Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

LN2 is cheap. If undergrads can make LN2 ice cream, they can use it for cracking too.


One of the nice things about OSX and Filevault2 is that you can force the key to be destroyed on suspend:

     destroyfvkeyonstandby - Destroy File Vault Key when going
     to standby mode. By default File vault keys are retained
     even when system goes to standby. If the keys are
     destroyed, user will be prompted to enter the password 
    while coming out of standby mode.(value: 1 - Destroy, 0 -
     Retain)


One of the other nice things about OSX is the feds may already have your key[0], so if you manage to get your computer back from them after that confiscate it, it won't have cracks in it from the extreme cold.

[0]http://www.nosuchcon.org/talks/D1_02_Alex_Ninjas_and_Harry_P...


SMCs are present in nearly all Intel systems...They could very well store your truecrypt keys too


SMCs are not the problem. The problem is code in OSX could put your key there in a way that someone could dump it.

Of course, since FileVault is not open source, we have no way of knowing if it does this. Is this paranoid? Perhaps, but if you are worried about cold boot attacks you should be worried about this as well.

You might also be worried about some strange design decisions in FileVault such as the fact that it uses public key cryptography[0] for what ought to just be symmetric disk encryption. While not a red flag,it is a bit strange.

[0]http://deimos3.apple.com/WebObjects/Core.woa/FeedEnclosure/u...


The trust you have in proprietary software is charming.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: