If the phone can have a compromised firmware uploaded without the phone owner's permission it is flawed. At which point, we should all know this so that we can bin the units and seek adequately protected units from someone else.
If the phone is not susceptible to any attacks that Apple's own experts are aware of, then they get to take the stand and claim under oath "they know of no means to meet the judge's order" and we all get to cheer in the streets.
Either they can do what the judge wants and thus the phone is flawed, or they can't and the phone lives up to the hype.
If the phones are designed properly then Apple should not be able to pwn one of their phones to comply with this sort of request. Quite frankly, that is the only adequate protection we will ever have. Hiding behind a technicality of the law will never be good enough.