> The one thing which most leads me to believe this was an intentional backdoor? The S-boxes.

If you look at that HN discussion, you'll find a link to a Mastodon post from an Asahi Linux developer explaining that these "S-boxes" are actually an ECC calculation, and that the registers are probably cache debug registers, which allow writing directly to the cache bypassing the normal hardware ECC calculation, so you have to do the ECC calculation yourself if you don't want a hardware exception caused by an ECC mismatch on read (of course, when testing the cache, sometimes you do want to cause an ECC mismatch, to test the exception handling).

Correct, but you still have to know the values for the Hamming operation; my point stands.

I don't believe it's intentional for the reason you mentioned. Although it could theoretically be like that for plausible deniability, Apple's reputation is definitely more valuable than one patchable backdoor of god knows how many others. But debug backdoor is still a backdoor.

Intentional doesn't mean Apple approved. It could be a couple of compromised employees on the right teams.

Very large companies are definitely at the mercy of governments. Just look at how they are bending over backwards to comply with DMA etc. So, it is not at all inconceivable that they are forced to put backdoors into their product by the governments.

>Very large companies are definitely at the mercy of governments.

Thankfully! At least in a democracy, the government is chosen, megacorps are accountable to no one else.

Except Apple is known for having very publicly fought the FBI’s attempt to force a backdoor into iOS.

https://en.m.wikipedia.org/wiki/Apple–FBI_encryption_dispute

That’s true. On the other hand, Apple isn’t some kind of Borg like swarm intelligence. While Apple’s upper management doesn’t want back doors in their products, someone in middle management might have come to a different opinion.