This analysis brings up some interesting points. One thing I think is important to note is this isn't breaking the encryption, but bypassing it by gaining access to the keys. Hopefully it'll be enough to push people to use FDE with manually entered keys and hibernate rather than sleep, at least until hardware is adapted to deal with this. I'd like to see a memory controller do native speed memory encryption with self-sufficient tamper detection for the keys. Maybe this publicity will get Apple will officially support hibernate outside of low-battery situations, and add an option for password to wake.
Copyright ©2000-2008 Jeremy Mooney (jeremy-at-qux-dot-net)
