Skip navigation

What's the point of FileVault?

18879 Views 45 Replies Latest reply: Feb 11, 2014 6:25 PM by conrlee17 RSS
  • kap_australia Calculating status...
    Currently Being Moderated
    Feb 14, 2012 3:57 PM (in response to Topher Kessler)

    May I pls confirm a couple of things with you...

     

    1. CCC has recently enabled Lion Recovery HD cloning. Will Filevault still prevent this because the Recover partion is hidden.

    2. I am assuming that the backup itself is not encrypted. In other words you will need to use a third party tool to encrypt the backup.

    3. Since Filevault is mostly transparent, the passwords to the admin accounts enabled are still the primary barrier in accessing the information. ie. You do not need to enter the recovery key each time you log in. The benefit therefore only arises when a theif cannot crack the password and uses a peripheral to try and access the disk.

     

    Thanks.

  • ds store Level 7 Level 7 (30,305 points)
    Currently Being Moderated
    Feb 14, 2012 4:39 PM (in response to Dogs \'n Front)

    What's the point in Filevault?

     

    For most people it's unnecessary and will substantially hinder file recovery efforts though direct access of the 1's and 0's on the drive itself.

     

    It is performance robbing as it ties up your CPU with another task. Not such a big deal for word files, but it can be a issue with large video files etc.

     

    For those who work in security or have that sort of high level need, then it's needed of course.

     

     

    Most folks who only want to encrypt a few select files or folders are better off with third party file encryption software, the advantage of this is they can be transferred or even recovered encrypted and decoded on another machine with the right software and password.

     

    So if the computer dies, the storage can be removed and the encrypted files accessed, even from Linux or Windows machines.

     

    Some people/places like hospitals/medical records use a self encrypting external hard drive either with a key and/or a keypad password to decrypt the data stream thus the files can be accessed by any computer.

     

    Others have more disposable/smaller  needs, something like a self encrypting Iron Key which they can hide or toss at a sign of danger.

     

    Filevault is likley necessary with SSD's and private data because they can't be "scrubbed" like hard drives can, so with a SSD and any private data, Filevault should be utilized.

     

    Of course Apple has to give certain authorities access or likely there is some sort of crack.

     

    If you take your broken Mac to a Apple Store they will require the Filevault password.

     

    If your at Customs/Immigration, they will sometimes ask for the password to snoop in your computer and clone your drive.

     

    US courts have required suspects to decode their drives, seems the right to not implicate oneself has little effect.

     

    There is a device that can read the entire SSD of iPods, iPhones and iPads (all cell phones too) in minutes and retrieves the password for decoding, so apparently the "industry" is providing access to these devices.

     

    Eventually Mac's will also be just as susceptible to this sort of easy intrusion.

     

    http://www.thenewspaper.com/news/34/3458.asp

     

     

    IMHO, if you have something to keep private and can't be disclosed ever, should keep it encrypted in a manner that doesn't draw attention, can't be obvious or in plain sight and is easily disposable.

     

    Powerful rich governments with a strong bio-sciences/medical certainly can make or already have DNA computers which are cable of taking all the keyboard combinations and running it against a encrypted block of data.

     

    I doubt many people will have the capacity to remember several hundred or thousand random character passwords in order to defeat such methods.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 14, 2012 4:53 PM (in response to ds store)

    There is another issue with FV2, which occurs if you have other users on your system.

     

    Any user that is enabled to startup the machine thereby unencrypts the entire disk (this was not the case with FV1, which only encrypted individual home folders).

     

    Through single user mode, a managed user can read every other users home folders, including Admins. As far as I can tell, they can't change the admin's password (which is on the recovery partition and encrypted), but they can do plenty other stuff as root. In this respect, Filevault 1 was more secure.

  • kap_australia Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 14, 2012 5:03 PM (in response to ds store)

     

     

    IMHO, if you have something to keep private and can't be disclosed ever, should keep it encrypted in a manner that doesn't draw attention, can't be obvious or in plain sight and is easily disposable.

     

     

    This is where I started when I was looking at security. However, what can easily happen is that you begin with a practical approach and then start reading articles and forums and before long you believe that the whole world is out to get you. Next you are trying to encrypt phone number of your local chicken shop.

     

    I had looked at Truecrypt which would suffice to store specific data. I then was trying to find a way to encrypt all the OS app data which led to system wide encryption options and therefore stumbled upon FV.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 14, 2012 7:28 PM (in response to kap_australia)

    The problem with Lion is that you really can't afford not to use FV2, even if you're not ultra-paranoid or not keeping State secrets.I've written about this here

     

    http://applehelpwriter.com/2012/01/06/how-to-secure-your-mac-os-x-lion/

     

    but the short story is that if you have any personal data on your machine, you need to enable FV2 for the simple reason that the recovery disk enables anyone to circumvent your admin passwords if you don't. A firmware password is not really much of an answer, as anyone can have the back off your machine and back on in under 5 minutes. A child could do it.

     

    So FV2 is necessary with Lion, I think. Just don't enable any other users on your machine if you worry about them reading what's in your home folder.

  • etresoft Level 7 Level 7 (23,905 points)
    Currently Being Moderated
    Feb 14, 2012 8:00 PM (in response to softwater)

    softwater wrote:

     

    if you have any personal data on your machine, you need to enable FV2 for the simple reason that the recovery disk enables anyone to circumvent your admin passwords if you don't.

    You don't need FileVault to secure personal data and it is not possible to circumvent your admin password.

     

    Any user can create an encrypted volume and store personal files in there. That is what I do. You can even create aliases (true Finder aliasa, not symbolic links) to file and folders inside the secure volume. Double-click the alias and your volume will prompt for a password and mount, opening the requested file.

     

    Anyone with physical access to your machine could reset an admin password and access all of your personal files. They could not get to this encrypted volume and they could not get to your keychain.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 14, 2012 8:05 PM (in response to etresoft)

     

    etresoft wrote:

     

     

    1. You don't need FileVault to secure personal data and it is not possible to circumvent your admin password....

     

    2. ....Anyone with physical access to your machine could reset an admin password and access all of your personal files.

     

     

    Contradiction there, etresoft. Your first claim is flat out false. The second one is precisely what I was saying.

  • etresoft Level 7 Level 7 (23,905 points)
    Currently Being Moderated
    Feb 14, 2012 8:32 PM (in response to softwater)

    softwater wrote:

     

    Contradiction there, etresoft. Your first claim is flat out false. The second one is precisely what I was saying.

    Reset is not the same as circumvent. Even if you reset the password or remove the hard drive, any encrypted data will stay encrypted.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 14, 2012 9:45 PM (in response to etresoft)

    etresoft wrote:

     

    Even if you reset the password or remove the hard drive, any encrypted data will stay encrypted.

     

    Yes, that's why I said FV2 is necessary.

     

    Without FV2, there is no encrypted data, and anyone can reset the passwords via Recovery partition.

     

    You can't reset the password if FV2 is enabled, not even via single user mode.

  • Topher Kessler Level 6 Level 6 (9,305 points)
    Currently Being Moderated
    Feb 14, 2012 10:04 PM (in response to kap_australia)

    The recovery HD partition is a separate, unencrypted volume. It being hidden does not prevent utilities from accessing it for tasks like cloning, but this will not compromise any data security or FileVault.

     

    You can encrypt the backup volume by formatting it as an encrypted volume in Disk Utility, and then using it as your Time Machine volume. If you don't do this then the backups will not be encrypted, though in some cases this might be desired, such as if you only backup in a secure location and leave the drive there, but wish to keep the computer encrypted for travel elsewhere.

     

    You are correct that the password is the barrier to the encryption keys and therefore is the weakest link in the chain, so if you choose a poor password that is easily guessed, then your data is potentially unsafe. So far the only hack to this is through memory snooping via Firewire since Firewire's DMA features allow it to directly access system memory, but the workaround for this is to never leave the system in sleep mode when it is unattended.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 15, 2012 1:53 AM (in response to Dogs \'n Front)

    I'm not sure how you would reach that conclusion, except by misunderstanding (which would be our fault, rather than yours).

     

    Let me put it down to a simple checklist:

     

    1. Do you have any personal information on your computer that you don't want others to see?

     

    2. Do you use an Admin password and aim to keep it secret?

     

    If the answer to BOTH those questions is NO, you don't need FV2.

     

    If the answer to EITHER of those questions is YES, you DO need FV2.

     

    This is the reason why: The Recovery partition on your HD renders all account passwords pointless UNLESS FV2 is enabled.

  • kap_australia Level 1 Level 1 (0 points)
    Currently Being Moderated
    Feb 15, 2012 5:32 AM (in response to Topher Kessler)

    Thanks, that makes sense.

     

    Although I was expecting password cracking to be an eaiser option than ram snooping.

     

    Be that as it may, your earlier post suggested that you prefer system wide encryption. I definitely will choose an encryption method. The question is whether to use a tool to encrypt selected files and folders or use FV.

     

    As you can see both opinions are supported. I' love to say that there is clear evidence for one over the other but I think the only way to do is this try for yourself. My concern is performance in system wide encryption, especially serving large video files. Philosophically I also like the idea of keeping things simple and not advertise encryption.

     

    I'll give FV a try and evaluate performance and turn back if I need to.

     

    Thanks.

  • etresoft Level 7 Level 7 (23,905 points)
    Currently Being Moderated
    Feb 15, 2012 5:49 AM (in response to softwater)

    File Vault is not necessary. It is overkill for most people. Anyone can create an encrypted disk image and use it like an encrypted folder to store sensitive personal files. An encrypted disk image is just as secure as File Vault and less of a problem if you forget the password. You can store the password in the keychain which is, itself, encrypted. Resetting the login password will not provide access to the keychain.

  • softwater Level 5 Level 5 (5,370 points)
    Currently Being Moderated
    Feb 15, 2012 6:08 AM (in response to etresoft)

    etresoft wrote:

     

    Anyone can create an encrypted disk image and use it like an encrypted folder to store sensitive personal files.

     

    This is valuable information (at least to me). Would you care to enlighten us on how that is done? I'd wager I'm not the only one that doesn't know how to do this.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.