Fine, but it's custom build locked to that particular device and which Apple can install itself, without providing it to the FBI. It's certainly not "a tool for the FBI that will allow them to look at any user's data".
Once they made it, locked for that device, the FBI knows Apple can make it again, locked for another device. The tool is for any user's data, via a court order on Apple.
But Apple would still need to have the court orders for each user.
Some people are suggesting that Apple would create this back-doored code, and hand it to the FBI, who would then use it to access any data they want without bothering with court orders. That doesn't seem to be what the FBI are asking for.
> But Apple would still need to have the court orders for each user.
Yes, and Apple doesn't want this as a precedent. It does away with one of their go-to selling points these days: security/privacy.
If device security can be surreptitiously undone by an OTA upgrade, what's really the point? I'm sure the brilliant legal minds at the DoJ can come up with creative interpretations to enable the next stage, which would be to do this in bulk as a special point-release.
Once created, what stops the Government from obtaining a copy of the modified OS and the means to sign/encrypt it for any device? Either via some top-secret "You can't tell anyone about this or you go to jail" process, or via an agent embedded in the company?
That's stretching the jargon a bit. I know that's what Cook said, but it could be a one-off process without the "custom build" leaving Apple's hands. Basically, comment out the time-delay and wipe code, build, sign, and push to the device.
Really the most important part there is the "sign" step, and the fact that the FBI isn't straight-up asking for the signing keys is telling; they didn't want this request to escalate the way it has.
https://assets.documentcloud.org/documents/2714001/SB-Shoote...