FileVault On!!! Am I Safe?

Discussion in 'MacBook Pro' started by rmbrown09, May 9, 2010.

  1. rmbrown09 macrumors 6502a

    rmbrown09

    Joined:
    Jan 25, 2010
    #1
  2. m85476585 macrumors 65816

    Joined:
    Feb 26, 2008
    #2
    http://crypto.nsa.org/vilefault/23C3-VileFault.pdf

    Make sure secure virtual memory is enabled, and disable safe sleep, and use a strong password. FileVault is probably better than nothing, as long as it doesn't give you a false sense of security. It depends on who you are trying to hide your data from. If you just want to keep your bank information out of the hands of someone who steals your laptop or someone you sell our old hard drive to on eBay, then it's probably enough. If you want to hide something from law enforcement/the government, it might not be good enough.

    Note that the presentation I linked to is NOT from the NSA (nsa.gov). The domain nsa.org is owned by an individual and is not related to the NSA as far as I can tell.
     
  3. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #3
    it uses AES doesnt it? thats pretty darn strong encryption!
     
  4. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #4
    I hope your accounts are protected with strong passwords and you have your machine set to ask for them on startup, wake from sleep, etc. Otherwise FileVault does exactly nothing.
     
  5. rmbrown09 thread starter macrumors 6502a

    rmbrown09

    Joined:
    Jan 25, 2010
    #5
    I do indeed.
     
  6. m85476585 macrumors 65816

    Joined:
    Feb 26, 2008
    #6
    According to the presentation I linked to, FileVault can be broken by breaking any one of the following:
    3DES effective 112bit
    AES-128
    RSA-1024

    In addition, the presentation states that RSA-1024 bit is equivalent to only ~72 bit symmetric encryption, which is not all that strong.
     
  7. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #7
    sorry, i am at work. thus the vague replies.

    broken that easily eh? intersting.
     
  8. rmbrown09 thread starter macrumors 6502a

    rmbrown09

    Joined:
    Jan 25, 2010
    #8
    now I feel unsafe again lol.
    oh well I guess it's better than nothing
     
  9. m85476585 macrumors 65816

    Joined:
    Feb 26, 2008
    #9
    Maybe my last post was misleading. I definitely wouldn't call it easy. According to Wikipedia, it took 400 computers 11 months to factor a 1039 bit number, which is approximately equivalent to breaking 700 bit RSA encryption. 1024 bit RSA is still OK for now, but in the future it will likely become breakable.

    http://en.wikipedia.org/wiki/Key_size

    Also remember that the time to break encryption approximately doubles with every additional bit, so 129 bit encryption takes twice a long to break as 128 bit.

    In short, it is unlikely that anyone who wants to break FileVault in the next few years will do a brute force attack. Taking the key from safe sleep header data, a cold boot attack, or a firewire vulnerability (if it still exists) is much more likely.

    If you want more security, you might consider using TrueCrypt, which encrypts the entire disk.
     
  10. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #10
    it has a lifetime of roughly 30 years before the cost to break is greater then the cost/time to compute all possible answers.

    intersting to know though!

    what about the AES .dmg files, they would be around the same level of security? i thought you could make them 256 bit?
     
  11. germinator macrumors regular

    Joined:
    Apr 22, 2009
    #11
    I just recently was visiting Google's campus and they had flyers affixed to the walls instructing Mac users to disable FileVault and switch to PGP full disk encryption. The flyer did not explain the reason for that, but I would take that advice seriously.
     
  12. rmbrown09 thread starter macrumors 6502a

    rmbrown09

    Joined:
    Jan 25, 2010
    #12
    safe not safe safe not safe safe not safe
     
  13. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #13
    BAHA. its safe enough so that only 0.001% of users in the world could crack it, but thats still high odds :p
     
  14. bugout macrumors 6502a

    Joined:
    May 11, 2008
    Location:
    is everything!
    #14
    Safe against what?

    If someone really wants your data, they'll get it...
     
  15. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #15
    its breakable, but it takes a long time - so its safe enough :p
     
  16. m85476585 macrumors 65816

    Joined:
    Feb 26, 2008
    #16
    Basically the encryption itself isn't practically "breakable" yet (it's only a matter of time before it is, though). It'e theoretically possible, but in reality it takes too long to be done with today's technology. But there are other weaknesses that can compromise your data without having to break encryption. For example, if someone gets the key out of the safesleep image header of the RAM in a cold boot attack, it doesn't matter how many bits of encryption there are. Disabling safesleep helps. I don't know how practical a cold boot attack is; I think something like cooling the RAM in liquid nitrogen is involved. Plus I assume the computer has to be running and logged in for it to work.

    Like I said before, it depends on who you are trying to keep your data from. If you want to be protected from a dumb laptop thief or ebay buyer, or even a hacker with access to the computer trying to steal your banking information, you are probably safe. But if you are trying to keep something from the government or your data is excessively valuable, filevault probably isn't enough.
     
  17. Bill Gates macrumors 68020

    Bill Gates

    Joined:
    Jun 21, 2006
    Location:
    127.0.0.1
    #17
    You don't need that much protection for your high school english reports and pirated applications. /sarcasm

    Why are you really even bothering with FileVault in the first place?
     
  18. Grimace macrumors 68040

    Grimace

    Joined:
    Feb 17, 2003
    Location:
    with Hamburglar.
    #18
    The most dangerous part of using FileVault is forgetting your password. There is NO way to recover the data - even with Apple's help.

    That may not be on your mind, but it should be!
     
  19. rmbrown09 thread starter macrumors 6502a

    rmbrown09

    Joined:
    Jan 25, 2010
    #19
    Besides personal financial information, photos, etc;
    I have yes torrented apps that I would like to keep private, and not high school papers, COLLEGE
     
  20. TxMacAddict macrumors 6502

    Joined:
    Feb 4, 2008
    #20
    They hacked Google.. and they have all the resources they need to be "safe" If your a high value target theres probably not much you can do.. if not then theres probably not much to worry about.
     
  21. Bill Gates macrumors 68020

    Bill Gates

    Joined:
    Jun 21, 2006
    Location:
    127.0.0.1
    #21
    Well I see no reason for you to be particularly concerned about FileVault. It doesn't offer impenetrable security but it certainly offers more than an unencrypted drive does. Just be sure that your password is strong but unforgettable as if you forget it, your data is for all intents and purposes lost. Also, if Apple opts to take advantage of hardware-level AES acceleration present in the new Intel processors, the performance drop associated with using FileVault could be negated to a large degree.
     
  22. DoFoT9 macrumors P6

    DoFoT9

    Joined:
    Jun 11, 2007
    Location:
    Singapore
    #22
    yea i said back in post 10 (vaguely) that the time to compute would most likely outweigh the actual worth of the data they would retrieve. unless its the military or something of course!

    safesleep=deep sleep i presume?

    ive never heard of this attack, do you have any information as to how its stored etc? im doing networking at uni ;)

    we have no idea about the details of the actual "hacking" - who knows if it even counted as hacking. maybe somebody had a password?
     
  23. LinMac macrumors 65816

    Joined:
    Oct 28, 2007
    #23
    It really depends on who you are trying to keep from getting the data.

    FileVault features fairly robust protection against the most common types of data security problems such as thieves attempting to access your data by attaching the drive to another computer to bypass the login password screen.

    If someone is willing to go to the use of liquid nitrogen to access your information, you might have more to protect than the average user which would mean you might need more than FileVault.
     
  24. scaredpoet macrumors 604

    scaredpoet

    Joined:
    Apr 6, 2007
    #24
    But not because of FileVault.
     
  25. Eddyisgreat macrumors 601

    Joined:
    Oct 24, 2007
    #25
    Great now you have protection against haxxorz now all you need is protection against FileVault!
     

Share This Page