Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
FileVault
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
====Issues==== Several shortcomings were identified in legacy FileVault. Its security can be broken by cracking either 1024-bit [[RSA (algorithm)|RSA]] or [[3DES-EDE]]. Legacy FileVault used the CBC mode of operation (see [[Disk encryption theory#CBC-based approaches|disk encryption theory]]); FileVault 2 uses stronger XTS-AES mode. Another issue is storage of keys in the macOS "safe sleep" mode.<ref name="nsa-vilefault">{{Cite conference |conference=23rd Chaos Communication Congress |location=Berlin |author-link1=Jacob Appelbaum |first1=Jacob |last1=Appelbaum |first2=Ralf-Philipp |last2=Weinmann |date=December 29, 2006 |title=Unlocking FileVault: An Analysis of Apple's disk encryption |url=https://events.ccc.de/congress/2006/Fahrplan/attachments/1244-23C3VileFault.pdf |access-date=March 31, 2007}}</ref> A study published in 2008 found [[data remanence]] in [[dynamic random-access memory]] (DRAM), with data retention of seconds to minutes at room temperature and much longer times when memory chips were cooled to low temperature. The study authors were able to use a [[cold boot attack]] to recover cryptographic keys for several popular disk encryption systems, including FileVault, by taking advantage of redundancy in the way keys are stored after they have been expanded for efficient use, such as in [[key scheduling]]. The authors recommend that computers be powered down, rather than be left in a "sleep" state, when not in physical control by the owner.<ref>{{Cite conference |conference=17th USENIX Security Symposium |location=San Jose, CA |title=Lest We Remember: Cold Boot Attacks on Encryption Keys |first=J. Alex |last=Halderman |date=February 2008 |url=http://citpsite.s3.amazonaws.com/wp-content/uploads/2019/01/23195456/halderman.pdf |display-authors=etal |df=mdy |author-link=J. Alex Halderman}}</ref> Early versions of FileVault automatically stored the user's passphrase in the system keychain, requiring the user to notice and manually disable this security hole. In 2006, following a talk at the 23rd [[Chaos Communication Congress]] titled ''Unlocking FileVault: An Analysis of Apple's Encrypted Disk Storage System'', [[Jacob Appelbaum]] & Ralf-Philipp Weinmann released ''VileFault'' which decrypts encrypted Mac OS X disk image files.<ref name="nsa-vilefault" /> A free space wipe using [[Disk Utility]] left a large portion of previously deleted file remnants intact. Similarly, FileVault compact operations only wiped small parts of previously deleted data.<ref>{{cite web | url=http://www.zdziarski.com/blog/?p=266 | title=File Vault's Dirty Little Secrets |date=January 1, 2008 |first=Jonathan |last=Zdziarski}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)