So if I understand, just losing your phone is safe, but if you find it again after losing it, you basically shouldn't keep using the phone before completely reflashing the device?

Any modifications won’t survive a reboot (this is a “tethered” exploit), so if you’re concerned just turn the phone off and on again.

Honestly, I find the malicious attack scenarios for this pretty far fetched.

Well it won’t come back on in that case (the modified firmware will fail signature check.). But as you say you are still safe, just don’t unlock the device before reboot.

I think that depends on how it's set up, right? I rememember on my old iPod Touch with a tethered bootrom exploit, you could reboot without a computer but it would start up in non-Jailbreak mode. If you wanted to boot Jaillbroken, you had to find a computer. (This was the origin of the term "semi-tethered Jailbreak").

I don’t have deep knowledge of the security architecture here but, in general the key doesn’t need to be compromised to retrieve data in secure systems.

What prevents unauthorized firmware from requesting that the Secure Enclave decrypt all data? Similar to having control over an HSM - you can’t extract the key but you can perform cryptographic operations.

The SE will still require a password or other authentication data (e.g. iris/finger print, biometric measurements) until it will use its key to decrypt the data.

The only ways around this are:

* physical extraction of the embedded memory in the SE (I'm not sure if this is actually feasible, it's certainly a destructive attack)

* "updating" the SE firmware - this is what the FBI wanted Apple to do in that terrorism case, that Apple develop a SE firmware that leaks the secret key

* exploiting bugs in the SE firmware - this is what the FBI ended up doing by hiring either Cellebrite or some anonymous hackers (depending on which source one believes).

I see. Hence evil maid attack. If someone has temporary physical access they could install malware that captures data when the device is unlocked. Chargers as an attack vector seem more likely, if more mundane.

In the case of malicious chargers I believe Apple already authenticates peripherals to make data capture more difficult. If you’re unauthenticated then you will not be able to do much unless explicitly authorised.

Of course, none of that matters if you can reflash the device or exploit the boot ROM.

> exploiting bugs in the SE firmware / "updating" the SE firmware

why not both?

So this might increase theft, as it is more valuable than a mere brick now.

I hope we get some word from Apple about this.

> So this might increase theft, as it is more valuable than a mere brick now.

Only for older models, the newest series is not vulnerable.

The vast majority of iPhones currently in use are “older models“ [1].

Only A12 and A13 devices are unaffected (XS/XR, 11).

[1]: https://deviceatlas.com/blog/most-popular-iphones

Any special abilities you may get disappear on reboot, so this isn’t a very practical activation lock bypass.