>Later provision was added to allow export of 56-bit encryption if the exporter promised to add "key recovery" backdoors by the end of 1998.

First SSL crippled to 40-bit RC2/RC4

First 802.11 wireless protocol WEP "64" key length shortened to 40 bits

https://en.wikipedia.org/wiki/A5/1 vs https://en.wikipedia.org/wiki/A5/2

>to allow the British secret service to eavesdrop more easily. The British proposed a key length of 48 bits, while the West Germans wanted stronger encryption to protect against East German spying, so the compromise became a key length of 54 bits

>Documents leaked by Edward Snowden in 2013 state that the NSA "can process encrypted A5/1"

Now, you have a multiple products on the market that can crack passcodes by utilizing flaws that allow you to brute force PINs, which are by default 6 digit numbers. (Despite most guidance demanding 8)

UFED, get it? its right in the name :] Video has little demonstration with older phones, one click bypass for all passcodes.

I figured it would be generally known at this point, especially with the whole perceptual hash debacle (intended to satisfy LEAs despite the plan to finally enable image encryption). I'm not sure what the internal politics looked like after the perceptual hash snitch got axed - my friends who would know quit Apple by then.