How The FBI Might've Opened the San Bernardino Shooter's iPhone 5c

"Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor?" Slashdot reader LichtSpektren quotes Bruce Schneier: Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key. The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong.
Sergei's new paper describes "a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9." The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts... Although the process can be improved, it is still a successful proof-of-concept project.

this isn't an external brute force attack

[YesIAmAScript]

This attack is still done on device. It just clones the NAND back to "0 strikes" after each 6 attempts.

This attack doesn't extract the memory and doesn't decode externally. It just copies NANDs.

Why is this significant? Because it means you can't do extraction in parallel, you still have to go through all the codes sequentially on the device.

It defeats the significant portions of the backoff. It defeats the erase after n failures. It's a very significant attack.

But no one said this type of attack was impossible. I personally read about variants on this attack while the controversy was going on. I even posited it myself. I believe Apple even addressed it claiming that this attack wasn't possible on later iPhones due to a change in how the failure count is stored.