Security of Mac Keychain, Filevault

Steven Bellovin smb at
Sun Nov 1 22:32:32 EST 2009

On Oct 29, 2009, at 11:25 PM, Jerry Leichter wrote:

> A couple of days ago, I pointed to an article claiming that these  
> were easy to break, and asked if anyone knew of security analyses of  
> these facilities.
> I must say, I'm very disappointed with the responses.  Almost  
> everyone attacked the person quoted in the article.  The attacks  
> they assumed he had in mind were unproven or unimportant or  
> insignificant.  Gee ... sounds *exactly* like the response you get  
> from companies when someone finds a vulnerability in their  
> products:  It's not proven; who is this person anyway; even if there  
> is an attack, it isn't of any practical importance.

Unfortunately, there's no better response here.

At time T, someone will assert that "X is insecure", and that products  
exist -- commercial and freeware -- to crack it.  This person supplies  
no evidence except for an incomplete list of products to support the  
assertion.  What do I now know that I didn't know before?

One way to judge is by reputation.  If, say, Adi Shamir says it, I'm  
very inclined to believe it, even without wading through the technical  
details.  If the posting comes from a notorious crank, I'll likely  
discard the message unread because cranks tend to misread technical  
papers.  If it's someone I've never heard of, I have to make the  
decision based on the evidence presented and what I already know.   
What was the evidence here?

The article made no verifiable or falsifiable technical statements, so  
there's nothing to evaluate in that respect.  I've never heard of any  
freeeware to crack Filevault; given the familiarity of the readership  
of this list in the aggregate with the free software world, it seems  
unlikely that such software exists.  He did point to some commercial  
software to attack Filevault, but it works by password guessing.  For  
his business -- forensic analysis -- I suspect that that technique is  
extremely useful; I doubt that anyone on this list would disagree.   
But that's not the same as a flaw in MacOS.

Beyond that, we're left with *no* new information.  What basis does  
this article give us to conclude that Filevault is -- or is not --  
insecure?  I have no more reason to trust it or distrust it than I had  
before reading that article.

A proper evaluation of Filevault would, of course, be a good idea.   
But that statement is equally true after the article as before.

		--Steve Bellovin,

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list