My understanding of Apple's argument is that currently, it would take a significant investment of resources to introduce a working hardware vulnerability to a target device, and that if this ability became commoditized (and thus viable on a larger scale) the decreased security might cause irreparable harm in the time it takes us to collectively correct it. Say, a device that stores screen tap locations and exflitrates as you walk by free public wifi? Don't know how practical that is but you get the idea. There's no hardware equivalent of a hash function to verify that what you've acquired is what you requested. Most people will never take it apart to check or would be able to spot something amiss if they did.