A $300 Device Can Steal Mac FileVault2 Passwords

An anonymous reader writes: Swedish hardware hacker Ulf Frisk has created a device that can extract Mac FileVault2 (Apple's disk encryption utility) passwords from a device's memory before macOS boots and anti-DMA protections kick in. The extracted passwords are in cleartext, and they also double as the macOS logon passwords. The attack requires physical access, but it takes less than 30 seconds to carry out. A special device is needed, which runs custom software (available on GitHub), and uses hardware parts that cost around $300. Apple fixed the attack in macOS 10.12.2. The device is similar to what Samy Kamker created with Poison Tap.

Re:Even worse

[TechyImmigrant]

The bigger issue is that anyone who leaves their laptop unattended for a short period of time can have their laptop stolen, and the thief can actually gain access to it.

Substitute 'thief' with 'police' and you can see why it might be a problem for some people.

Wont' actually work will it?

[goombah99]

So when my computer boots I type in my passowrd then someone sneaks up and inserts this device while I'm standing there?

Re:Even worse

[Ol+Olsoc]

Think of having an Apple device taken by the security services at an airport. The laptop is turned on behind a secure counter with an extra hidden device plugged in.

Think of doing the system update.