9 Replies Latest reply: Oct 15, 2012 5:32 AM by Rajapintaja
Patrick Barsby Level 1 (45 points)

The apple Support documebt has a link that suggests that Legacy FileVault is FileVault 2. Is this right?

http://support.apple.com/kb/TS4272?viewlocale=en_US&locale=en_US


Mac Pro, Mac OS X (10.7.2)
  • softwater Level 5 (5,370 points)

    Yes. This was the term given to "Filevault 1" (i.e., the original Filevault in Leopard) after Filevault 2 was introduced with Lion.

  • Patrick Barsby Level 1 (45 points)

    Thanks.

    So the link from "Legacy FileVault" in the Apple Support document to FileVault 2 is incorrect?

  • softwater Level 5 (5,370 points)

    Just to be clear, as you asked a different question in the title to the question in the post

     

    Legacy Filevault = "Filevault 1" (Filevault in Leopard and Snow). Filevault 2 is the name given to Filevault in Lion.

     

    The original Filevault only encrypted users home folders. Filevault 2 starting with Lion, is quite different and encrypts the entire disk.

  • softwater Level 5 (5,370 points)

    Lion will support in a limited sense the old Filevault (Legacy Filevault) in that if it was already enabled it will continue to be so, but you cannot encrypt new users home folders.

     

    Normally, when you migrate an account that had FileVault turned on in Leopard/Snow Leopard, Lion will ask you if you want to turn it off. You can leave it on, but I would advise against it. Turn it off, and use FV2 instead.

  • Patrick Barsby Level 1 (45 points)

    It appears that it is the Apple Support document (above) that is confusing and wrong.

    In fact I have FV2 installed and I was trying to work out if this was vulnerable and needed to be fixed.

     

    You have put my mind at rest.

    Thanks

  • softwater Level 5 (5,370 points)

    FV2 is highly secure, but there is 'hole' in the whole philosophy behind it, which only applies if you have other users on your system and you give them 'startup' permissions (i.e., they have their own password for FV2).

     

    Once a user is given startup permissions, they can in fact read your entire user home folder through Single User mode. This is a pretty obscure vulnerability and only applies under the situation I just described. If you do have other users on your system and you want your own home folder to remain out of their reach, don't give them startup permissions. Alternatively, use Disk Utility to locally encrypt sensitive folders in your own account.

  • sheffi Level 1 (5 points)

    I have a problem I forgot to dis able Vile fault when installing Mountain lion on top of Snow leopard and I went to Security and was surpried to see Leg acy Vile fault (sorry about the pun) it would not turn off and the screen went blank and a little grey cog spinning below ,I gave up and went to the new Vile Fault and set it it seems to be ok.

     

    If you want to repair disk on recovery disk you have to turn of the Vile fault.

  • sheffi Level 1 (5 points)

    Vile Fault 2 copy.jpg

    VileFault copy.jpg

     

    How can this be ? I can not turn off Legacy VileFault.

     

    Message was edited by: sheffi

  • Rajapintaja Level 1 (0 points)

    Yes there is always a cback door.