And that's even assuming one cares about the secure enclave. I am not convinced that any phones exist that one can not unlock the enclave via JTAG debugging.
For most devices, if you have that kind of physical access, and enough technical resources, all bets are off. Most people's threat model doesn't include three-letter-agencies reading their secure enclave. If yours does, you're probably better off not carrying a phone at all.
> Most people's threat model doesn't include three-letter-agencies reading their secure enclave.
Maybe it should. I'm not convinced that we're automatically done for if the NSA, CIA or whatever starts coming after us. That sort of demoralization is probably part of their psychological warfare.
The US government is constantly lamenting the fact cryptography has become widespread and regularly attempts to straight up outlaw it. Cryptography is subversive: it has the power to defeat police, judges, spies, governments, militaries. The simple act of encrypting web traffic shifted the landscape to the point governments are stockpiling vulnerabilites to get around the cryptography. The next step is to systematically eliminate these vulnerabilities so that the cryptography cannot be worked around.
GrapheneOS devs have announced "We're currently working with a major OEM towards future generations of their devices meeting our requirements and providing official GrapheneOS support. GrapheneOS on both Pixels and these future non-Pixels will be fine." (https://grapheneos.social/@GrapheneOS/115102564799343519)
You're welcome to assert otherwise, of course, but your assertions are contradictory with direct statements from the GrapheneOS team.
