The extraterritorial effect of the law is profoundly troubling, especially the prohibition on revealing the existence of the Technical Capability Notice. However, Apple would almost certainly be subject to lawsuits in the US and EU if it secretly added a backdoor to iCloud Advanced Data Protection, because doing so would violate their privacy policy and would likely give rise to fraud claims. They could kill iCloud Advanced Data Protection entirely, or they could add a backdoor and say there is a backdoor, but they could not, without being exposed to liability, secretly add a backdoor while simultaneously claiming that the data is end-to-end encrypted and nobody other than the user can access the data.
Does Safari always open sites in separate processes when manually opening a new tab (e.g., via Command+T or via another macOS app sending a link to be opened by Safari) instead of allowing a webpage in one tab to open a link in a new tab via window.open? If so, does that prevent the SLAP attack from working against the contents of those manually opened tabs? Wouldn't the best practice, then, be to (1) never login to a website (or access a site where you are already logged in) by clicking a link on another site, and (2) when browsing a site where you are logged in, never click a link to another website, but instead copy the link, manually open a new tab, and then paste the link into the address bar? Obviously, that's cumbersome and annoying, but if it mitigates SLAP, then maybe it's worth the effort.
