Is Legacy FileVault the same as "FileVault 1"?

Question

Is Legacy FileVault the same as "FileVault 1"?

The apple Support documebt has a link that suggests that Legacy FileVault is FileVault 2. Is this right?

http://support.apple.com/kb/TS4272?viewlocale=en_US&locale=en_US

Mac Pro, Mac OS X (10.7.2)

Posted on May 10, 2012 5:01 AM

Reply

Answer 1

Best reply

softwater

Level 5

5,556 points

May 10, 2012 5:14 AM in response to Patrick Barsby

Yes. This was the term given to "Filevault 1" (i.e., the original Filevault in Leopard) after Filevault 2 was introduced with Lion.

Reply

Answer 2

May 10, 2012 5:17 AM in response to Patrick Barsby

Thanks.

So the link from "Legacy FileVault" in the Apple Support document to FileVault 2 is incorrect?

Reply

Answer 3

softwater

Level 5

5,556 points

May 10, 2012 5:18 AM in response to softwater

Just to be clear, as you asked a different question in the title to the question in the post

Legacy Filevault = "Filevault 1" (Filevault in Leopard and Snow). Filevault 2 is the name given to Filevault in Lion.

The original Filevault only encrypted users home folders. Filevault 2 starting with Lion, is quite different and encrypts the entire disk.

Reply

Answer 4

softwater

Level 5

5,556 points

May 10, 2012 5:23 AM in response to Patrick Barsby

Lion will support in a limited sense the old Filevault (Legacy Filevault) in that if it was already enabled it will continue to be so, but you cannot encrypt new users home folders.

Normally, when you migrate an account that had FileVault turned on in Leopard/Snow Leopard, Lion will ask you if you want to turn it off. You can leave it on, but I would advise against it. Turn it off, and use FV2 instead.

Reply

Answer 5

May 10, 2012 5:29 AM in response to softwater

It appears that it is the Apple Support document (above) that is confusing and wrong.

In fact I have FV2 installed and I was trying to work out if this was vulnerable and needed to be fixed.

You have put my mind at rest.

Thanks

Reply

Answer 6

softwater

Level 5

5,556 points

May 10, 2012 5:40 AM in response to Patrick Barsby

FV2 is highly secure, but there is 'hole' in the whole philosophy behind it, which only applies if you have other users on your system and you give them 'startup' permissions (i.e., they have their own password for FV2).

Once a user is given startup permissions, they can in fact read your entire user home folder through Single User mode. This is a pretty obscure vulnerability and only applies under the situation I just described. If you do have other users on your system and you want your own home folder to remain out of their reach, don't give them startup permissions. Alternatively, use Disk Utility to locally encrypt sensitive folders in your own account.

Reply

Answer 7

sheffi

Level 1

17 points

Jul 26, 2012 8:25 AM in response to Patrick Barsby

I have a problem I forgot to dis able Vile fault when installing Mountain lion on top of Snow leopard and I went to Security and was surpried to see Leg acy Vile fault (sorry about the pun) it would not turn off and the screen went blank and a little grey cog spinning below ,I gave up and went to the new Vile Fault and set it it seems to be ok.

If you want to repair disk on recovery disk you have to turn of the Vile fault.

Reply