Secure FileVault 2 against RAM attacks

Last year it was made public knowledge that a Macbook Air (As well as many Mac computers) with Firewire had a security flaw , in which allowed an attacker to pull the Filevault key right out of the systems RAM. All of this while the unit was powered on and the case was never opened, the attack simply used the firewire port, which by design has direct access the the RAM. I could go into great detail here but instead here is a link to the Article

To prevent this from ever being possible , use this following command
sudo pmset -a destroyfvkeyonstandby 1

When this command is used OSX 10.7 and newer will be forced to destroy the RAM contents of any Filevault key before Hibernation or Sleep mode.

Posted on September 22, 2013, in Tech. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: