[cryptography] Question About Best Practices for Personal File Encryption

David I. Emery die at dieconsulting.com
Sat Aug 16 17:51:28 EDT 2014


On Sat, Aug 16, 2014 at 04:21:53PM -0500, Christopher Nielsen wrote:
> The comment about Apple is simply false. Apple does not have a key to
> FileVault2 unless you escrow your key with them. I know this because a dear
> friend recently passed, and his family was not able to gain access to his
> encrypted drives through Apple.

	You may be right or may not, but I certainly have to think that
if there is a backdoor password to Filevault2 it is quite likely that
Apple would not choose to disclose that fact to just some random user
who had lost files due to forgotten passwords.

	One imagines that unless Apple wants to declare their security
breakable and presumably bear the burden of having every law enforcement
agency, divorce attorney, corporate trial lawyer and government
intelligence operation around the world - along with  millions of users
with various grades of good and bad stories about why they need Apple to
break into Filevault2 partitions demanding help (often for much less
than it costs Apple to provide it and handle the legal costs to validate
the reasons for and authority of the requester to break in) that they
would not wish to share the fact that there is a deliberate backdoor
mechanism to break in or even a known bug that would allow it.

	And that of course begs the question of whether such a publicly
announced backdoor could ever be kept secret and reserved for Apple
alone as it would become an instant target for every hacker and spy and
corporate espionage type to reverse engineer... or steal from inside
Apple.

	On the other hand, given the right appeals to patriotism, and
national security along with blackmail type arm twisting from certain
governments, I'd not be sure they would not provide help or have not
been forced to design things so they can.   Only a few folks at Apple
probably know the real truth about this... one way or the other.


-- 
  Dave Emery N1PRE/AE, die at dieconsulting.com  DIE Consulting, Weston, Mass 02493
"An empty zombie mind with a forlorn barely readable weatherbeaten
'For Rent' sign still vainly flapping outside on the weed encrusted pole - in 
celebration of what could have been, but wasn't and is not to be now either."



More information about the cryptography mailing list