“If they give the keys to government, they’re giving them to criminals too”
Not so.
One can have a device-based key, so you would need the device itself.
Or you could have a two-part key, one part with the manufacturer and another part with the NSA.
Or you could have a three-part key, one part with the manufacturer and another part with the FBI and a third part with the NSA.
One could also have the user enter a portion of the key, which might be saved to the manufacturer’s website.
So even if a Communist lackey gave the PLA every key code detailed entered in Apple’s factory in China, the phone would still be secure against criminals.
Apple could also enter codes in the USA.
If you honestly think that those two and three factor keys wouldn’t be compromised, I’ve got a bridge I’d like to sell you.
Matter of fact, look up what happened when Sony under the Lenovo division were caught with a rootkit in their software and the damage done to Lenovo-based laptops as a result. You’re operating under the assumption that manufacturers (AND THE GOVERNMENT?!) are doing everything by the book and according to industry standards. Having worked for the government, and can tell you first hand that nothing could be further from the truth. Government workers are some of the laziest, most incompetent IT people I’ve ever had the displeasure of working with.
As soon as a “backdoor” is put into something, ANYONE can use it if they find it. I’ve done white hat stuff for several years now, and it would make you shit yourself if you knew how easy it is to break into most modern clients.
How about the old fashioned way? Serve a warrant to the owner of an encrypted device, seize said phone & if owner refuses to make data on phone accessible, sort it out in the courtroom with a judge.
It is all about sneak & peek. The agencies who are against encryption want the ability to access smart phones without any prior notification. Delayed notification will be routine and would be extended indefinitely.