What is the value of every message being encrypted if Apple can decrypt them at will?
IIRC Apple doesn't get your encryption keys in their system. I don't remember exactly how it works, but I remember reading that the encryption is from one endpoint to the other, and Apple doesn't actually have the ability to decrypt the message in transit. Now you could complain that they might have put in a back door. Well sure. That's possible with any closed source software-- and really even with FOSS software that hasn't been audited by someone you trust.
Of course its easy. But its also completely POINTLESS.
Well it really really depends. If you think that security is binary-- either "secure" or "not secure"-- then you grossly misunderstand the issue. Even if Apple can read your messages, which I could be wrong about but I believe they officially say that they can't, I would still trust Apple with a lot more information than I would trust the Internet are large. It's not locking your car to keep the valet out, it's asking the valet to lock your car once he's parked it.
And besides, as I've said, I don't really care about Apple. I'm not saying, "Don't encrypt your email! Just use Apple's Messenger instead because it's way better and secure!" I'm saying that if you want people to encrypt their email, look at what Apple's done as a possible model for how to accomplish that, because they succeeded in making it an easy process.
If you DO trust the endpoints, and they are the same entity as the intermediary then WHAT IS THE POINT OF IMPLEMENTING END TO END ENCYRPTION?
Yeah, kind of my point in saying, "Only if you assume that Apple is a burglar don't trust them with anything." There's levels of trust. I've given Apple my credit card before, and I trust that they're not going to charge me for anything that I didn't buy. Therefore, if I were going to send credit card information over the internet, I'd prefer to use their encryption over nothing.
But again, this isn't about Apple. I have no problem with you distrusting Apple. Still, you're going to have to trust someone sometime. You trust Mozilla? Fine, then let them implement an encryption scheme as simple for users to work with as Apple's is. I'd be perfectly happy with that.
If it hasn't come through in our discussions, my preference is for there to be improvements to be made to email, according to open standards that can be implemented by Mozilla, Apple, Google, and everyone else, that make encryption dead-simple. The fact is, email could stand to be improved in many ways, but it won't be anytime soon because you have Apple running off and doing it their own way, Google running off and doing it their own way, and Mozilla allowing you to install a plugin that calls another application that most people don't have installed, which then allows you to run a wizard, that dumps out a key, that needs to be backed up in some unspecified way or you lose all of your email, which also renders your email unreadable anywhere else.