Bruteforcing an iPhone: Where is the Key?

There's been rumors the terrorist's iPhone would be cracked with a help of NAND mirroring.

I doubt this can be done. If it could it'd mean the iPhone design is not that secure. The root of the problem the FBI has is the contents of the NAND memory is wiped out after 10 unsuccessful PIN code attempts. I think this is a simplification. If the memory is protected, it is encrypted, likely with AES-256, which is unbreakable (unless there is a backdoor...).

Encrypting information is always the easy part. Protecting encryption keys is the hard one. I don't know how iPhones protect encryption keys but I believe the keys are not stored in an external memory. I believe they never leave the application processor. And really "wiping out the contents" of an iPhone means wiping out the encryption key. Without that key and assuming AES-256 holds, even zillions of copies of the external flash would not help.

This brings me to an interesting IoT - related observation: when discussing security of a given IoT network, think about how network keys are protected. Do they sit on a filesystem of a gateway / controller that is mounted in an electrical cabinet, everybody has access to?

A network is as secure as are the keys. They often land in trash cans or are easily accessible to anyone. Something to reconsider when planning a next deployment of a "smart" system.