The Apple situation annoys me because it's no longer about the web. It's about breaking crypto on a device which is vendor-locked. The same thing as breaking homegrown crypto, or DVD crypto; easy and trivial. The fact that Apple doesn't use ephemeral keys and can't simply throw away the key in the event of an incident is worrisome enough.
Real crypto needs to be more compartmented than that. A bank is not secure because of the massive door - it's safe because it would take a thief weeks to empty every safety deposit box.
It's also made even safer when the key is (more or less) thrown away for periods of time and nobody can get it. Even with manual over-ride. Literally somebody could be dying inside the safe and nobody could save them.
In properly implemented crypto nobody should hear you scream.
The hole concept of end to end encryption works far better if the ends are actually secure. We use end to end encryption to protect our communucation one the move and our endpoint are protected with secure hardware.
Weakening end point security is certantly not as bad as going after tls (for example) but its still a vital piece of our trust chain.
And the smartphone will grow in importance as an authentification factor and that makes it even more vital.
Real crypto needs to be more compartmented than that. A bank is not secure because of the massive door - it's safe because it would take a thief weeks to empty every safety deposit box.
It's also made even safer when the key is (more or less) thrown away for periods of time and nobody can get it. Even with manual over-ride. Literally somebody could be dying inside the safe and nobody could save them.
In properly implemented crypto nobody should hear you scream.