Source? Current discussions surrounding your statement point to it being false - that Apple can update the firmware of the secure enclave without it wiping out it's data.
I think the confusion stems from the iOS security guide that Apple published. Page 7 of the guide states that "The Secure Enclave is a coprocessor fabricated in the Apple A7 or later A-series processor. It utilizes its own secure boot and personalized software update separate from the application processor," which implies that somehow updating it is more secure, without saying exactly how much control Apple has over updating it, and whether or not the phone needs to be unlocked before it accepts new firmware. Given that they haven't come out and said that they can't override the firmware for locked phones, I'd say they can. Although, before Apple's recent statements I would have assumed that they couldn't, so the confusions understandable. The guides at https://www.apple.com/business/docs/iOS_Security_Guide.pdf
> Source? Current discussions surrounding your statement point to it being false - that Apple can update the firmware of the secure enclave without it wiping out it's data.
Do you have the source for that, too? I was still under the impression that the Secure Enclave would erase the keys if it's updated.
It's a pretty huge flaw if the firmware can be updated and the keys preserved without first validating with the passcode.
AFAIK, the only sources on this matter are the white papers that Apple has produced. You can't even attempt to update the firmware without having Apple's signing keys.
