Skip navigation
This discussion is archived

File Vault question

638 Views 9 Replies Latest reply: Feb 20, 2008 10:02 AM by AuroraProject RSS
Tim Baker Level 2 Level 2 (280 points)
Currently Being Moderated
Feb 9, 2008 7:41 PM
I'm using my MacBook Pro traveling on the road right now and since it's the first time I've really had this outside the office it's got me wondering about turning on File Vault in case something should happen to my computer and it ends up in the wrong hands. I have some sensitive information here I wouldn't want others to see.

My questions are:

1. If I enable file vault now, will it screw up my time machine backups once I get back to the office and plug my time machine external drive in? Is it better to wait until the drive is plugged in?

2. Will I notice any performance issues with it enabled? I've heard some mixed reports about it on Tiger, but nothing really about it on Leopard.
MacBook Pro, MacBook, Mac mini, iPhone, Mac OS X (10.5.1)
  • Kappy Level 10 Level 10 (221,025 points)
    Currently Being Moderated
    Feb 9, 2008 8:35 PM (in response to Tim Baker)
    If you enable FileVault you will have to re-backup because TM doesn't backup a FileVault protected system the same as one that isn't protected. TM only backs up a FileVault after you logout and before you shut down. If you never log out of your account then your FileVault protected account will never be backed up by TM. If you shut down before TM completes the backup then you also have no backup. Backups will take considerably more time and do not occur in the background.

    There would be little performance impacts. FileVault only encrypts your user account (Home) folder. Applications and system files are not part of FileVault protection.
    Mac Pro 2.66 Ghz; MacBook Pro C2D 2.33 Ghz; MacBook Pro 2.16 Ghz, Mac OS X (10.5.1), Intel iMac C2D 17 "; MacBook 2.0 Ghz; 30 GB iPod Video (Black); iPod Nano 2 GB
  • smithrj Level 4 Level 4 (1,540 points)
    Currently Being Moderated
    Feb 9, 2008 9:42 PM (in response to Kappy)
    Hello Tim, I also used FileVault at one time. Kappy was the one who explained the issue with it. Unless you have government secrets on your home folder the program is useless. I gained Hard Drive space and solved other minor issues once de-activated.



    Ray
    MacBook 2GB, 250 drive, Black W/Lacie 160 external, Mac OS X (10.5.1), iMac 4GB Memory, 750 GB Drive, 10.4.11, iPod shuffle
  • Mick Mueck Calculating status...
    Currently Being Moderated
    Feb 19, 2008 11:15 PM (in response to Tim Baker)
    I'd like to add my 2c worth here regarding the famed security of the Mac (compared to Windows machines anyway). I use my Mac to do my taxes with TurboTax, I have a few emails I'd rather others not know about, I have some financial information in various spreadsheets, and some take-home employer related stuff that their competitors wouldn't mind having. I have a very secure password, I have unix file permissions set on sensitive files that allow only me to have access, and I also have my Mac setup to require a password to get back in once the screen saver kicks in.

    I'm willing to bet that many Mac users think that if their laptop got stolen that the act of accessing their files requires some clever time-consuming hacking to get around your password etc. Nothing could be further from the truth. All you have to do is boot up the Mac while holding down the 'T' key to put the machine into target disk mode. Then simply connect it via a firewire cable to any Mac and it mounts just like an external hard drive. At that point complex passwords and restrictive unix privileges mean NOTHING - you can freely see, edit or copy absolutely anything you want. It's just so easy to get your data - heck, you can 'borrow' a shut down Mac during lunch time, copy all the stuff you want, and return it with the owner being none the wiser. The same also applies if your backup drive is stolen/borrowed.

    The ONLY way to protect your data is via encryption. Whether filevault is the right solution is debatable, but the encryption part isn't.
    17 G4 iMac, Mac OS X (10.3.x)
  • AuroraProject Level 1 Level 1 (45 points)
    Currently Being Moderated
    Feb 19, 2008 11:28 PM (in response to Mick Mueck)
    Enable the open firmware password and avoid that scenario. Starting my MBP with the t key held down does nothing, it just boots to the login screen.
    MacBook Pro 17" 2.16ghz Core Duo, 2gigs RAM, 120gig HDD, Mac OS X (10.5.2)
  • Mick Mueck Level 2 Level 2 (180 points)
    Currently Being Moderated
    Feb 20, 2008 4:17 AM (in response to AuroraProject)
    Good point - I'm going to do that right now!! But what about the backup drive - I guess that's still vulnerable, right?
    17 G4 iMac, Mac OS X (10.3.x)
  • smithrj Level 4 Level 4 (1,540 points)
    Currently Being Moderated
    Feb 20, 2008 4:29 AM (in response to Tim Baker)
    Hi Tim, a good idea is the little locks they make to secure your computer. Apple also offers GPS help at a small fee to find lost notebooks.



    Ray
    MacBook 2GB, 250 drive, Black W/Lacie 160 external, Mac OS X (10.5.2), iMac 4GB Memory, 750 GB Drive, 10.4.11, iPod shuffle
  • Digi H Calculating status...
    Currently Being Moderated
    Feb 20, 2008 5:05 AM (in response to AuroraProject)
    AuroraProject:

    "Enable the open firmware password and avoid that scenario. Starting my MBP with the t key held down does nothing, it just boots to the login screen."

    Just change the memory configuration, i.e. remove some RAM, and the open firmware password is reset, and starts up into target disk mode for anyone who wants to grab your data

    ... or take the HD out and read it ...

    I rely on FileVault there

    Mick Mueck:

    But what about the backup drive - I guess that's still vulnerable, right?

    Again, I backup to an encrypted disk image. Then all the data is also secure on the external backup drive.

    Call me paranoid, but I like to know for sure that my data is secure in case of theft.

    Message was edited by: Digi H
  • AuroraProject Level 1 Level 1 (45 points)
    Currently Being Moderated
    Feb 20, 2008 10:02 AM (in response to Digi H)
    True, but I'm all for doing everything possible to prevent theft. At least with the towers you can put a padlock on the case so the side panel is locked. If someone wants it bad enough, they'll get it, so encryption is the best choice.

    Message was edited by: AuroraProject
    MacBook Pro 17" 2.16ghz Core Duo, 2gigs RAM, 120gig HDD, Mac OS X (10.5.2)

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.