The phone in question does not have a secure enclave. Newer phones do, but the firmware is as you suggest (and as best I am aware) updatable without wiping the keys.
However wiping the keys entirely is not necessary nor practical, it would be just as easy to make the firmware update process require the secure enclave to be unlocked with the key first. That would prevent an "authorised" backdoor reflash in this situation.
It's also possible this is already required, we are not sure as Apple do not speak quite as detailed about the secure enclave update process as the rest of the processes in their iOS security guide.
However as before, it is not relevant to this case as the 5C does not contain a secure enclave.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Firmware updates
Date: 2016-02-25 10:43 pm (UTC)However wiping the keys entirely is not necessary nor practical, it would be just as easy to make the firmware update process require the secure enclave to be unlocked with the key first. That would prevent an "authorised" backdoor reflash in this situation.
It's also possible this is already required, we are not sure as Apple do not speak quite as detailed about the secure enclave update process as the rest of the processes in their iOS security guide.
However as before, it is not relevant to this case as the 5C does not contain a secure enclave.