These are all very good points, but I guess I was think purely in architecture terms, like "does this software have a known-bad crypto design?" Tptacek answered that, but you make a good point that ultimately no one but Apple knows whether FileVault is doing exactly (and only) what Apple says it does.