Interesting part: "For example, the iPhone SEP has a direct connection to the fingerprint reader, because the application processor isn’t trusted with that data. Weirdly FaceID departs from this but I digress."
Anyone have any info on why FaceID works a different way? Because it needs more processing power?
I have not seen any sources which explicitly state that FaceID doesn't work the same way as TouchID does, but perhaps it's the lack of specific details in the iOS Security Guide [0] that might have led to this assumption?
In fact, FaceID solely relies on the IR camera to do its work. You can cover the front-facing (normal) camera and your iPhone would still unlock successfully. Conversely, the newly touted Animoji feature does NOT rely on the IR camera at all, as evidenced in this iPhone X review [1] at 11:40. It may be the case that the OS don't have access to it.
I can’t swear to you that this is exactly the same depth data that FaceID uses. Maybe it’s been downsampled in some way that makes it safe to give to apps, without enabling attacks on FaceID. I think I’d be a bit more willing to believe that if Apple’s Security docs actually said that. To me it seems more likely that the raw depth maps are available to the app processor (and to apps!) because the SEP isn’t powerful enough to perform the recognition task on its own.
What would that accomplish? The entire point of having the SEP wired directly to the fingerprint reader is that fingerprint images never make it to the AP because there's no reason for that. If the SEP is just going to copy every image to the AP why not just have both processors connected to the camera? (which also removes the security surface of any SEP->AP image copying code)
Anyone have any info on why FaceID works a different way? Because it needs more processing power?