Being able to unlock via serial number works by having access to what is called GSX. GSX (Global Service Exchange) is part of Apple's Internal Suite of tools and services. Actually it pretty much IS their set of internal tools and services. Think of it this way: when you work for a company and they have their own internal network that can only be accessed by the computers that are at your place of business, accessible only via your personalized login, on computers that you have been assigned to have been allowed to log in under. This is GSX. An admin GSX account login is assigned only once per location, and not all Apple locations or a Genius Bars qualify to have an admin account. There are very limited amounts of admin logins in existence, and in the event you happen to get access to one, it's not like you can just go to gsx.com and login and have unlimited access to iCloud removals. Apple is on top of their shit. Each login is only allowed access to GSX from very specific and manually pre-authorized IP addresses. If somebody tried logging in from anything other than the allowed IP (and honestly probably other variables like MAC Address, OS type, maybe even time of day) then that account is immediately locked down and terminated until further review has been made. There is absolutely NO hardware method for breaking iCloud like we can with EFI. There is absolutely nothing the same between the two and the similarities between the two stop at the fact that they are both Apple products and that's it. What we are doing with MacBooks is NOT iCloud unlocking, it is BIOS modding. Of course, there are NAND reader/writer hardware that will allow you to modify the contents of a NAND chip (aka flash SSDs, the majority of USBs, a RAM stick, and yes, iPhone internal memory) but that shouldn't be considered as a hardware iCloud method due to the fact that you're not just hooking in some tool that magically removes iCloud, you are physically defacing the logic board of any given device and attaching it into a programmer that would basically just give you unrestricted access to the file system and allow you to change the serial number and other such variables. If anything these tools are more closely related to Super Jailbreak/Rooting tools than iCloud bypass hardware. There used to be things that worked, but long passed are the days of the iPhone 4 and iOS 6.1 where everything was possible and iPhone was cracked wide open. Now all the best hardware/software is sold to strictly LE and government authorities for high end dollar amounts only when proper credentials have been provided.
To sum it all up!
There are no hardware iCloud methods that are publicly available!
The only hardware method released publicly is for Cellular IPads. The method originated over at GsmHosting by pasha4ur (sorry if not the correct case!) and the method involves removing (and for a few replacing) the smallest resistors you can ever imagine which causes the iPad to lose the cellular capabilities, and in turn the IMEI, which will cause the iPad to have to register itself a brand new serial number (because IPads and iPhones create the serial number based off of an algorithm that includes things like wifi MAC address, IMEI, and other internal components) and since it's a brand new serial number at that point it obviously will not have an iCloud account attached aka iCloud bypass via hardware. If the resistor is reattached then the previous serial is regenerated which will relock the device. This does not work the same with iPhones.
What we do here with EFI is not iCloud solutions! We are BIOS modding the firmware password out of the chip.
Thinking of using a Raspberry Pi/Arduino/other microcontroller devices is good for creative thinking, and I absolutely implore everyone to think outside the box like this, although you're barking up the wrong tree thinking its possible in the ways that we do Macbooks BIOS modifications.
Apple GSX access will give you full access to insane possibilities with Apple devices, but good luck getting access to one. This is how these remote unlocks are being done, and I can personally attest to this because I use this method personally and I unlock multiple devices daily. Service is instant, remote, and ONLY works on Apple devices that do not have a SIM card. Note this does not just mean u took the SIM card out, it means wifi only, wifi only, wifi only. I believe this is only possible at this time because Apple are the ones actually allowing this to happen. With the quickness of the unlock, the method of it being remote, and only via serial number, that means 100% FOR SURE it is somebody with access to GSX, and knowing what we now know about GSX, this is only possible to the extent and amount of people that are unlocking, by having a mass hush hush of remote unlocks being allowed by Apple employees. In my opinion Apple probably is doing this to boost their own cash flow and to get more people using Apple products to have more working devices out there in the hype of the new iPhone 7 release (ever so coincidentally released around the same time these unlocks started popping up) and due to the fact that the new MacBook Pro/Air for 2016 are set for release in the next very soon weeks.
There is another method for bypass involving CFW (custom firmware) restoring and there is only one guy on YouTube studying this material openly. Look up FCE 365. He's got a lot of really good knowledge and knows his stuff more than most, but I have tested the methods EXTENSIVELY and, as he will also say, it only works on certain phones for some reason.
The best possible way u can hope to get through is by using WireShark/Fiddler/some other packet sniffing software, and trick iTunes into activating your locked phone as a brand new phone instead. There's not much info out there but I've tested this method just as much as other methods and have only seen videos of it working because anything that you can watch online means that Apple can also watch online and patch very shortly afterwards. Hence the many many many releases of iOS 9, 9.1, 9.2, 9.2.1, 9.3, 9.3.1, 9.3.2, 9.3.3, 9.3.4, 9.3.5 10b1, 10b2, 10b3, 10b4, 10b5, and I believe 10b6 before releasing iOS 10.