Mac 101: Protect your data with FileVault

Posted Aug 4th 2008 10:30AM by Cory Bohon
Filed under: Security, Mac 101

If you use a notebook Mac, then the risks are higher for getting your computer stolen. However, Apple has included a tool to protect your entire home folder (documents, pictures, movies, etc.) right within OS X. FileVault protects your computer against stolen data by encrypting/decrypting your home folder each time you login and logout.

To use FileVault, you must first set a Master Password. This password is a fail-safe if you forget your user login info. However, if you lose both your user login info and the master password, you will not be able to decrypt your home folder and your data (if not backed up in unencrypted form) will be lost forever. To set the master password, navigate to System Preferences > Security > FileVault > Set Master Password.

Once you have the master password set, you will be able to turn on FileVault and begin protecting your data. Click the "Turn on FileVault" button in the FileVault section of the Security preference pane. You will be asked for your master password, and a disclaimer will be displayed explaining the process. Please note that you will not be able to login to your Mac via SMB (Windows file sharing) after turning on FileVault.

FileVault provides a high level of data security, but some applications have a history of incompatibility with the feature; it's also very important that you have a secure and solid backup strategy if you choose to use FileVault. For best results with Time Machine, make sure that your FV home folder is upgraded to the Leopard image format (if you were using FV under Tiger, you may have to turn it off and back on to convert your home folder) and log out of your account periodically to allow backups to run.

Behind the scenes with FileVault

Posted Dec 29th 2006 7:00PM by Scott McNulty
Filed under: OS, Software, Other Events, Apple

FileVault is the Home directory encryption feature of OS X (introduced in Pather) which Apple bills as offering, 'Eternal Protection.' Apple hasn't produced much documentation on FileVault, I suppose in hopes that no one would find an easy way to hack it. A presentation at the 23rd Chaos Computing Congress focused on FileVault, how it works, and possible vulnerabilities.

Luckily for us, the general conclusion is that FileVault is a good way to secure your drive, if used correctly. FileVault does not encrypt the contents of system memory by default in Tiger (It doesn't do it at all in Panther) and it does not, by design, encrypt anything outside of a user's home directory.

There are a few possible attack vectors, but the easiest seems to be a good old brute force Dictionary attack on the 'Master Password' that you must set when enabling FileVault. Remember, if your password is weak all the encryption in the world won't help you.

[via MacSlash]

Your data is safer on a Mac

Posted Sep 20th 2006 4:30PM by Scott McNulty
Filed under: Analysis / Opinion, Portables, Apple, Security

Ok, so I'm using a dash of hyperbole in the title of this post, but Simson Garfinkel (writing for Computerworld) does recommend Apple portables based on security functionality alone. He highlights Filevault, secure virtual memory, and secure empty trash as the features of OS X that make Apple portables so secure. Sure, as he points out, one can get Windows up to this level of security (Lenovo does include similar utilities with their ThinkPads) but not without tinkering with Windows. OS X has it all built right in.

The one thing that Simson would like to see Apple do? Enable all of these features by default.

How many folks out there are using a combo of these features on their Macs?

How do I reset my Keychain password?

Posted Jul 20th 2006 10:00AM by Scott McNulty
Filed under: OS

Yesterday I was singing the praises of Keychain, and I still stand by my assessment. Keychain is a key feature of OS X that makes it stand apart from Windows. But what happens if you forget your Keychain password? You know, the password that lets you access all your other, heavily encrypted data?

That is exactly what happened to one poor soul who put the question to the MetaFilter community. It isn't as bad as forgetting your FileVault password, however, the sad truth of the matter is that you're going to have to generate yourself a new Keychain folder and starting from scratch. I know it sucks, but that is the price we pay for security. If you are in the same situation check out the MetaFilter discussion for the steps you need to take.

Knox version 1.0.7 is available

Posted Apr 20th 2006 1:00PM by Dave Caolo
Filed under: Software

I'll admit it, I don't want people poking around my Mac. While I may want certain files encrypted, Apple's File Vault would be overkill for my needs. That's why I use Knox. With Knox, you can quickly create password-protected, encrypted volumes that you alone can gain access to. You can even schedule backups to occur whenever your iPod is docked. If that's not your cup of tea, you can use a remote server or even your .Mac storage space as a backup destination for Knox. Moving from volume to volume is easily accomplished via a menu bar item.

How secure is secure? From the website: "Knox’s encryption—based on Apple’s FileVault technology—protects files with the U.S. Government’s new Advanced Encryption Standard (AES)." So there you go. Changes to version 1.0.7 include:

• Fixed a problem with opening the Preferences window after upgrading to 1.0.6.
• Fixed a crashing bug in Knox task handling.

There is a free trial available, and a single license will cost you $29.95US (€29.95 w/ VAT). Knox requires Mac OS 10.3.9 or later.

Mac News

WWDC (251)

.Mac (65)

Accessories (651)

Airport (75)

Analysis / Opinion (1402)

Apple (1695)

Apple Corporate (573)

Apple Financial (197)

Apple History (51)

Apple Professional (54)

Apple TV (164)

Audio (450)

Bad Apple (130)

Beta Beat (155)

Blogging (87)

Bluetooth (18)

Bugs/Recalls (56)

Cult of Mac (879)

Deals (224)

Desktops (116)

Developer (277)

Education (109)

eMac (10)

Enterprise (146)

Features (411)

Freeware (397)

Gaming (390)

Graphic Design (37)

Hardware (1302)

Holidays (37)

Humor (586)

iBook (66)

iLife (240)

iMac (185)

Internet (339)

Internet Tools (1337)

iTS (981)

iTunes (823)

iWork (23)

Leopard (375)

Mac mini (112)

Mac Pro (54)

MacBook (206)

MacBook Air (82)

Macbook Pro (225)

MobileMe (47)

Multimedia (457)

Odds and ends (1481)

Open Source (281)

OS (937)

Peripherals (214)

Podcasting (183)

Podcasts (94)

Portables (198)

PowerBook (136)

PowerMac G5 (51)

Retail (610)

Retro Mac (50)

Rig of the Week (42)

Rumors (640)

Software (4442)

Software Update (425)

Steve Jobs (254)

Stocking Stuffers (50)

Surveys and Polls (97)

Switchers (114)

The Woz (35)

TUAW Business (256)

Universal Binary (281)

UNIX / BSD (61)

Video (907)

Weekend Review (84)

WIN Business (47)

Wireless (87)

Xserve (39)

iPhone/iPod News

iPhone (1755)

iPod Family (2109)

App Store (144)

SDK (27)

Mac Events

One More Thing (27)

Liveblog (2)

Other Events (226)

Macworld (489)

Mac Learning

AppleScript (4)

Ask TUAW (106)

Blogs (85)

Books (26)

Books and Blogs (62)

Cool tools (449)

Hacks (471)

How-tos (490)

Interviews (44)

Mods (190)

Productivity (591)

Reviews (114)

Security (166)

Terminal Tips (64)

Tips and tricks (574)

Troubleshooting (171)

TUAW Features

iPhone 101 (36)

TUAW Labs (4)

Blast From the Past (19)

TUAW Tips (150)

Flickr Find (38)

Found Footage (90)

Mac 101 (109)

TUAW Interview (31)

Widget Watch (198)

The Daily Best (1)

TUAW Faceoff (6)

RESOURCES

• Send us news tips
• Contact Us
• Advertise
• Corrections?
• Problems?

RSS NEWSFEEDS

• Main RSS Feed
• Feeds by category

Sponsored Links

Advertise on TUAW

Featured Galleries

 

Most Commented On (7 days)

• Win a Dymo DiscPaint from TUAW (998)
• Win a copy of Bento from FileMaker and TUAW (630)
• No iPhone 3G for school? Win a bag of goodies instead (539)
• Searchlight, remote Spotlight on your Mac or iPhone (233)
• Win a 200-CD conversion from Ripstyles, plus a discount for everyone (145)
• iPhone Firmware 2.0.2 is available (144)
• The Rumor Room: iTunes Unlimited (78)
• What's the deal with Seinfeld doing ads for Microsoft? (72)
• Dear Aunt TUAW: iPhone 3G and GPS (71)
• Pandora may pull the plug on itself (64)

Recent Comments

• Bob on Win a Dymo DiscPaint from TUAW
• Unregistered on What's the deal with Seinfeld doing ads for Microsoft?
• Evan on Win a 200-CD conversion from Ripstyles, plus a discount for everyone
• Allan on What's the deal with Seinfeld doing ads for Microsoft?
• Jinto.Lin on Mission TUAWpossible: Back up your iPhone with Time Machine
• Gerry on Win a Dymo DiscPaint from TUAW
• discman on Win a Dymo DiscPaint from TUAW
• Mat on iPhone 3G rolling worldwide, Russia coming soon
• Maxintech on Terminal Tip: Add scroll arrows to both ends of scroll bar
• Gabriel on iPhone 3G rolling worldwide, Russia coming soon

More Apple Analysis

• AAPL on BloggingStocks The Apple category feed from BloggingStocks.com
• AAPL Quote, News & Summary The AAPL financials page from AOL Money and Finance
• iPhone analysis from BloggingStocks iPhone tag feed from BloggingStocks
• Macintosh news and reviews on Download Squad The Macintosh category feed from Download Squad

More from AOL Money and Finance

• Stock Screener
• Stock Quotes
• DJIA
• AMT
• Auto Loans
• Banking
• Car Insurance
• Checking Account
• Credit Cards
• Credit Reports
• Deals Deals
• Debt Management
• Dow Jones Industrial Average
• Earnings
• GOOG
• Health Insurance
• Home Insurance
• Identity Theft
• Income Tax Basics
• Insurance
• Life Insurance
• Loans
• Money
• Mortgages
• Personal Loans
• Recession
• Refinancing
• Retirement
• Savings Account
• Small Business
• Stock Charts
• Stock Ticker
• Taxes
• Tech News

More on AOL: Money, Investing, Bonds, Broker Center, Currency, ETF Center, Futures, International Markets, Mutual Fund Center, Stock Charts, Stock Quotes, Stock Screener, Portfolios, Personal Finance, Personal Loans, Finance Calculators, Money Basics, Retirement, Taxes, Market News, Small Business

All contents copyright © 2003-2008, Weblogs, Inc. All rights reserved

The Unofficial Apple Weblog (TUAW) is a member of the Weblogs, Inc. Network. Privacy Policy, Terms of Service, Notify AOL