Re: I'm not sure how he thinks this will work on an iPhone 6
@Steve Todd: Well, I'd be delighted to be wrong about this if it means that things are better documented or at least better known by now (or always were). Last time what information was around (using an hour or three to look for it with the benefit of a background as a seasoned embedded systems SW engineer) left me with the above impression (admittedly with some of my own speculation having most likely blurred to the info by now). I wouldn't mind seeing a quote from the above link attesting to the secure enclave's nature as a physically separate, tamperproof* subsystem, in particular it having its own persistent, but mutable storage, physically separate from the general purpose flash (without which it is still vulnerable to this sort of attack); this is the main point where I had to rely on speculation (i.e. Apple very likely minding the BOM / extra size / complexity from an extra chip / ... too much to implement a feature the finer points of which the general public would be unlikely to appreciate).
* one aspect of this would be whether the secure enclave's firmware is immutable (failing which makes the kind of hack FBI was demanding of Apple possible)