site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Domainkey-signature: s=main; d=mail.utexas.edu; c=nofws; q=dns; h=Received:Received:Received:Message-ID:Date:From: Reply-To:Organization:User-Agent:MIME-Version:To:CC: Subject:References:In-Reply-To:Content-Type: Content-Transfer-Encoding; b=u+xgtf6AVfWyXf/y+HUG82rfQERjr1PEF+sGXgN/rX/WlLDbiAopo ZwdSnY+JCKdRYJ93D0MvMsyJTmZAjoiaZucj+Ak/3eLDqvcmnpDW3 HHCiZoYXiIp9qLpk3daaC5OFpwBpntikRcJbXgVKDhc3vnPp1009/ an/eYY+ML2IE=; Organization: The University of Texas at Austin User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.11) Gecko/20071128 SeaMonkey/1.1.7 - Dave On Jan 2, 2008, at 11:10 AM, Robert T Wyatt wrote: Not if the EFI or Open Firmware password have been set. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... Well, I understand why it may seem like a ridiculous argument since it is oblique to the OPs intent and because conventional wisdom suggests that all is lost once physical access to the machine is achieved, but where I live and work, it's much easier to walk away with a closed laptop in a backpack than with an open laptop in the middle of disassembly. The time and effort it takes to perform these tasks can make a difference 1) in letting various types of recovery software kick in, and 2) which laptops are most attractive to theives. <finished voicing opinion> Dave Schroeder wrote: No. The firmware password can be easily and trivially defeated with unfettered physical access (change physical amount of RAM in the machine, and zap PRAM). And I was about to respond to the last post, too, and thought better of it...but anyway, yes, it is a moot point and mostly a ridiculous argument, but *technically*, if a thief could somehow easily do this, it would render FileVault useless for a logged-in user. Why it would be necessary to close the lid as opposed to just taking it is beyond me, but as long as we're considering every fringe case, there's another one. Matt Burnett wrote: Thats a moot point. If a thief has physical access to a machine, he wont care if its logged in or not. If he wants the data, he can boot off a CD, if they want a machine, then well, they all ready have it. On Jan 2, 2008, at 9:50 AM, Robert T Wyatt wrote: Too bad that this may be a mechanism for a thief to use to leave one's machine running and logged in while they move it to another location. This email sent to site_archiver@lists.apple.com