At any time they could implement a new feature in iPhone to do anything, yes that's true, and yes they could be flat out lying that this is how it's implemented. They could be lying about the whole thing. If they'd implemented it on their servers, they could still have taken that code and later put it on their phones and run it on whatever photos they liked.
Come on, now you're really going off the rails. What we're discussing here is the system Apple has said they have implemented and described. Anything beyond that is hearsay and accusation, for which some evidence would be appreciated. If you're just going to believe whatever you want to, and damn the evidence or what anyone says, go ahead. There's nothing much more to say.
I think that they can do that is the problem, though? If you don’t like the way Google is running things, you can swap out the OS on your Pixel for one of several open source privacy-focused Android forks. But if Apple does something to iOS you don’t like, you’re stuck with it.
That's got nothing to do with CSAM, or this change and isn't anything new. If we're going full tinfoil, Android manufacturers could force update, lock down or brick your Android phone any time they like anyway. If you allow remote updates, which I think we generally all want for security updates, it's all about trust.
Come on, now you're really going off the rails. What we're discussing here is the system Apple has said they have implemented and described. Anything beyond that is hearsay and accusation, for which some evidence would be appreciated. If you're just going to believe whatever you want to, and damn the evidence or what anyone says, go ahead. There's nothing much more to say.