I think they're speaking about system dumps at the manufacturer level.
For example, I'm fairly confident that the data on Motorola devices can be read completely using USB from bootloader mode without any data modification (using tools like RSD Lite or sbf_flash). By itself that wouldn't get past OS-level encryption, though. That bootloader is entirely Motorola's with functionality and communication protocols dating back to before the pre-Android razr flip phones (from what I could tell back when I was doing battle with the XT720).
On the other hand, passphrases for boot security on mobile devices are often extremely weak (pin or what-have-you) and easy to brute force (assuming there is a backdoor to access the TPM contents or whatever it's called on ARM/OMAP/etc if it uses that sort of thing)
With regards to FileVault for Mac, some friends who used to work as Geniuses at the Apple Store have mentioned having to request special software from corporate that would fix or recover FileVault in some way - they weren't clear and said it was not something they were supposed to talk about. Obviously I'd take the info with a grain of salt, but based on the news lately...
I had an conversation regarding FileVault with the geniuses recently too.
> Oh we see [your MacBook] has a password, would you be able to write it down here?
Haha, nope!
> Any, uh, reason not to?
Nope.
From a conversation later on, apparently not many people opt not to give up their keys. I'm not sure why they pushed me to give it up either, the geniuses know full well that they can just boot their diagnostics disk without the password anyway.
Bear in mind that the default setup for Apple's FileVault also sends a copy of the encryption key to Apple too (associated with your AppleID), where presumably there is access granted to the US government also (willing or unwilling).
> Bear in mind that the default setup for Apple's FileVault also sends a copy of the encryption key to Apple too (associated with your AppleID), where presumably there is access granted to the US government also (willing or unwilling).
For example, I'm fairly confident that the data on Motorola devices can be read completely using USB from bootloader mode without any data modification (using tools like RSD Lite or sbf_flash). By itself that wouldn't get past OS-level encryption, though. That bootloader is entirely Motorola's with functionality and communication protocols dating back to before the pre-Android razr flip phones (from what I could tell back when I was doing battle with the XT720).
On the other hand, passphrases for boot security on mobile devices are often extremely weak (pin or what-have-you) and easy to brute force (assuming there is a backdoor to access the TPM contents or whatever it's called on ARM/OMAP/etc if it uses that sort of thing)