Apparently the FileVault security based 128-bit XTS-AESW encryption about which analysts believed that it “would take millions of years to crack (it) with a brute-force approach,” is not so reliable. CNET reported recently that password recovery company Passware managed to decrypt Mac hard disks encrypted with FileVault easily, in under an hour. The California based company issued a statement warning Apple fans about the vulnerabilities of Mac encryption solutions.
As Passware’s approach was obviously more intelligent than the brute force, security analysts are wondering where the FileVault’s vulnerability was. Apparently Passware used a live-memory analysis and then the company’s specially designed utilities extracted the encryption key for FileVault disks. No matter who complex a password is, Passware’s method only takes 40 minutes. However, Passware is not a modest company or an inventive hacket.
The company developed ways to extract encryption keys from BitLocker, TrueCrypt, and FileVault, and the latest software in this area, Passware Kit Forensic 11.3 is said to be the top of the line. “Every user should be aware that even full-disk encryption is insecure while the data rests in computer memory,” says Passware President Dmitry Sumin.
The company aims to help digital investigators and law enforcement agencies but, the latest Passware tool is available for anyone who is willing to pay $995 for a license, regardless of his or her intentions.