When there's physical access to the device it's nearly impossible to make any system unhackable I think, at least with current tech. In this case it's a deliberately injected (twice!) hardware fault, and requires intervention at the hardware-level to reproduce the privilege escalation.

Yeah Apple does have "secure enclave" on some devices, and maybe in many cases it would wipe itself before you got in, but maybe that just means a more careful-hand is needed? (Again, physical access and extreme care/caution when debugging/investigating the chip should work eventually I think!) - I am not a hardware hacker, just have read about it quite a bit!

I mean, considering that it's been 13 years since the release, I think they did pretty well!