[zer01]

Fair points, though to be fair the iOS platform is by and large the most secure mobile platform we have (please correct me if I'm wrong, you absolutely know better than I). Still, as long as the backdoor remains, it will always be possible to carry out malicious updates like this.

As far as I understand the secure enclave has been updated a couple times since it's introduction, so I legitimately hope this was a v1, with secure enclave v2 (without update functionality) waiting to be released in Sept.

As a side-note - one of the things I struggle with is I'm not convinced that Apple really had a tangible reason to make it as secure as it is, especially when their main competition was android, which is fairly laughable with security thanks to the OEMs.

[saurik]

I think Apple in general and Tim Cook in specific are highly moral people: I think they are truly looking at security as a way to make the world a better place; in discussions I have had with employees at Apple, they truly do attempt to build systems where even they don't have access to your information... only at the same time, but somehow from the other side of their mouth, when questioned about their ability to do things that are evil when they do have that ability, they just say "well, we'd never do that", and refuse to discuss scenarios where "we" is difficult to define (as it only takes a finite number of disgruntled employees to decide to do something bad) or they are forced by external parties (such as the United States government). I'm honestly kind of glad to see that latter scenario actually play out, and particularly to see it play out so publicly, so we can see how they react as "well, we'd never do that" even has the possibility of turning into "fuck, we were forced to do that".

[zer01]

Agreed, I'm extremely glad this is being done in such a public fashion. It's important to have transparency about these issues.