You should remember that in December 2023 it was revealed that the "Apple Silicon" CPUs have some undocumented testing features, which have unbelievably remained enabled in the Apple devices for many years until being notified by the bug finders, instead of being disabled at the end of production.
Using the undocumented but accessible control registers, all the memory protections of the Apple devices could be bypassed. Using this hardware backdoor, together with some software bugs in the Apple system libraries and applications, for many years, until the end of 2023, it has been possible to remotely take complete control of any iPhone, with access to its storage and control of the camera and microphone, in such a way that it was almost impossible for the owner to discover this (the backdoor bugs have been discovered only as a consequence of analyzing some suspicious Internet traffic of some iPhones that were monitored by external firewalls).
It is hard to explain such a trivial security error as not disabling a testing backdoor after production, for a company that has claimed publicly for so long that they take the security of their customers very seriously and that has provided a lot of security theater features, like a separate undocumented security processor, while failing to observe the most elementary security rules.
It is possible that the backdoor was intentional, either inserted with the knowledge of the management at the request of some TLA, or by a rogue Apple employee who was a mole of such a TLA, but these alternative explanations are even worse for Apple than the explanation based on negligence.
Using the undocumented but accessible control registers, all the memory protections of the Apple devices could be bypassed. Using this hardware backdoor, together with some software bugs in the Apple system libraries and applications, for many years, until the end of 2023, it has been possible to remotely take complete control of any iPhone, with access to its storage and control of the camera and microphone, in such a way that it was almost impossible for the owner to discover this (the backdoor bugs have been discovered only as a consequence of analyzing some suspicious Internet traffic of some iPhones that were monitored by external firewalls).
It is hard to explain such a trivial security error as not disabling a testing backdoor after production, for a company that has claimed publicly for so long that they take the security of their customers very seriously and that has provided a lot of security theater features, like a separate undocumented security processor, while failing to observe the most elementary security rules.
It is possible that the backdoor was intentional, either inserted with the knowledge of the management at the request of some TLA, or by a rogue Apple employee who was a mole of such a TLA, but these alternative explanations are even worse for Apple than the explanation based on negligence.