Apple FileVault 2 Encryption Cracked by Forensic Software

John E Dunn for Macworld on a new “forensic” piece of software that can crack into Apple’s FileVault 2 encrypted systems:

Put another way, the product cannot extract encryption keys on static data or before the keys have been summoned as part of the logging-in process. As long as the login is not automatic users should be safe.

In the case of FireVault, hackers also need to get to the memory contents through a working FireWire port so remote access is not possible.

I am guessing that a locked screen will still count as “logged in”. So if traveling it might actually be a fantastic idea to actually turn your laptop off so that this software cannot be used to hack into it.

One other interesting thing is that FireWire must be used. I am assuming you could use Thunderbolt to get a FireWire port, but what about on my 2010 MacBook Air that has only USB?

Update: Thomas Brand chimed in to confirm my suspicions about Thunderbolt:

and:

Originally posted for members on: February 3, 2012
Follow along on RSS, App.net, or Twitter.
~I would appreciate it if you considered becoming a member.~