Your favorite Apple, iPhone, iPad, iOS, Jailbreak, and Cydia site.
02-01-2012, 10:29 PM #1
FileVault 2.0 Security Flaw Discovered by PassWare
One of the many welcomed features in OS X Lion was the replacement of Apple’s first generation FileVault file encryption technology, which ended up bringing new ways of encryption. It lets you encrypt your entire drive with a master password to protect files, key-chain passwords, and more. Furthermore, FileVault 2 lets you separate a partition to store the FileVault login information as well.
A new report from Passware (a password recovery company), claims that the company can decrypt Apple’s FileVault 2 in under 40 minutes. This leaves a lot of users concerned because FileVault contains much of the user’s private information. To accomplish this, PassWare decrypts FileVault by going in through the system’s firewire connection and using live-memory analysis to extract the encryption key from the FileVault partition. From there, they claimed they can uncover keychain files and login passwords, which can be used to unlock the whole HDD/SSD.
The password recovery company makes PassWare Kit Forensic 11.3 available to do this but the software is set at a price point of $995 and aimed primarily for law enforcement. Hopefully Apple will release a solution to the issue in the future now that the bug has been outed.
Source: CNET, PassWare (PDF)
02-01-2012, 11:53 PM #2
Wow, just today I finally enabled FileVault too after some going back and forth looking up stuff on it. I started the encryption before I left for work today.
But then again FileVault still protects from the everyday theft if someone was to take your machine. Most theives wouldn't go this far to dig up your stuff all they care about is the hardware.
02-02-2012, 04:43 AM #3
Not again... stop, no i mean it !!STOP!! posting complete BS.
Firewire "injection" and memory stealing is working on ANY system, be it Windows or Linux alike. And yields same results. Article headline is completely misleading. I was hoping to read some real thing...
Fulldrive encryption is used for leaving OFFLINE computer data safe. Should anyone gain physical access to your computer while it is online, there are numerous ways to get to you data. The most easier will be, when user do use encryption, but does not use "require password" after sleep or screensaver, just take it and copy all you want...
02-02-2012, 09:28 AM #4
02-02-2012, 03:47 PM #5
IDK, but in my opinion, author who posts such news should at the very least get some information about what is he posting about, otherwise it is not professional in any way possible.
P.S. Who told you i have a Mac?
02-02-2012, 03:49 PM #6