[sil3ntmac]

FileVault 2 is supposed to be secure against this* when the machine is powered on and locked or sleeping.

* Source http://security.stackexchange.com/questions/18720/how-secure...

[dmix]

Interesting. Apparently LUKS/dmcrypt on Linux is also protected from DMA attacks (firewire/thunderbolt devices).

> If you enable LUKS root, DMA attack mitigation is also enabled(boot.initrd.luks.mitigateDMAAttacks ). It consists of blacklisting firewire drivers.

Edit: still at risk of the "Evil Maid Attack" http://www.aspecrypt.com/evil_maid_attack.html