Any detection method like this can be used against its owner.
Imagine if you could merely borrow someone's phone for five minutes and, in that time, convince the spyware that it was under attack enough to cause it to erase the owner's data or report them to Apple. All of a sudden they would be much more possessive of their cute little devices (if that's possible) rather than lending you the phone so you can play the latest cute little game they downloaded.
Imagine if there was a website you could send them to that would trigger the spyware. It'd be the ultimate rick-rolling process.
Many of these kinds of things are going to happen to perfectly innocent ordinary people. Just as there have been plenty of people who've had their Windows license revoked by "Genuine Advantage" because someone else guessed or stole their real license key, there will be people who inadvertently or in the course of their regular life find their Apple device locked, erased or worse because the spyware has triggered. It'll snowball into a class action, and there'll be a costly lawsuit that can only end in Apple losing (as many other companies who have caused damage to customers have done). By then it may be too late for them to reverse their image as the company that told everyone they'd be spying on their own customers.