+ Reply
Results 1 to 6 of 6

Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.


Thread: FileVault 2.0 Security Flaw Discovered by PassWare

is a discussion within the

Mac News

forums, a part of the

General Apple/Mac

section;
...
  1. #1
    MMi Staff Writer Akshay Masand's Avatar
    Join Date
    Sep 2011
    Location
    New York City
    Posts
    3,783
    Thanks
    3
    Thanked 118 Times in 104 Posts

    Default FileVault 2.0 Security Flaw Discovered by PassWare


    One of the many welcomed features in OS X Lion was the replacement of Apple’s first generation FileVault file encryption technology, which ended up bringing new ways of encryption. It lets you encrypt your entire drive with a master password to protect files, key-chain passwords, and more. Furthermore, FileVault 2 lets you separate a partition to store the FileVault login information as well.

    A new report from Passware (a password recovery company), claims that the company can decrypt Apple’s FileVault 2 in under 40 minutes. This leaves a lot of users concerned because FileVault contains much of the user’s private information. To accomplish this, PassWare decrypts FileVault by going in through the system’s firewire connection and using live-memory analysis to extract the encryption key from the FileVault partition. From there, they claimed they can uncover keychain files and login passwords, which can be used to unlock the whole HDD/SSD.

    The password recovery company makes PassWare Kit Forensic 11.3 available to do this but the software is set at a price point of $995 and aimed primarily for law enforcement. Hopefully Apple will release a solution to the issue in the future now that the bug has been outed.

    Source: CNET, PassWare (PDF)

    Twitter: @AkshayMasand

  2. #2
    Super Moderator Cer0's Avatar
    Join Date
    Apr 2008
    Location
    MN/WI
    Posts
    14,001
    Thanks
    388
    Thanked 1,141 Times in 891 Posts

    Wow, just today I finally enabled FileVault too after some going back and forth looking up stuff on it. I started the encryption before I left for work today.

    But then again FileVault still protects from the everyday theft if someone was to take your machine. Most theives wouldn't go this far to dig up your stuff all they care about is the hardware.

  3. #3
    iPhone? More like MyPhone
    Join Date
    Oct 2007
    Location
    Milky Way, Solar System, Earth
    Posts
    140
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Not again... stop, no i mean it !!STOP!! posting complete BS.
    Firewire "injection" and memory stealing is working on ANY system, be it Windows or Linux alike. And yields same results. Article headline is completely misleading. I was hoping to read some real thing...

    Fulldrive encryption is used for leaving OFFLINE computer data safe. Should anyone gain physical access to your computer while it is online, there are numerous ways to get to you data. The most easier will be, when user do use encryption, but does not use "require password" after sleep or screensaver, just take it and copy all you want...


  4. #4
    iPhone? More like MyPhone fbiryujin's Avatar
    Join Date
    Jan 2011
    Location
    Long Island NY
    Posts
    162
    Thanks
    5
    Thanked 7 Times in 6 Posts

    Quote Originally Posted by dennder View Post
    Not again... stop, no i mean it !!STOP!! posting complete BS.
    Firewire "injection" and memory stealing is working on ANY system, be it Windows or Linux alike. And yields same results. Article headline is completely misleading. I was hoping to read some real thing...

    Fulldrive encryption is used for leaving OFFLINE computer data safe. Should anyone gain physical access to your computer while it is online, there are numerous ways to get to you data. The most easier will be, when user do use encryption, but does not use "require password" after sleep or screensaver, just take it and copy all you want...

    If you turn your Mac OFF not hibernate, not sleep, not just closing the lid, but Apple Logo > Shut Down then you will be immune to this.
    -FBIRyuJin

  5. #5
    iPhone? More like MyPhone
    Join Date
    Oct 2007
    Location
    Milky Way, Solar System, Earth
    Posts
    140
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Quote Originally Posted by fbiryujin View Post
    If you turn your Mac OFF not hibernate, not sleep, not just closing the lid, but Apple Logo > Shut Down then you will be immune to this.
    My post is about completely misleading information. As if this "security flaw" was in FileVault 2.0 and nowhere else... And as if this flaw was so dangerous, that users should eventually avoid this feature. Even the highlighted part clearly states both Truecrypt and Bitlocker alongside the FileVault.
    IDK, but in my opinion, author who posts such news should at the very least get some information about what is he posting about, otherwise it is not professional in any way possible.

    P.S. Who told you i have a Mac?

  6. #6
    iPhone? More like MyPhone fbiryujin's Avatar
    Join Date
    Jan 2011
    Location
    Long Island NY
    Posts
    162
    Thanks
    5
    Thanked 7 Times in 6 Posts

    Quote Originally Posted by dennder View Post
    My post is about completely misleading information. As if this "security flaw" was in FileVault 2.0 and nowhere else... And as if this flaw was so dangerous, that users should eventually avoid this feature. Even the highlighted part clearly states both Truecrypt and Bitlocker alongside the FileVault.
    IDK, but in my opinion, author who posts such news should at the very least get some information about what is he posting about, otherwise it is not professional in any way possible.

    P.S. Who told you i have a Mac?
    I actually did not mean to click "reply with quote" I thought I had replied to the thread in general. Sorry about that. This misleading info crops up from time to time whenever some security researcher needs a few hits on his website. Be it FileVault 2, Bitlocker, or some other tool they mention.
    -FBIRyuJin

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts