telephone. The fact that the device you're using iMessage on almost certainly also has phone capabilities is irrelevant (and of course you can use iMessage without a telephone, by using a Mac or an iPod Touch).