My problem is that I can pretty much paste my response word-for-word and it still applies just as well here, which really means you haven't updated your take to account for it at all. That's just not interesting.
That said, it's still a new feature. I'm sorry I don't have the NSA spokesperson here to say that they are going to pack it up and go home now because iPhones are unhackable, since that's the only thing you are willing to accept. To be entirely honest I am not even willing to hide my disdain for the certification you've repeatedly brought up at this point beyond it being a set of good practices. Like, the Titan M2 chip was assessed at AVA_VAN.5 it got exploited last month because it was written in a bunch of C and deployed without layout randomization or attempts at CFI. I trust the words of hackers (of particular renown, mind you!) and their analysis of how strong the mitigations actually are over some certification person just looking at the system and trying to take a guess as to how it'd hold out.
I do not require a NSA spokesperson, I just need any organization with technical merit comparable to the "most sophisticated digital threats" or who have actual practical knowledge of how to defeat such threats to actually weigh in on the claims otherwise I do not see how their claims have any support as they are supported by neither the stated adversary or anybody who has demonstrated such defensive abilities previously.
I did not previously know that the Titan M2 chip was assessed at AVA_VAN.5, but I do not see how the chip itself being certified against physical attacks is relevant to the security properties of the Security IC Embedded Software which is explicitly out of scope and is uncertified at any level. To support my claim that it is a certification of the hardware, not the software:
On Page 7, Section 1.2.2, Statement 9, we see that Security IC Embedded Software is all software running on the chip (i.e. non-firmware). Security IC Embedded Software, which is what we would consider to be the Titan codebase that was attacked, is explicitly called out as not part of the Target of Evaluation (TOE).
On Page 22, Section 3.2, Statement 70, we see that the threats specified are physical, electrical, and hardware attacks. On Page 25, Section 3.2, Standard Threats, Statement 82-87, we further confirm that the enumerated threats are physical and related to the hardware itself, not the software.
On Page 30, Section 3.4, Assumptions, Statement 99, we see a assumption required for correct operation of the composite TOE (hardware + software) is that the Security IC Embedded Software correctly protects user data. As this is a assumption, this is not a evaluated claim and assumed to be true for the purposes of evaluation and is thus out of scope.
So, to reiterate, I do not see how a software attack on uncertified code in the Titan M2 chip proves the certification evaluates software incorrectly given that the software was out of scope of the certification in the first place and thus no claims of its quality are asserted as part of the certification that the Titan M2 chip received. That is like complaining that waterproofing standards for phones are garbage because they do not tell you how fire resistant a phone is. If anything, it supports my statement since the uncertified code was defeated.
That said, it's still a new feature. I'm sorry I don't have the NSA spokesperson here to say that they are going to pack it up and go home now because iPhones are unhackable, since that's the only thing you are willing to accept. To be entirely honest I am not even willing to hide my disdain for the certification you've repeatedly brought up at this point beyond it being a set of good practices. Like, the Titan M2 chip was assessed at AVA_VAN.5 it got exploited last month because it was written in a bunch of C and deployed without layout randomization or attempts at CFI. I trust the words of hackers (of particular renown, mind you!) and their analysis of how strong the mitigations actually are over some certification person just looking at the system and trying to take a guess as to how it'd hold out.