Apple doesn’t backup TouchID or FaceID data to the cloud (just as they don’t backup your iOS device passcode). You need to set up each device independently.

https://images.apple.com/ca/fr/business-docs/FaceID_Security...

> Apple doesn’t backup TouchID or FaceID data to the cloud

We only have Apple's word to go by.

No, we don't.

https://hackaday.com/2017/08/18/apples-secure-enclave-proces...

Yeah it may be a binary dump, but it's now decrypted and understandable.

Serious question: can its firmware be upgraded through future device updates?

I THINK so.

https://www.theiphonewiki.com/wiki/Bootchain

https://www.theiphonewiki.com/wiki/Bootrom

https://www.theiphonewiki.com/wiki/25C3_presentation_%22Hack... (^F "The first piece" [of code])

https://www.cse.wustl.edu/~jain/cse571-14/ftp/ios_security/i...

The only part that is fundamentally read-only is the bootrom/SecureROM.

...Which is why https://ramtin-amin.fr/#nvmepcie and https://ramtin-amin.fr/#nvmedma are among my favorite articles ever. (iPhone 6, but still.)

Well, that and the word of numerous security researchers whose job it is to make sure that Apple is true to their word.