For example if you have 3 devices (iPhone, iPad, MBP) and someone goes to send you a message, they have to re-encrypt the message three times because Apple would have sent them three public keys.
Now if Apple were evil because of a government order, they could send down four public keys, the three ones for the devices you own, and the one public key that Apple has the private key for. At that point once they receive the message they can read it.
Any system that distributes public keys like this can be compromised the same way.
The only real way to stop something like this is to make sure that the person you are talking to holds the keys, OTR does this for example by allowing both parties to verify the fingerprint...
This is not a matter of populism or even of principle. US technology can't be trusted any more. How are you going to restore that trust without making the technology verifiable and without providing simple, reliable ways for end users to routinely put their communications and data out of reach of surveillance?
Where is the "populism" in this? This is about many 10s of billions of dollars in revenue lost and even more in lost shareholder value and opportunity.
With iMessage, if the FBI gives apple a warrant to include their snooping pubkey as an additional encryption endpoint for all messages for a user, by definition it only gives access to messages made from then on, which is in keeping with how I would expect a search warrant to work.
You're correct about iMessage, which is an important point to make. But you're not correct about PRISM; see my article from last summer: http://news.cnet.com/8301-13578_3-57588337-38/
I made no claim that about direct access to servers, but I guess since the rumors of direct server access and "PRISM" are synonymous in popular news articles, it was misleading to use the term. My point still stands if you replace "PRISM" with "NSA's dragnet surveillance", which is surely happening.