Apple is still subject to NSLs, and like Lavabit, can be coerced into operating in such a way that they're able to provide message contents to authorities while advertising that they are in fact secure.
It's much simpler than that. Their marketing team gets their material from the R&D team, and neither group knows about the NSLs, because why would they? Only compliance and a few people on legal know, and everyone hates them already anyway.
Assuming it's actually end-to-end encrypted, it is susceptible to MITM attacks because you're trusting a centralized source with key exchange and verification.
You cannot perform an audit on your own. You are trusting that you received the correct keys without a way to verify identities outside of the network.
Can you provide the source code that shows the implementation of the end-to-end encryption? Can you verify that you REALLY have Alice's public key and she has yours? Or are you trusting that the keys you're receiving from Apple's network belong to exactly who Apple says they do?
Lavabit offered in-network public key encryption for its users. Its implementation was faulty and investigators only needed an SSL key to get the information they wanted from suspects. They also ordered Lavabit to keep operating under the pretense that they were secure.
http://www.infoworld.com/article/2609583/encryption/how-secu...
Skype was advertised as "end-to-end" encrypted AND peer-to-peer networked for years, until it was slowly exposed as a lie. Skype's content is not end-to-end encrypted and the network is centralized.
http://arstechnica.com/security/2013/05/think-your-skype-mes...