Comment by realo
7 hours ago
Not necessarily. If the secret is protected in the secure element against something only you can provide (physical presence of RFID, password, biometric etc) then it is ok.
BUT you must trust the entire Apple trusted chain to protect you.
That is a rather big BUT.
> If the secret is protected in the secure element against something only you can provide (physical presence of RFID, password, biometric etc) then it is ok.
But we already established unlocking is not possible, so going with the argument it's implied there is a side-channel. Nothing, but a secret in your brain is something only you can (willingly) provide. Especially not biometric data, which you distribute freely at any moment. RFID can be relayed, see carjacking.
If you can side-step the password, to potentially install malware/backdoor, that's inherently compromising security.