Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] A tool for encrypted laptops

Steve Weis steveweis at
Fri May 9 13:08:22 PDT 2014

Hi Tom. Does hibernation on a Mac protect from physical memory
extraction by default or is this something yontma configures?

After a quick search, I ran across "destroyfvkeyonstandby" to destroy
the FileVault key on standby. Is that sufficient?

As for DMA attacks, my understanding is the latest OS X does pretty
good job by default. DMA is disabled while the screen is locked and I
wasn't able to hotplug arbitrary PCI devices via Thunderbolt (at least
as of a year ago). I wasn't able to conduct DMA attacks via
Thunderbolt unless the PCI device was connected on bootup and the
laptop unlocked. That's an artificial setting, except perhaps for a
laptop dock with a hidden Thunderbolt hub.

On Fri, May 9, 2014 at 11:41 AM, Tom Ritter <tom at> wrote:
> Hey all.  Reviving an oooold thread with a new release:
> From the first email: If your encrypted laptop has its screen locked,
> and is plugged into power or ethernet, the tool will hibernate your
> laptop if either of those plugs are removed.  So if you run out for
> lunch, or leave it unattended (but plugged in) at starbucks, and
> someone grabs your laptop and runs, it'll hibernate to try to thwart
> memory attacks to retrieve the disk encryption key. Not foolproof, but
> something simple and easy.
> We've now released a version for Mac. (Open Source of course.)

More information about the liberationtech mailing list