You're assuming Apple doesn't have a way to bypass airplane mode when they receive a warrant.

They fought unlocking secure enclave. That has no bearing on active tracking. Apple is also under the eight ball with the threat of anti-trust regulation and are more incentivised than ever to make deals that turn down the heat on questionable business practices. They lost all credibility as a "security focused" company with their crazy on-device image scanning scheme.

I don't think the iPhone used in that case had a secure enclave. I think that iPhone was the iPhone 5C[1], which had an A6[2], while the secure enclave wasn't released until A7[3].

Wikipedia has the terms the FBI demanded, and to me they look like demands relating to software directly in iOS, not some other security chip[4].

>Apple is also under the eight ball with the threat of anti-trust regulation and are more incentivised than ever to make deals that turn down the heat on questionable business practices.

Questionable business practices impacting competition/monopoly, sure. But I don't see how a backdoor would make anyone think Apple has less of a monopoly.

>They lost all credibility as a "security focused" company with their crazy on-device image scanning scheme.

Apple publicly announced that in advance. That's different from a secret backdoor.

[1] https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...

[2] https://en.wikipedia.org/wiki/IPhone_5C

[3] https://apple.fandom.com/wiki/Secure_Enclave

[4] https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_d...

More so, how would they tell a phone with radios disabled to turn on a radio, besides physical access?

By telling the radio firmware to do so?

edit: the sim can tell the radio to turn on, when it wants to send a message.

It is a full blown computer, with direct access to the radio firmware, with no OS oversight.

The radio firmware can be updated remotely, too, and the OS only knows the modem is on, because the firmware tells it so.

The icon on your phone showing signal/on/off is displayed by the OS, after querying the firmware. The OS has no way to know if the radio is on or not.

Yes but from where is this command originating? Can't be remote because well... the radio is off.

It can be remote but shifted in time. E.g. send a remote command that essentially says "if in airplane mode, every 60 minutes turn radio on and check for new commands".

That would cause major issues in areas where phones are forbidden for national security or sensitive equipment reasons from having antennas active. I've never heard a report that a manufacturer has even considered that idea as it could potentially cost them major damages.

Of course, that's not something that a legitimate manufacturer would have in their standard firmware.

However, that is a possibility for specific malicious firmware uploaded to some "phone of interest" to prevent its user from protecting themselves by turning on airplane mode.