Security of Apples disk encryption

Discussion in 'macOS' started by Chippel, Oct 13, 2016.

  1. Chippel macrumors newbie

    Joined:
    Oct 11, 2016
    #1
    do you guys know how secure the non public disk encryption is Apple provides? I'm asking because I can read all over the net that you shouldn't use BitLocker on Windows because there is a "backdoor" in the encryption and if Microsoft is forced to, they give out the master key to decrypt.

    Is Apple Disk encryption (FileVault2) more secure?
     
  2. Rok73 macrumors 65816

    Rok73

    Joined:
    Apr 21, 2015
    Location:
    Planet Earth
    #2
    I'd say it's freaking secure. Filevault 2 uses XTS-AES 128 encryption. I am not an expert in encryption but from what I understand is that if you have a password with let's say 20 characters with letters from A-Z and numbers from 0-9 and your HDD/SSD is encrypted with AES 128 then it would take hundreds of thousands of years to crack that encryption.

    You might google AES 128 encryption yourself, there are quite a lot of questions and answers related to this all over the web.

    I don't know much about Bitlocker but I know that it uses the same encryption standard. If the so-called "backdoor" is that Microsoft would give out the "master key" to any authorities, well than that is clearly not a backdoor in the encryption standard itself.

    While I researched any typed all of this I began to ask myself which content on your personal drives might be so critical.
     
  3. Chippel thread starter macrumors newbie

    Joined:
    Oct 11, 2016
    #3
    Thanks for the answer. Moreover it would be good to know if there is a possibility for Apple to break it e.g Backdoor.
     
  4. Rok73 macrumors 65816

    Rok73

    Joined:
    Apr 21, 2015
    Location:
    Planet Earth
    #4
    I found a quite interesting article about Microsoft's bitlocker, encryption and backdoors. You should give it a read.

    https://theintercept.com/2015/06/04/microsoft-disk-encryption/
     
  5. Chippel thread starter macrumors newbie

    Joined:
    Oct 11, 2016
    #5
    Thanks for that. So the message is like "use open source encryption because you can't guarantee if there is.a backdoor", isn't it?

    Are there any documents about the DiskEncryption Apple uses? For example backdoor in system encryption or image creation with encryption.
     
  6. rshrugged macrumors 6502a

    Joined:
    Oct 11, 2015
    #6
    Regarding not using the iCloud recovery key option, I would assume Apple has the capability (not an actual desire) to extract encryption keys. I'm not saying this a planned backdoor. One company claims that their forensic software has the ability to decrypt FileVault 2, as cited here in a 2012 article :

    https://www.cnet.com/news/filevault-2-easily-decrypted-warns-passware/

    The company cited in the article advertises their software as still having that ability.

    Apple support explains how you might be able to change your login password (without using your PRK (personal recovery key)) with FileVault 2 enabled. I find this troubling, but admittedly I don't fully understand it. I'm not clear on what the limiting term *might* means in the below quote.
    https://support.apple.com/en-us/HT202860

    In Apple's White Paper it's stated that if your PRK is not stored in iCloud and is lost :
    http://www.training.apple.com/pdf/WP_FileVault2.pdf

    Much more research to do on the subject. Maybe someone with actual expertise will chime in.
     
  7. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #7
    The CNET article is about a workaround using direct memory access via FireWire that was particular to earlier versions of Lion. It is no longer an issue. That being said, extracting the keys from memory is always a possibility, but there are ways to mitigate this. You can configure OS X to evict the FileVault keys from memory upon entering standby and force the device to write a hibernation image to disk and not persist to memory at all. Depending on the device, you might have to adjust the standby and autopoweroff timers as well. It is also a good practice to shut down the device when possible.

    Whether you trust Apple is another matter. The very nature of OS X will prevent you from gaining absolute certainty.
     
  8. rshrugged macrumors 6502a

    Joined:
    Oct 11, 2015
    #8
    You're right about FireWire being needed (at both ends), but I'm not sure that it's OS specific.? The company's statement at system requirements is slightly muddied by their mention of USB right after the FireWire reference -- "Both the target computer and the computer used for acquisition should have FireWire (IEEE 1394) ports. A USB flash drive for Passware FireWire Memory Imager should be 8 GB or more."

    Any thoughts on the previously mentioned "reset login password" on a FileVault protected machine? I haven't tried it yet, with or without a firmware PW.
     
  9. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    Great article, it helped me understand some of the issues, at least with bitlocker, but also the vulnerabilities inherent with OS X.
     
  10. Chippel thread starter macrumors newbie

    Joined:
    Oct 11, 2016
    #10
    Does that mean we should use VeraCrypt and other Open Source tools instead of Apple disk encryption cuz it is closed source and Apple is in the USA?
     
  11. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #11
    As far as I know, Apple uses Intel’s x86 virtualization to restrict memory access. There is certainly a software side to this, perhaps that is what they expanded or fixed. I don’t know the details though. Is there any reason to believe that the source is still current?

    I have not tried this, but I am curious. I don’t understand how this would work though.

    Veracrypt has to my knowledge (I may be wrong) never been audited. A version of TrueCrypt was, but that software has since been superseded and there are known vulnerabilities now. Open source is not a guarantee for security. OpenSSL is a very prominent example.
     
  12. oneMadRssn macrumors 68040

    oneMadRssn

    Joined:
    Sep 8, 2011
    Location:
    Boston, MA
    #12
    Totally anecdotal, but here it is for your consideration. This was a while ago, before the while iPhone encryption fiasco.

    At a wedding ~5 or 6 years ago, I was seated next to a guy that was a full-time technician for the NY state police. He said his job included a lot of tasks, but one of those tasks was getting evidence from seized electronics, such as cameras, GPSs, thumb drives, memory cards, phones, computers, etc. for the detectives to examine, and later hand over to the prosecutors if the case went forward.

    I asked him whether he has encountered TrueCrypt lockers and computers locked with Apple FileVault2, and if so, how his office handles such things. I think I remember FileVault2 has just been released when we had this conversation, which is why I had thought to ask him.

    He did not get into specifics, but his briefly explained: They have some brute-force dictionary-based tools for unlocking the easy passwords. They generally don't bother spending any significant amount of time on unlocking this stuff, their goal is to get as much evidence as fast as reasonably possible, not to get all the evidence possible. So it sounded like most of the time, if he can't unlock it within a few minutes or half hour, he moves on to the next thing. If the crime is serious, or the suspect is a notorious wanted criminal, they will hand the stuff over to the FBI. He said in his time, that had only occurred once with him, and it was an "America's Most Wanted" level of criminal.
     
  13. rshrugged macrumors 6502a

    Joined:
    Oct 11, 2015
    #13
    Yes; if their site is to be believed. I've not yet found independent verification. At a little beyond mid-page under the heading "What's New", "macOS Sierra support" is listed.

    BTW, the same software is claimed to have the ability to decrypt VeraCrypt, etc...
     
  14. You are the One macrumors 6502a

    You are the One

    Joined:
    Dec 25, 2014
    Location:
    In the present
    #14
    Microsoft has proven it's a company that has no regards for users privacy. Read the EULA for W10 and Office365 and understand that they have access to anything you do using the products and services. An important part of their business model is exploiting your private information for their monetary gains. That's why W10 is "free", you trade your privacy for being allowed to use their product. Rest assured, you are the looser in that deal.

    The principle that cryptographic algorithms should be open-source is of course good and should be standard, but even if you have a robust and peer reviewed code the next question is the implementation of that code in applications and operating systems, a lot can and often go wrong there.

    Unfortunately, in the end it comes down to trust. Even Bruce Schneier alludes to that in the quoted piece from the Intercept.

    Can you trust MS, Google, Facebook, Instagram and the rest of the social media privacy harvesters? Absolutely definitely not.

    Can you trust Apple? Nope. But what makes Apple different from others is that a) their business model is independent of access to your private information and b) they have made it an long term business strategy to stay away from your private information.

    Still, the influence of the criminal racket occupying Washington is of the magnitude that it is hard to believe that there aren't agencies part of that mob that can access a FileVault protected disk.

    To conclude, it's hard or even impossible to say "how secure Filevault is", the weakest link in protecting your information is most likely you and the way you use your end-point device. If you have something you really want to protect, don't put it on a computer.

    If you want general protection and privacy and a relatively robust eco-system, go with Apple.

    This could have been a thread in a Mac Rumors subforum for security. :)
    --- Post Merged, Oct 15, 2016 ---
    If you are interested in security related to your Mac and OSX:

    Screen Shot 2016-10-15 at 17.24.30.png
     
  15. Chippel thread starter macrumors newbie

    Joined:
    Oct 11, 2016
    #15
    So imagine there would be a backdoor, where could it be implemented? I mean, do they have any programs to just bypass the password or how would it look like a so called "backdoor"?
     
  16. Floris macrumors 68020

    Floris

    Joined:
    Sep 7, 2007
    Location:
    Netherlands
    #16
    Open Source is just as useless as trusting the company.
    Unless you know programming and go through the source code. ... You don't know if anybody actually put anything malicious into the open source that slipped through the cracks and won't be known until you or someone else finds it.

    At this moment we are not aware that Apple has any backdoor in it. It doesn't seem to be their business, but they seem to have no problem to respect the law and when ordered ~ do as told to stay within the law. Until we have articles where backdoors in FV2 are disclosed, there doesn't seem to be any.

    I use it to encrypt all my drives, and I hope brute force won't get through it by having a high entropy etc.
     
  17. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #17
    My personal view of encryption on my devices is that I do it to protect my data in case they get stolen: What a government agency could do if they seized my devices under a valid warrant isn't particularly high on the list of things that worry me!

    On that basis, BitLocker or FileVault is fine for my needs
     
  18. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #18
    Microsoft doesn’t even offer BitLocker to Home editions. The alternative ‘device encryption’ requires a Trusted Platform Module and hardware support for the (Microsoft-owned) InstantGo specification.
     
  19. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #19
    I've never used home edition so wasn't aware of that
     
  20. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #20
    VeraCrypt has been audited now, they found quite a few vulnerabilities, some of which were fixed in version 1.19.
     
  21. Chippel thread starter macrumors newbie

    Joined:
    Oct 11, 2016
    #21
    Well, that is quite strange. I mean these kind of high vulnerabilities must be from TrueCrypt, right? Because it is the same source code like TrueCrypt. And they found quite a few high issue bugs.
     
  22. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #22
    Some vulnerabilities originate in TrueCrypt, but not all. The report distinguishes this. I just saw that the audit did not cover OS X or Linux, just Windows.
     
  23. You are the One macrumors 6502a

    You are the One

    Joined:
    Dec 25, 2014
    Location:
    In the present
    #23

Share This Page