Comment Re:Wrong (Score 1) 585
On citation for original design intent, thought I read that in a news article back when they announced iOS8, but can't locate it now, so maybe I'm wrong. Your description of the encryption mechanisms is a bit off regarding Secure Enclave.
Apple’s implementation of security with A7+ processors and the Secure Enclave also uses ARM TrustZone architecture with rather complicated composition of encryption keys. But there is a hardware key specific to the Secure Enclave chip and cannot be accessed or queried outside of it (I’m ignoring expensive physical xray or FIB methods etc) and is unique to each device. A piece of this is generated whenever iOS is reset or reinstalled. The Secure Enclave is a separate chip built into the SoC running its own microkernel. This is different the standard TrustZone architecture. It does indeed have its own firmware and isn’t even based on iOS. It is updated separate from the rest of iOS. However, it does require similar update process and must be appropriately signed. You are right that this is a current weakness, but there is reason to believe Apple could alter the update process such that the Secure Enclave firmware could behave distinctly and require the PIN to be entered correctly or it wipes part of the key.