Pretty much all Android devices fit this profile. Even the new encryption-by-default policy announced by Google was only initially applied to Nexus devices, even up until last year. Other vendors may have adopted it more recently but they originally failed to publicize this subtext. The issue apparently was most devices didn't have proper crypto hardware acceleration so it couldn't be applied uniformly across all vendors and only Nexus devices were automatically encrypted post OS install. Hopefully that has changed with newer devices.
Regarding specific hardware tied to a device cryptographically, I'm on the fence about this. This is similar to signing-keys used with kernel modules which is still widely used in Windows.
On HN people have speculated that having a manual 'switch' to toggle on the motherboard for doing firmware updates. So the device can't be tampered with remotely. That seems ideal for that threat model.
But I personally don't see a problem with what Apple is doing here even though it's with physical access. Primarily considering the product is an iPhone which is generally sold as an all-encompassing product/service by Apple. It's not a linux-y customizable device. So having the additional security via hardware locked to the Secure Enclave is a value-add if you're going the proprietary route. Apple's customer service is usually quite good, so that's not a significant barrier. There are other options on the market if you want cheap 3rd-party repairs.
Regarding specific hardware tied to a device cryptographically, I'm on the fence about this. This is similar to signing-keys used with kernel modules which is still widely used in Windows.
On HN people have speculated that having a manual 'switch' to toggle on the motherboard for doing firmware updates. So the device can't be tampered with remotely. That seems ideal for that threat model.
But I personally don't see a problem with what Apple is doing here even though it's with physical access. Primarily considering the product is an iPhone which is generally sold as an all-encompassing product/service by Apple. It's not a linux-y customizable device. So having the additional security via hardware locked to the Secure Enclave is a value-add if you're going the proprietary route. Apple's customer service is usually quite good, so that's not a significant barrier. There are other options on the market if you want cheap 3rd-party repairs.