Filed under: OS, Software, Other Events, Apple
Behind the scenes with FileVault
FileVault is the Home directory encryption feature of OS X (introduced in Pather) which Apple bills as offering, 'Eternal Protection.' Apple hasn't produced much documentation on FileVault, I suppose in hopes that no one would find an easy way to hack it. A presentation at the 23rd Chaos Computing Congress focused on FileVault, how it works, and possible vulnerabilities.Luckily for us, the general conclusion is that FileVault is a good way to secure your drive, if used correctly. FileVault does not encrypt the contents of system memory by default in Tiger (It doesn't do it at all in Panther) and it does not, by design, encrypt anything outside of a user's home directory.
There are a few possible attack vectors, but the easiest seems to be a good old brute force Dictionary attack on the 'Master Password' that you must set when enabling FileVault. Remember, if your password is weak all the encryption in the world won't help you.
[via MacSlash]
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Leonard Nimrod said 7:51PM on 12-29-2006
Dooes anyone using Leopard have any info on changes/improvements with FileVault?
Reply
jason said 8:39PM on 12-29-2006
I ahvent used it on my new Macbook Pro, but I remember Filevault slowed my iBook down tremendously.
is it any faster on the new C2D macs?
Reply
Steven Fisher said 9:08PM on 12-29-2006
jason: Speed is the trade off. Decide if you want security or speed. Personally, I wanted security. However, turning on FileVault introduces a lot of bugs in, for example, AppleScript.
Reply
Mike Bezner said 11:35PM on 12-29-2006
One thing they don't tell you-
Once you turn on FileVault, it is difficult to turn it off should you choose to do so. You need the same amount of empty hard drive space available as the size of your FileVault or it won't work.
Reply
Ed said 11:40PM on 12-29-2006
I just turned it of with no problem.
Reply
Lon Seidman said 12:39AM on 12-30-2006
WARNING: If you use filevault be very careful.. I turned it on to encrypt files on my powerbook only to find the filevault volume corrupted only a few days later. Since it encrypts EVERYTHING in your user directory into a single enormous file, I lost everything when the thing crashed. Photos, music, etc. I wish TrueCrypt would get ported over to the Mac soon, it's a great solution for encrypting data and much easier to manage.
Reply
john said 1:31AM on 12-30-2006
Older Word using documents migrated from a PC will have problems if they are stored on (in?) filevault.
Reply
Leonard Nimrod said 7:50AM on 12-30-2006
IF YOU WISH TO ENCRYPT FILES ON YOUR MAC TRY USING DISC UTILITY TO CREATE A PASSWORD PROTECTED DISC IMAGE. YOU CAN CHOOSE THE SIZE AND PLACE IT ANYWAY YOU WISH.
Reply
Mattias Karlsson said 8:36AM on 12-30-2006
I've also experienced slow performance with FV enabled. Turning it off on my MBP made me like my laptop again. If it had been fast it would've been a great feature.
Reply