I'm pretty sure they encrypt the entire flash with a random key that is stored in the first page. When remote wipe request comes in you just need to nuke the key to destroy data, which is a lot faster than actually overwriting 32Gb of flash.
iTunes backups are not encrypted by default because you have a key management issue. The primary purpose of the backup is so that you can restore it to a different device after your main device is lost or broken. Since devices where backup is taken and restored are different you can not use built-in key to encrypt the data. There are only two options where to store the key - with the backup itself (which is entirely useless) or with the user. Which is exactly what iTunes does - it allows the user to specify a password that is used to generate the key.
Hi Denis, are you at WWDC? It would be quite rad if someone were to start prodding the apple folks in sessions with regards to this. Inquiring minds want to know!
Because such design is the first thing that comes to mind when I read apple's wording of "iPhone 3G S offers highly secure hardware encryption that enables instantaneous remote wipe.".
So such design would work and is simple enough, hence "pretty sure".
I wasn't getting snippy with you, dude. I was really wondering if you knew something we didn't beyond speculation. My comrade Stephen (author of article above) suggested pretty much the same thing.
I didn't find it snippy either. Basically my position is "if it looks like a common sense thing to do that's probably what it is, unless there is a big reason to dig deeper into it".
iTunes backups are not encrypted by default because you have a key management issue. The primary purpose of the backup is so that you can restore it to a different device after your main device is lost or broken. Since devices where backup is taken and restored are different you can not use built-in key to encrypt the data. There are only two options where to store the key - with the backup itself (which is entirely useless) or with the user. Which is exactly what iTunes does - it allows the user to specify a password that is used to generate the key.