[chiph]

Even with full-disk encryption, an image will be made of the drive, and the government will keep a copy on the chance that the password will be revealed later. Or the algorithm gets broken/weak enough at some point in the future.

[toomuchtodo]

Silly question.

Let's assume you have a device like a Macbook Pro or a Macbook Air, where you can't physically remove the drive without ungluing the device. You hotrod the firmware so only trusted USB devices with a specific encryption key are permitted to connect. How would the drive be imaged?

[lambda]

Thunderbolt target disk mode: http://support.apple.com/kb/PH3838

Perhaps you could solve this by "hotrodding" the firmware, but it's not particularly obvious how you could do that without risking bricking your laptop.

[toomuchtodo]

Perhaps Apple needs to require a password to boot off USB or to access target disk mode.

[Torgo]

It's too bad the newer Macbook Pros don't come with ExpressCard slots anymore. I used to boot off a fast SSD expresscard. No disadvantages at all, other than the card ran hot. Remove the internal drive and when you pop out the Expresscard, much lower attack surface.