Should note that John McAfee is offering to "break the encryption" of the data within 3 weeks of commencement using "social engineering".

His intentions: good. His success probability: unlikely (unless they have knowledge of how the encryption key is built from the passcode)

Source: http://www.businessinsider.com/john-mcafee-ill-decrypt-san-b...

Social engineering?

"Mr. Cook, it's John McAfee on line three, again. He says, quote, 'pretty pretty please.'"

The FBI wasn't asking for the device to be decrypted. They were asking for a new operating system to be installed that circumvented the 10 wrong tries and the phone is erased.

My original question still stands

The half-solution security chip plus the device's software form a psuedo trusted computing module.

It does seem that if the FBI desoldered the security chip and subpoenaed the KDF algorithm, they could recover the raw encryption key using their own hardware. But perhaps I'm missing a detail.