OS X Daily comments on securing Apple’s FileVault:
Standby mode is a power saving feature that automatically hibernates a Mac after it has been in sleep mode for a while, which it does to further decrease drain on battery. When a Mac using FileVault encryption is placed into standby mode, a FileVault key (yes, this key is encrypted) is stored in EFI (firmware) so that it can quickly come out of standby mode when woken from deep sleep. For 99% of users, that hardly matters and it’s not a security concern, but for those who are concerned about absolute maximum security and protecting a Mac from some unusually aggressive attacks (i.e. espionage level), you can set OS X to automatically destroy that FileVault key when it’s placed in power-saving standby mode, preventing that stored key from being a potential weak point or attack target.
Read more at: Maximize FileVault Security by Destroying Key Storage in Standby Mode
Leave a Comment