

FileVault 2’s Apple ID Backdoor - chmars
http://mjtsai.com/blog/2012/08/07/filevault-2s-apple-id-backdoor/

======
pieter
The checkmark he's talking about is only used to bypass the password
verification on your mac -- there's no password or passphrase sent to Apple at
any point.

What happens when a user tries to log in without Apple ID is the mac sends a
request to Apple: "Is this password valid for this apple id?". If Apple
replies positively, the login request is accepted and the user is allowed
access to the system.

See how this doesn't work for Filevault? Since Filevault encrypts the
encryption key with the users' password, and the password itself isn't known
to Apple, this checkbox can't be used to decrypt the drive.

The main vulnerability here is that it can allow access to a Filevault-enabled
system that still has the decryption key in memory -- as is the case by
default for any mac that goes to sleep. Either the checkbox shouldn't
disappear if you enable filevault, or they should make the decision to disable
AppleID-based authentication when Filevault is enabled (which is probably what
they tried to do).

If you want your system to really be secure, you need to disable the RAM-based
sleep, so that the RAM contents are written to your Filevaulted disk before
shutting down completely.

------
jdlshore
It seems that many commenters did not read (or understand) the article. It's
wordy. Let me summarize the issue:

1) A malicious party with access to your Apple ID and password can access your
FileVault2-encrypted computer _when it has been put to sleep_. It is not
vulnerable if it has been turned off.

2) Mountain Lion automatically enables this feature and _hides the option_ if
you're using FileVault2, providing _no way to disable it,_ when you upgrade.

Therefore, to be secure from Apple ID insecurity when using FileVault2, you
must take one of the following actions:

1) Turn off your computer rather than putting it to sleep.

2) Decrypt FileVault (which makes the preference appear), deselect the
checkbox, and re-encrypt.

~~~
nodata
Do you know where the setting is stored, to skip the decrypt/encrypt stage?

------
nodata
This article could be better written.

tl;dr: Apple force-enabled user password recovery using Apple ID in Mountain
Lion, meaning they can apparently also change your FileVault 2 passphrase and
decrypt your disk.

I'm not convinced though. _Has he tried this?_

Normally the user has the same password as the passphrase used to decrypt the
FileVault 2 volume. If Apple resets my password, does my passphrase get reset
too? Sure? How does that work?

~~~
dchest
As far as I understand, when encrypting a volume, if AppleID option is
enabled, a separate randomly generated recovery ("backdoor") key for the
volume is sent to Apple (<http://support.apple.com/kb/HT4790>). I think,
before iCloud/AppleID thing you had to call Apple support and answer questions
to get this recovery key. With AppleID, I suspect the whole thing is
automated.

So, (again, I'm speculating), your AppleID and FileVault 2 passwords are
completely independent things -- it's just that your additional
recovery/backdoor key is stored in the iCloud, accessible with AppleID.

Here's the analysis of FileVault 2 <http://eprint.iacr.org/2012/374.pdf>

~~~
quonn
I don't think this is the case.

Here is how I understand it:

FileVault 2 uses a generated secret key for encryption ; It uses a table that
contains for each account the encrypted key, encrypted in turn with a key
derived from each user password. It also generates a "backdoor" key that can
recover the encryption key which you can write down or if you want (!) store
with Apple. The issue described here is not related to the actual full-disk
encryption and the reason why the password reset does not work when cold-
booting is not related at all to missing network drivers (as described in the
article.) Rather it shows that the encrypted disk can't possibly decrypted by
just reseting you Apple ID, because - if you have not agreed - FileVault has
_not_ stored the backdoor key on Apple servers and it can't be used to recover
the encryption key. Why does recovery work when the machine is sleeping? Well,
because in that case the encryption key is stored in memory and _can_ be
restored if the OS wishes to give it up. It is well known that full-disk
encryption only really protects you if the machine has been fully shut down. A
dedicated attacker can usually recover the key by removing the battery and
cooling the RAM to keep it from losing data.

I agree that not being able to turn off the option is a bug that should be
fixed, but the situation is not as bad as it may sound at first.

TL;DR: FileVault 2 is just as secure as everyone assumed and even Apple can
not decrypt your disk if the computer has been shut down. If it is running
Apple could always use a backdoor if they wanted and other attackers could
always extract data from memory.

~~~
dchest
If the option is enabled, volume encryption is as good as your encryption
password OR Apple ID password + whatever security measures Apple has against
someone resetting your password (see recent stories).

If the option is disabled, the encryption is as good as your encryption
password, period.

The complaint was that this option is now enabled by default.

------
bwhalley
My Mac running Mountain Lion & FV2 doesn't have that checkbox in Users &
Groups. My User & Groups preferences pane looks exactly like the authors
except for that one checkbox that mine does not have.

