It may be the case you can put a new OS on the device without it being wiped, because the OS partition is separate from the user data partition, and probably unencrypted.
Anyway, a hypothetical alternative firmware couldn't just magically bypass the encryption. What it could have done, and I think this may only apply to older iPhone models as it's now handled by the Secure Enclave(?), is make it easier to brute-force the pincode (no lockout, less delay).
Can you do an OS upgrade on a locked device without unlocking it first ? If so that is terrible regardless of whether the OS partition is encrypted or not.
It also doesn't really matter whether the compromise is a direct key extraction or just defeating the anti-bruteforce protections, the root flaw here is with the phone accepting new privileged software while locked and still retaining its state.
Well the existence of a bypass for that is what is being considered here, such a bypass would constitute a backdoor contrary to Apple's security/privacy posturing.
> a hypothetical alternative firmware couldn't just magically bypass the encryption
No, but it could presumably brute force the pin (unless the rate limiting is hardware controlled?) or wait until the user enters it, then decrypt everything.
Anyway, a hypothetical alternative firmware couldn't just magically bypass the encryption. What it could have done, and I think this may only apply to older iPhone models as it's now handled by the Secure Enclave(?), is make it easier to brute-force the pincode (no lockout, less delay).