Your analogy doesn't really work because a food poisoning attack is hard to scale (across restaurants, locations) without being detected, whereas one backdoor can compromise everyone all at once if they all have the same software.
If Apple adds a backdoor to their E2EE (by sending their servers the key) via a software update, and they don't do anything with the secrets exposed, they can compromise a large proportion of users over just a few weeks and there is a big chance you'll be among the "first", because the "first" is now a large set.
If Apple adds a backdoor to their E2EE (by sending their servers the key) via a software update, and they don't do anything with the secrets exposed, they can compromise a large proportion of users over just a few weeks and there is a big chance you'll be among the "first", because the "first" is now a large set.