Apple's open letter - they can't or won't backdoor iOS?

Various commentators suggest that this would be possible, on the specific hardware involved in this case. For example, Dan Guido from Trail of Bits mentions that with the correct firmware signatures, it would be possible to overwrite the firmware, even without the passcode. From there, it would be possible to attempt brute force attacks against the passcode to decrypt the data.

It appears to not be possible if the firmware replacement is incorrectly signed, and the signing keys have been kept secure by Apple so far.

He also mentions that this wouldn't be possible on some later devices, where the passcode check is implemented in a separate hardware module, which enforces time delays between attempts.

Edit Feb 2017: Cellebrite (a data forensics company) have announced the capability to unlock and extract data from most iPhones from the 4S to the 6+, strongly suggesting that a flaw exists somewhere, which they are able to exploit. They haven't released full details of this.

After doing some research, I now believe this is possible, but that it isn't very easy. Without getting too technical, if you look closely, Apple repeatedly implies that they can do it:

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers.

But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

Building a version of iOS that bypasses security in this way would undeniably create a backdoor.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

If they couldn't do it, it could be a moot point to respond to this in such a way. I would say that it's possible for them to implement such a feature, if they want.

Could they actually accomplish this for an existing encrypted phone?

Yes. They could provide a compiled image of os with anti-bruteforce features disabled. The fact they're making an open letter IMHO means they've already exhausted all excuses to not do so, implying they are fully capable of doing it.

They would have to be able to auto update a phone that they don't have access to.

No. They would provide binaries to the FBI. The FBI has physical access to the phone and can flash it. They can't prepare such image themselves because iPhone checks signature for Apple private key. Actually this key would enable FBI to do everything themselves (well, at quite a cost of reverse-engineering), but they're not insolent enough to ask for it.

If they can actually do that, then isn't simply knowing this is possible also undermining the security? It seems to me it would be just one step removed from the backdoor they are trying to keep closed.

It is. Holder of such binaries could then take any iPhone 5C, flash it with this version, and bruteforce it easily. (Or to be exact, any model that can run 5C firmware correctly). This is not a future backdoor, it's a master key to every iPhone 5C you can physically get your hands on.