<HTML>
<br>
Firmware passwords don't generally hinder someone from removing the hard
drive and reading it. The SSD drive on a macbook air is not soldered to the mainboard. Truecrypt is better than filevault in some ways.
But it's actually going to be difficult to make sure that things like
the contents of all your various caches end up on that encrypted volume,
and that nothing leaks into unencrypted areas, and that nothing is tampered with when it's out of your sight. So it's a compromise.
If you think someone cares enough to send your hard drive to the
forensics lab, FDE is the only thing that will do.<br>
--D<br>
<br>
<br>
<span style="font-weight: bold;">On Sat 12/02/11 7:52 PM , "Steve Camuti" mrcamuti@gmail.com sent:<br>
</span><blockquote style="border-left: 2px solid rgb(245, 245, 245); margin-left: 5px; margin-right: 0px; padding-left: 5px; padding-right: 0px;"><defanged_body bgcolor="#FFFFFF"><div>Firmware passwords work great on MacBook Airs because the RAM is soldered into the board, so you can't easily reset the password like you can on every other portable Apple laptop.</div><div><br>
</div><div>That being said, my work uses WinSoft for software FDE in Macs since the FDE drives work in macs... But without any actual encryption abilities. Lame.<br>
<br>
-Steve C</div><div><br>
On Feb 12, 2011, at 3:41 AM, davidfine <<a href="javascript:top.opencompose('d@vidfine.com','','','')">d@vidfine.com</a>
> wrote:<br>
<br>
</div><div></div><blockquote type="cite"><div>I like truecrypt- but its full disk encryption only works for windows (same for the Decoy password trick I think). <br>
<br>
Truecrypt is more trustworthy if your threat model includes the people who would have access to backdoors in proprietary software. If those people care about you, your weak link is OS X in general. But hey, you might as well use truecrypt, it's not that much extra work. <br>
<br>
If you're concerned about this sort of thing what you really want is full disk encryption because that also protects you from tampering. Unfortunately the only ones I know for mac (PGP, SOPHOS) are commercial software again... Seagate FDE drives don't work on macs either... There's gotta be some way to do it with open software....<br>
<br>
--D<br>
<br>
<br>
<span style="font-weight: bold;">On Sat 12/02/11 12:18 AM , "Sai" <a href="javascript:top.opencompose('sai@saizai.com','','','')">sai@saizai.com</a> sent:<br>
</span><blockquote style="border-left: 2px solid rgb(245, 245, 245); margin-left: 5px; margin-right: 0px; padding-left: 5px; padding-right: 0px;">As context for my own needs (not meant as a restriction of the<br>
discussion), I've just acquired a Macbook Air to replace my dead MBP<br>
and the old Win7 I've been using in the interim.<br>
<br>
I will be using it in various contexts (e.g. at hacker conferences,<br>
crossing US borders, for business with high security needs, etc),<br>
entailing multiple possible threats. I'd like to ensure it's fairly<br>
well locked down just in case. I am not aware of any specific threats<br>
against me per se; I'd just like to be cautious.<br>
<br>
- Sai<br>
_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="javascript:top.opencompose('Noisebridge-discuss@lists.noisebridge.net','','','')"></a><a href="javascript:top.opencompose('Noisebridge-discuss@lists.noisebridge.net','','','')">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a target="_blank" ?redirect="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss""><span style="color: red;">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</span></a><br>
<br>
<br>
</blockquote>
</div></blockquote><blockquote type="cite"><div>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="javascript:top.opencompose('Noisebridge-discuss@lists.noisebridge.net','','','')">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>
</div></blockquote>_______________________________________________<br>
Noisebridge-discuss mailing list<br>
<a href="javascript:top.opencompose('Noisebridge-discuss@lists.noisebridge.net','','','')">Noisebridge-discuss@lists.noisebridge.net</a><br>
<a target="_blank" href="parse.php?redirect=https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss"><span style="color: red;">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</span></a><br>
<br>
<br>
</defanged_body></blockquote></HTML>