New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
OS X - Operating System General OS operation information and support

important question about filevault.


Thread Closed

 
Thread Tools
lepht93

 
Member Since: Jun 15, 2011
Posts: 5
lepht93 is on a distinguished road

lepht93 is offline
Hi everyone.
I have a Mac Mini running OS X 10.5 with filevault turned on. Yesterday the police seized my computer and other belongings as evidence as I'm being accused of forging false documents. Sparing the details, I was wondering how secure FileVault truly is? I have faith hearing stories in the news before of Macs being seized and unaccessible. The password is very long, upper and lower case, numbers and characters.
Thanks
chscag

 
chscag's Avatar
 
Member Since: Jan 23, 2008
Location: Fort Worth, Texas
Posts: 39,018
chscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond repute
Mac Specs: 27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, 3 iPods, OS X Mavericks

chscag is offline
Read this from Wikipedia:

Security

As of Mac OS X 10.5 Leopard, FileVault uses 256-bit AES encryption.

Several shortcomings have been identified in FileVault's use of cryptography. FileVault first generation uses "128-bit AES encryption". Its security can be broken by cracking either 1024-bit RSA or 3DES-EDE, both of which are considered weaker than 128-bit AES[citation needed].

Also problematic is the FileVault first gen's use of the CBC mode of operation (see Disk encryption theory) and the unsafe storage of keys in the Mac OS X "safe sleep" mode.[6]

A study published in 2008 found data remanence in dynamic random access memory (DRAM), with data retention of seconds to minutes at room temperature and much longer times when memory chips were cooled to low temperature. The study authors were able to use a cold boot attack to recover cryptographic keys for several popular disk encryption systems, including FileVault, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use, such as in key scheduling. The authors recommend that computers be powered down, rather than be left in a "sleep" state, when not in physical control by the owner.[7]

On 31 July 2008, Brian Krebs posts on his Washington Post blog, that Charles Edge, an American researcher from Georgia, found a security hole in FileVault and had to withdraw from a speech about it at the Black Hat Briefings.[8]

Long story short. If the authorities wish to read the contents off your hard drive, Filevault is not going to stop them. Hope you've hired a good lawyer.
lepht93

 
Member Since: Jun 15, 2011
Posts: 5
lepht93 is on a distinguished road

lepht93 is offline
they disconnected the computer from the wall, there was no 'cold boot attack'.
I'd like an educated response rather than a copy and paste. Filevault was also up to date to my knowledge past that excerpt from 2008, as I did software updates often.
6string

 
Member Since: Sep 09, 2009
Location: Down Under :D
Posts: 5,484
6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold
Mac Specs: Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)

6string is offline
YouTube - ‪The Cruel Sea Better Get A Lawyer‬‏
lepht93

 
Member Since: Jun 15, 2011
Posts: 5
lepht93 is on a distinguished road

lepht93 is offline
For the record, I'm being falsely accuser, but I'm not explaining myself on here, I simply came with a question, and yes, I have a lawyer, I'm yet to be charged or even interviewed.
I don't have things to hide that they're seeking, I just don't want my personal things opened, I shouldn't have to show my stuff to anybody, and in my country, we DON'T have adverse inferences. My computer is important to me, it has all my files, never backed up, a lot of family photos and videos of now dead relatives that I'll never get back if they PINK PANTHER it up. The humour is unnecessary and I didn't ask for your comic input.
If you don't have your own answer with reasoning for it, then don't reply, I'm NOT in the mood right now.
chscag

 
chscag's Avatar
 
Member Since: Jan 23, 2008
Location: Fort Worth, Texas
Posts: 39,018
chscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond repute
Mac Specs: 27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, 3 iPods, OS X Mavericks

chscag is offline
Quote:
Originally Posted by lepht93 View Post
they disconnected the computer from the wall, there was no 'cold boot attack'.
I'd like an educated response rather than a copy and paste. Filevault was also up to date to my knowledge past that excerpt from 2008, as I did software updates often.
The response you received is as best as I can find for you. As you can see from Wikipedia, FileVault will not stop authorities who have the know how from accessing your data. (updates or not) You seemed to indicate in your initial post that the data may safe because it was on a Mac. I wanted to point out to you that isn't true.

Whether or not your personal files are exposed or damaged in the process depends on how they go about doing the extraction. We can't possibly know how or what they'll use for looking through your hard drive. And since you never backed up your hard drive, all that's on the drive may be at risk.

Hopefully, you'll receive your computer, data, and personal property back intact.
chas_m

 
chas_m's Avatar
 
Member Since: Jan 22, 2010
Location: Victoria, BC
Posts: 16,464
chas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond repute
Mac Specs: 2009 MBP, Black speakers, Black Benq second monitor, black(ish) iPhone 5s, Black 2012 iPad, etc.

chas_m is offline
Quote:
Originally Posted by lepht93 View Post
For the record, I'm being falsely accused
Okay.

Quote:
My computer is important to me, it has all my files, never backed up, a lot of family photos and videos of now dead relatives that I'll never get back if they PINK PANTHER it up.
Those files can't be all that valuable to you if you never bothered to back them up. That tells me you are being unserious about the importance of the data.

And yes, the odds are quite good that they will, um, "pink panther" it up. No matter how innocent you are.

The answer you are seeking regarding FileVault is simple: difficult, but not impossible if someone is determined.

lepht93

 
Member Since: Jun 15, 2011
Posts: 5
lepht93 is on a distinguished road

lepht93 is offline
Good news, they've had difficulty accessing the computer and it looks like the charges are going to be dropped. I don't have a reason for backing up my data, but honestly I see no point because I've had no issue, and it wouldn't help in this situation because the backup would have been seized regardless.
They've asked for the password, which I have complete right to withhold under the right of silence and self incrimination. So they've hit a brick wall. Australian police are stupid and wouldn't know how to open a door without instruction.
Hopefully I'll get it back soon.
chscag

 
chscag's Avatar
 
Member Since: Jan 23, 2008
Location: Fort Worth, Texas
Posts: 39,018
chscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond repute
Mac Specs: 27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, 3 iPods, OS X Mavericks

chscag is offline
It's nice that charges are being dropped. However, I personally think your attitude toward the Australian Police is despicable. Police risk their lives all the time to protect people and keep order - regardless of what you think. And don't assume they didn't have the ability to crack your password if they had really wanted to.
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 17,274
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz OS X.9.4 and OS X.10

harryb2448 is offline
I know who is du stoopid one. Take less than five minutes to open FileVault.

Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!
lepht93

 
Member Since: Jun 15, 2011
Posts: 5
lepht93 is on a distinguished road

lepht93 is offline
You don't know police in this country, you still
live in a place where you execute people. There's only two reasons you become a cop, 1, you GENUINELY want to help people (lol) 2, You're a power hungry pig.
If police break into my house, trash my room, break my things, search through my other families rooms when the warrant didn't specify they could, and then they couldn't get into my computer, i don't see them as smart. Police here are typical bogans, to become a cop here you're required to goto the police academy for one year. One year isn't enough time to know, understand and memorise legislation, and the amount of time I've seen, watched on the news or in this case NOW know of police doing things r saying things they're not legally allowed to. Don't tell me how police are in my country, don't tell me they smashed my vinyl records against a table to protect others lives, don't tell me that the data was accessible and that they had the ability, because they clearly didn't.
chscag

 
chscag's Avatar
 
Member Since: Jan 23, 2008
Location: Fort Worth, Texas
Posts: 39,018
chscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond repute
Mac Specs: 27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, 3 iPods, OS X Mavericks

chscag is offline
Since this thread is going nowhere fast, and off topic, it's now closed.

Thread Closed


« How to sync iCal and Address book with my Google calendar? | 10.6.7 software update freezes/ no I net »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Question Mark in Toolbar drjimmy OS X - Operating System 8 05-15-2011 08:52 PM
unremovable battery question supermama73 Apple Notebooks 4 07-06-2010 03:48 PM
2 Part Video Question Tamius Movies and Video 2 02-17-2010 11:50 PM
The question game! Sydrocentric Schweb's Lounge 28 06-13-2009 04:21 AM
important question about the best G5 fabio Apple Rumors and Reports 17 12-22-2004 11:13 AM

All times are GMT -4. The time now is 08:00 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?