Back to Mobile View

Skip to Content

TUAW Deals

Behind the scenes with FileVault

FileVault is the Home directory encryption feature of OS X (introduced in Pather) which Apple bills as offering, 'Eternal Protection.' Apple hasn't produced much documentation on FileVault, I suppose in hopes that no one would find an easy way to hack it. A presentation at the 23rd Chaos Computing Congress focused on FileVault, how it works, and possible vulnerabilities.

Luckily for us, the general conclusion is that FileVault is a good way to secure your drive, if used correctly. FileVault does not encrypt the contents of system memory by default in Tiger (It doesn't do it at all in Panther) and it does not, by design, encrypt anything outside of a user's home directory.

There are a few possible attack vectors, but the easiest seems to be a good old brute force Dictionary attack on the 'Master Password' that you must set when enabling FileVault. Remember, if your password is weak all the encryption in the world won't help you.

[via MacSlash]


Categories

OS Software Other Events Apple

FileVault is the Home directory encryption feature of OS X (introduced in Pather) which Apple bills as offering, 'Eternal Protection.'...