Comment by duskwuff

> No amount of incompetence seems enough to explain such a default policy, so the supposition of an intentional backdoor still seems more likely.

I think you're overestimating how granular the memory mappings are (or how isolated the debug registers are). They're usually used to control access on a peripheral level, not to individual registers within a peripheral.