File Vault question

If you enable FileVault you will have to re-backup because TM doesn't backup a FileVault protected system the same as one that isn't protected. TM only backs up a FileVault after you logout and before you shut down. If you never log out of your account then your FileVault protected account will never be backed up by TM. If you shut down before TM completes the backup then you also have no backup. Backups will take considerably more time and do not occur in the background.

There would be little performance impacts. FileVault only encrypts your user account (Home) folder. Applications and system files are not part of FileVault protection.

Hello Tim, I also used FileVault at one time. Kappy was the one who explained the issue with it. Unless you have government secrets on your home folder the program is useless. I gained Hard Drive space and solved other minor issues once de-activated.



Ray

I'd like to add my 2c worth here regarding the famed security of the Mac (compared to Windows machines anyway). I use my Mac to do my taxes with TurboTax, I have a few emails I'd rather others not know about, I have some financial information in various spreadsheets, and some take-home employer related stuff that their competitors wouldn't mind having. I have a very secure password, I have unix file permissions set on sensitive files that allow only me to have access, and I also have my Mac setup to require a password to get back in once the screen saver kicks in.

I'm willing to bet that many Mac users think that if their laptop got stolen that the act of accessing their files requires some clever time-consuming hacking to get around your password etc. Nothing could be further from the truth. All you have to do is boot up the Mac while holding down the 'T' key to put the machine into target disk mode. Then simply connect it via a firewire cable to any Mac and it mounts just like an external hard drive. At that point complex passwords and restrictive unix privileges mean NOTHING - you can freely see, edit or copy absolutely anything you want. It's just so easy to get your data - heck, you can 'borrow' a shut down Mac during lunch time, copy all the stuff you want, and return it with the owner being none the wiser. The same also applies if your backup drive is stolen/borrowed.

The ONLY way to protect your data is via encryption. Whether filevault is the right solution is debatable, but the encryption part isn't.

Enable the open firmware password and avoid that scenario. Starting my MBP with the t key held down does nothing, it just boots to the login screen.

Good point - I'm going to do that right now!! But what about the backup drive - I guess that's still vulnerable, right?

Hi Tim, a good idea is the little locks they make to secure your computer. Apple also offers GPS help at a small fee to find lost notebooks.



Ray

AuroraProject:

"Enable the open firmware password and avoid that scenario. Starting my MBP with the t key held down does nothing, it just boots to the login screen."

Just change the memory configuration, i.e. remove some RAM, and the open firmware password is reset, and starts up into target disk mode for anyone who wants to grab your data 😉

... or take the HD out and read it ...

I rely on FileVault there

Mick Mueck:

But what about the backup drive - I guess that's still vulnerable, right?

Again, I backup to an encrypted disk image. Then all the data is also secure on the external backup drive.

Call me paranoid, but I like to know for sure that my data is secure in case of theft.

Message was edited by: Digi H

True, but I'm all for doing everything possible to prevent theft. At least with the towers you can put a padlock on the case so the side panel is locked. If someone wants it bad enough, they'll get it, so encryption is the best choice.

Message was edited by: AuroraProject