Crypto and other sorts of computer companies get served secret National Security Letters, which are things called administrative subpoenas, issued without a judge, but subject (in recent years) to judicial review.
The letters include a gag order, making it a really nasty crime to reveal you've gotten demands via National Security Letters, so companies have taken a lesson from the Glomar Explorer, a putative oil research ship actually used to recover a lost Soviet sub.
When questioned about the Explorer's true nature, the CIA had a conundrum. Answer truthfully and wreck an amazing intel asset, or lie and commit a crime. The law didn't allow either.
So, the answers were given in the form or "I can neither confirm nor deny...."
Companies get around the NSL gag order by posting, in advance, a declaration they have received no such letter. If they get served, they pull down the announcement without comment. That's called a canary announcement - if the mine canary dies, you have problems, if the canary announcement dies, customers should be aware of possible government inquiry.
TrueCrypt, one of the most popular cross-platform disk encryption tools in days of yore, took a different approach. Although they were Linux-centric, they made an announcement that Bitlocker in Windows had made their product obsolete, and, besides, TrueCrypt may contain unfixed security issues and can't be trusted. The (somewhat shadowy) developers behind TrueCrypt dropped the project.
Here's that announcement - http://truecrypt.sourceforge.net
I like security. The rumors TrueCrypt had a problem with an NSL sounded conceivable, and were later pretty much verified, so I switched to BestCrypt, offered by Jetico in Finland, outside at least some US influence (and where Linux was born). I wasn't the only one to bail out of TrueCrypt.
Software audits have since shown TrueCrypt didn't have a backdoor, but the NSL letter was real. Probably.
Encryption giant RSA, according to leaks from that dirtbag Snowden, engineered a back door into a random number generator in their software under pressure and payment from the NSA. These things actually happen and evil people can profit from security weaknesses. That would include evil people within and outside government, just as legitimate forces of justice can benefit.
As a result, US-based encryption will always have a shadow of distrust, and I wonder how long it will take bad guys to apply a little meta-encryption.
Diffie-Hellman key exchange allows two people to arrive at a common shared secret number. You use it every time you visit an https web page, buried in something called IKE, or Internet Key Exchange. The world is welcome to listen to every scrap of communication between two parties doing IKE, unencrypted.
In Diffie-Hellman, neither side gets to predict or determine what the eventual secret number will be, but I can see ways something similar could be used to transmit data. Here's the scrambled data, here's the keys we used, knock yourself out - and you get nothing. Maybe for insurance, keep a few thousand files of random numbers, encrypted, to establish that decrypting a file doesn't necessarily reveal information.
I've often thought it would be immoral fun to have Cosmo's job from that movie, Sneakers. Providing sneaky IT services to someone who would really pay and appreciate the effort, that would be great. Unfortunately, the best opportunities come from those with the most to hide, and that counts me out. I'll stay creatively poor without criminal entanglements, no matter how much they might pay.
But I bet I could do a bang-up job. I am not seeking such employment.
If Apple honors the FBI's request, their security will no longer be trusted by FBI targets. Sounds like time to repeal the Digital Millennium Copyright Act, which prohibits reverse engineering, and free the FBI or NSA to lawfully reverse engineer the iPhone. They don't need to be able to make calls, they just need a dump of the data. The NSA probably has ways to crack AES, which has been found to contain minor weaknesses.