[concinds]

That's different. It's a feature where Apple deliberately keeps some components running after shutdown, in a very low-power way, and provides an option to turn that off. Those components (the Bluetooth chip, for example) are all strictly separated from each other by IOMMUs.

Intel Management Engine is very different. It's basically another CPU within your real CPU, running its own software with no visibility to the main OS, and it has (AFAIK) full access to other components. If it's compromised, or has a factory backdoor, you're 0wned.

The closest thing to Intel IME that the iPhone has, is the baseband, which can run its own code. But if I'm reading marcan correctly (https://news.ycombinator.com/item?id=30393283), modern iPhones/Android phones all use IOMMUs to isolate that (with the exception of a few so-called "free/libre" phones). The IOMMUs can be easily inspected from the OS to make sure they're correct, so it's just not a concern, unlike IME.

[fmajid]

The baseband doesn't have control over the application (main) processor the way IME does, however, and Apple is rightfully distrustful of Qualcomm's security and the two are fairly stringently separated. What a baseband (or WiFi controller) rootkit can do, however, is intercept all your network traffic, and inject exploits for software bugs in the main OS.

[ace2358]

Thank you for this break down. I appreciate the distinction.