important question about filevault.

Hi everyone.
I have a Mac Mini running OS X 10.5 with filevault turned on. Yesterday the police seized my computer and other belongings as evidence as I'm being accused of forging false documents. Sparing the details, I was wondering how secure FileVault truly is? I have faith hearing stories in the news before of Macs being seized and unaccessible. The password is very long, upper and lower case, numbers and characters.
Thanks

Read this from Wikipedia:

Security

As of Mac OS X 10.5 Leopard, FileVault uses 256-bit AES encryption.

Several shortcomings have been identified in FileVault's use of cryptography. FileVault first generation uses "128-bit AES encryption". Its security can be broken by cracking either 1024-bit RSA or 3DES-EDE, both of which are considered weaker than 128-bit AES[citation needed].

Also problematic is the FileVault first gen's use of the CBC mode of operation (see Disk encryption theory) and the unsafe storage of keys in the Mac OS X "safe sleep" mode.[6]

A study published in 2008 found data remanence in dynamic random access memory (DRAM), with data retention of seconds to minutes at room temperature and much longer times when memory chips were cooled to low temperature. The study authors were able to use a cold boot attack to recover cryptographic keys for several popular disk encryption systems, including FileVault, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use, such as in key scheduling. The authors recommend that computers be powered down, rather than be left in a "sleep" state, when not in physical control by the owner.[7]

On 31 July 2008, Brian Krebs posts on his Washington Post blog, that Charles Edge, an American researcher from Georgia, found a security hole in FileVault and had to withdraw from a speech about it at the Black Hat Briefings.[8]

Long story short. If the authorities wish to read the contents off your hard drive, Filevault is not going to stop them. Hope you've hired a good lawyer.

they disconnected the computer from the wall, there was no 'cold boot attack'.
I'd like an educated response rather than a copy and paste. Filevault was also up to date to my knowledge past that excerpt from 2008, as I did software updates often.

For the record, I'm being falsely accuser, but I'm not explaining myself on here, I simply came with a question, and yes, I have a lawyer, I'm yet to be charged or even interviewed.
I don't have things to hide that they're seeking, I just don't want my personal things opened, I shouldn't have to show my stuff to anybody, and in my country, we DON'T have adverse inferences. My computer is important to me, it has all my files, never backed up, a lot of family photos and videos of now dead relatives that I'll never get back if they PINK PANTHER it up. The humour is unnecessary and I didn't ask for your comic input.
If you don't have your own answer with reasoning for it, then don't reply, I'm NOT in the mood right now.

lepht93 said:

they disconnected the computer from the wall, there was no 'cold boot attack'.
I'd like an educated response rather than a copy and paste. Filevault was also up to date to my knowledge past that excerpt from 2008, as I did software updates often.

Click to expand...

The response you received is as best as I can find for you. As you can see from Wikipedia, FileVault will not stop authorities who have the know how from accessing your data. (updates or not) You seemed to indicate in your initial post that the data may safe because it was on a Mac. I wanted to point out to you that isn't true.

Whether or not your personal files are exposed or damaged in the process depends on how they go about doing the extraction. We can't possibly know how or what they'll use for looking through your hard drive. And since you never backed up your hard drive, all that's on the drive may be at risk.

Hopefully, you'll receive your computer, data, and personal property back intact.

lepht93 said:

For the record, I'm being falsely accused

Click to expand...

Okay.

My computer is important to me, it has all my files, never backed up, a lot of family photos and videos of now dead relatives that I'll never get back if they PINK PANTHER it up.

Click to expand...

Those files can't be all that valuable to you if you never bothered to back them up. That tells me you are being unserious about the importance of the data.

And yes, the odds are quite good that they will, um, "pink panther" it up. No matter how innocent you are.

The answer you are seeking regarding FileVault is simple: difficult, but not impossible if someone is determined.

Good news, they've had difficulty accessing the computer and it looks like the charges are going to be dropped. I don't have a reason for backing up my data, but honestly I see no point because I've had no issue, and it wouldn't help in this situation because the backup would have been seized regardless.
They've asked for the password, which I have complete right to withhold under the right of silence and self incrimination. So they've hit a brick wall. Australian police are stupid and wouldn't know how to open a door without instruction.
Hopefully I'll get it back soon.

It's nice that charges are being dropped. However, I personally think your attitude toward the Australian Police is despicable. Police risk their lives all the time to protect people and keep order - regardless of what you think. And don't assume they didn't have the ability to crack your password if they had really wanted to.

I know who is du stoopid one. Take less than five minutes to open FileVault.

You don't know police in this country, you still
live in a place where you execute people. There's only two reasons you become a cop, 1, you GENUINELY want to help people (lol) 2, You're a power hungry pig.
If police break into my house, trash my room, break my things, search through my other families rooms when the warrant didn't specify they could, and then they couldn't get into my computer, i don't see them as smart. Police here are typical bogans, to become a cop here you're required to goto the police academy for one year. One year isn't enough time to know, understand and memorise legislation, and the amount of time I've seen, watched on the news or in this case NOW know of police doing things r saying things they're not legally allowed to. Don't tell me how police are in my country, don't tell me they smashed my vinyl records against a table to protect others lives, don't tell me that the data was accessible and that they had the ability, because they clearly didn't.

Since this thread is going nowhere fast, and off topic, it's now closed.