How iMessage may work
(at a high level, various optimizations exist to avoid overhead after initial key exchange, etc)...
Bob wants to send an message to Sue.
Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.
Apple informs Sue of an message request and is handed Bob's public key.
Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.
Apple informs Bob of Sue's public key.
Bob encrypts his message to Sue using Sue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.
Apple informs Sue of Bob's message.
Sue decrypts the message from Bob using her private key.
Under this model only Bob and Sue have their private keys and hence only they can decrypt messages originating from their devices
...HOWEVER, since Apple is the mediator of the public keys between Bob and Sue Apple could give Bob a public key of their own claiming it was from Sue. This would then allow Apple to decrypt messages from Bob heading to Sue. Apple can do the same thing with Sue. Then Apple would be able to get messages from Bob, decrypt them, look at the message, then re-encrypt it before passing it along to Sue. The man in the middle model...
Bob wants to send an message to Sue.
Bob generates a private key and stores securely on his device.
Bob derives a public key from his private key.
Bob gives his public key to Apple stating he wants to message Sue.
Apple generates a private key and a FakeBob public key of their own.
Apple informs Sue of an message request and is handed FakeBob's public key.
Sue generates a private key and stores it securely on her device.
Sue derives a public key from her private key.
Sue gives her public key to Apple.
Apple generates a private key and a FakeSue public key of their own.
Apple informs Bob of FakeSue's public key.
Bob encrypts his message to Sue using FakeSue's public key.
Bob gives his encrypted message to Apple asking for it to be delivered to Sue.
Apple decrypts message, looks at it, and then re-encrypts message using Sue's public key.
Apple informs Sue of Bob's message.
Sue decrypts the message from Bob using her private key.
Personally I trust Apple to NOT do this and favor the simplicity of their method despite a man in the middle weakness internally in their system. They could prevent this but at the cost of trust being established between Bob and Sue in a more complex and cumbersome way... not ideal for typical users of iMessage.
...personally not sure how this is news or a surprise, with the intentional simplicity and ease of use of the iMessage solution you have to assume Apple will be a good actor on your behalf...
And this is exactly how the NSA and GCHQ have run MITM attacks on amongst others Google. It would not be a problem for the NSA or other agencies to demand Apple to install software to do just that, or have that agency do that. And we would never know, as Apple would be forced to keep it secret.
So, while I agree that Apple would not listen to us, I would not be too quick to dismiss intelligence agencies abusing the exact possibility. Lavabit anyone?