Security concerns about Apple’s FileVault decryption via FireWire are overblown

“Yesterday’s news of Passware’s ability to decrypt FileVault-encrypted Macs in under an hour may have some people concerned about what this means for Mac security,” Topher Kessler reports for CNET.
“fter all, the purpose of encryption is to keep people from easily accessing the data on your drive, and yet Passware shows that in the hands of a capable person, your drive’s encrypted contents might quite easily be uncovered,” Kessler reports. “Security experts speculate that the 128-bit XTS-AESW encryption used in FileVault would take millions of years to crack with a brute-force approach, so while Passware’s approach clearly does not employ a brute-force option, why is it able to crack it in under an hour?”

Kessler reports, “The real issue here stems not from FileVault, but rather from an age-old criticism of FireWire technology: Direct Memory Access (DMA) through a communications port… Howerver, the chances that your system would be attacked in this way are quite slim, especially because of the requirements needed to pull off this hack.”


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s