[cmurf]

An attacker can't modify the code. The code isn't public. Only the sole keeper of the code can modify the code, it's proprietary software. Further the code is signed by author's private key, so even if an attacker could modify compiled code (via a decompiler for example), they still can't inject that modified code into the hardware without signing.

[mindslight]

> Only the sole keeper of the code can modify the code, it's proprietary software

LOL!

> Further the code is signed by author's private key

This is the crux - if Apple is in a privileged position to defeat security measures and you're analyzing security in terms of Apple/USG, this counts as a backdoor. It doesn't provide full access, but it does undermine purported security properties of the system.

It's quite possible to implement a system with similar properties that doesn't give Apple such a privilege. It sounds like they didn't.

[cyphar]

> An attacker can't modify the code. The code isn't public. Only the sole keeper of the code can modify the code, it's proprietary software.

This is not correct. Reverse engineering is a thing. Proprietary software just makes it harder. People modify proprietary code all the time.

> Further the code is signed by author's private key, so even if an attacker could modify compiled code (via a decompiler for example), they still can't inject that modified code into the hardware without signing.

This is the actual point.