Asking if you should trust software X is like asking the internet if it'd be healthy for you to start running a marathon.
For starters, how would we know? The software in question is closed-source and has spotty docs as best - and more importantly: your trust in a software is something that only you can establish for yourself, irregardless if whatever number of people on the internet claim the product trustworthy.
These are all very good points, but I guess I was think purely in architecture terms, like "does this software have a known-bad crypto design?" Tptacek answered that, but you make a good point that ultimately no one but Apple knows whether FileVault is doing exactly (and only) what Apple says it does.
To be fair they asked if they should not trust it. Which I think is a fair question. It could be answered with "I don't have a reason not to", or "Yes, because ...". Neither answer implies that it should be trusted.
For starters, how would we know? The software in question is closed-source and has spotty docs as best - and more importantly: your trust in a software is something that only you can establish for yourself, irregardless if whatever number of people on the internet claim the product trustworthy.
Appelbaum on FileVault(1) in 2006: http://events.ccc.de/congress/2006/Fahrplan/attachments/1244...