Apple was recently ordered by a magistrate court to assist the FBI in brute forcing the PIN of a device used by the San Bernardino terrorists.
The court ordered Apple to develop custom software for the device that would disable a number of security features to make brute forcing possible.
Part of the court order also instructed Apple to design a system by which pins could be remotely sent to the device, allowing for rapid brute forcing while still giving Apple plausible deniability that they hacked a customer device in a literal sense.
All of this amounts to the courts compelling Apple to design, develop, and protect a backdoor into iOS devices.
Firmware signing capabilities:
Apple has firmware signing capabilities for all of their devices, and are the only ones in the world that can boot custom software without exploiting a device. This also requires an authorization ticket from Apple’s servers in order to authorize the code to load onto a device.
Firmware updates run as a RAM disk on iOS devices, which is similar to booting off of a USB stick.
Apple can write a custom RAM disk (as a “SIF”), sign it, and boot it on any iOS device from restore or DFU mode to run from memory.
A7 chips have moved the backoff (delay) and retry count for passcode attempts into the “Secure Enclave” (SEP), which is a coprocessor inside newer devices, however this can be updated (or “flashed”) by Apple in its present form to remove these features.
The iPhone 5c does not have the new A7 chip, and therefore does not have a Secure Enclave, so the PIN delay is software-based and can be easily disabled anyway.
The mechanism that wipes after 10 failed attempts appears to still be software based on all devices, and could be disabled on any device.
A number of alternative methods exist, some of which are believed to be feasible alternatives that can be performed without Apple’s assistance.
The All Writs Act includes a “necessity” prong that insists an order can only be granted if it is the only way to achieve a certain task.
Apple can, on a technical level, comply with the court’s order to brute force the PIN on an iPhone 5c.
Forcing Apple to develop a forensics tool is not the only feasible method available to access the content on the device in question.
The only reason it is possible to decrypt this information at all is because the subject chose a weak (numeric) passcode instead of an alphanumeric passcode. Choosing a complex, alphanumeric passcode is computationally infeasible to brute force, regardless of any backdoor compelled by the government. Apple uses the PBKDF2 key derivation function, which involves a mathematically dependent 80ms delay to compute a key, controlled by encryption routines that are bound to the hardware. As a result, it would take six years just to brute force a six digit alphanumeric key, and exponentially more time for longer keys.