Do you have additional comments about Apple's file protection functionality?
You must be logged in to the O'Reilly Network to post a talkback.

Showing messages 1 through 84 of 84.

• VileFault and heavy use of memory and harddisk
  2007-02-08 01:52:27  Waldo3D [Reply | View]
  
  
  Hi!
  
  Hi there!
  Last week I’ve got a break-in and they stole my laptop. A bloody shame!
  So after searching and surfing the net about info regarding password-protection I’ve found this excellent article. Thank you for that!!!
  
  Since my stolen laptop was only protected with a user-login, I’m thinking to use FileVault since there are no work-arounds for accessing the harddisc.
  
  I’m creating lots of 3D stuff on my new ProBook and push the cpu and harddisc to the limits while renderings animation and so.
  
  Question 1: can I build my stuff and renders outside the homemap and copy them after finishing to the (secured) homemap so then and only then FileVault come in to action? (or do I misinterpretate here)
  And before shutting down my laptop I could use the ‘Secure Empty Trash’ to permanent delete the file on the unprotected area of my HD.
  
  Question 2: I’m already working on my ProBook. All my work is in the user-map. Can I use Filevault without reformatting and reinstalling and copy my stuff to a back-up and so?
  
  Thanks in advice for the reply! And again thank you very much for your excellent article!!!
  
  Waldo
  
• VileFault and heavy use of memory and harddisk
  2007-02-08 03:22:26  FJ de Kermadec | [Reply | View]
  
  
  Waldo,
  
  I'm very sorry to hear about the theft. I hope you will be able to get your computer back!
  
  I am glad the article was of help! FileVault essentially turns your "Home" directory into a "safe zone" that is encrypted on disk. As such, you are free to place any files you wish on an external drive or on a non-encrypted location of your internal drive (pretty much anywhere, in fact) while you work on them, then copy them back into the vault like you would do any other file. You are right in remembering to use the Securely Empty Trash command to delete the file from the non-vaulted location as a simple Empty Trash would defeat the purpose.
  
  You can definitely enable FileVault at any point you wish, provided you have ample free space on your drive – at least as much free space as your home folder occupies space on the drive plus a "good deal" (to your discretion) of padding. Note however that some stray files may remain on the drive.
  
  The safest procedure would be to:
  
  1. Backup all your files
  2. Boot from the Mac OS X install DVD
  3. Secure Erase your hard drive (7 Pass probably)
  4. Partition the drive, install Mac OS X as usual skipping the migration assistant
  5. Enable encrypted memory and FileVault using the secure delete option
  6. Update Mac OS X
  7. Install and update your apps
  8. Only then migrate your data back
  
  A lot of work indeed… Then, peace of mind is priceless!
  
  Hope this helps,
  FJ
• VileFault and heavy use of memory and harddisk
  2007-02-08 05:03:16  Waldo3D [Reply | View]
  
  
  Also, help from guys like you is priceless! Thx again for the input!

• FileVault hard drive failure?
  2007-02-02 13:39:24  Jeep2000 [Reply | View]
  
  
  This is the best article I've seen on FileVault after spending hours researching. Thanks for a great resource!
  I have never used encryption and am investigating this for the first time. One thing I'm not clear on is the ramifications of a hard drive failure when a user had FileVault enabled. IF their only backup was one of the FileVault sparseimage, would there be any way to restore the sparseimage on a new drive, setup FileVault on the newly-installed OS and unencrypt the data? Or is this why it is recommended to back up the files unencrypted in another location?
• FileVault hard drive failure?
  2007-02-03 07:37:16  FJ de Kermadec | [Reply | View]
  
  
  Jeep2000,
  
  Thank you for your kind words! I am glad and honored you found the article of interest!
  
  A FileVault sparseimage is basically a disk image that you can mount on any old Mac with Disk Utility. In that light, a copy of a sparseimage constitutes a reliable encrypted backup. A drive failure on an encrypted Home Folder would probably leave the virtual volume that is the "Vault" in an unstable, unusable state, making keeping good backups of any encrypted files extremely important.
  
  The only drawback to backing up the encrypted images is that they are susceptible to corruption, a phenomenon which can sometimes lead encrypted volumes to stop mounting, with no apparent cause or reason. Unencrypted data is obviously a lot less fragile to such problems. The decision is, in the end, yours and will depend on how much protection your data needs from indiscreet eyes.
  
  I hope this helps,
  FJ

• Filevault API?
  2006-12-02 05:49:08  sumeetpannu [Reply | View]
  
  
  Thanks for the article FJ. Do you know of any API that is available for FV? I am thinking about an application that authenticates your mac to a 3rd party directory (NDS? AD?) and when an admin changes your password or the user does, how does one get that info over to FV?
  
  Thanks.
• Filevault API?
  2006-12-02 15:01:23  FJ de Kermadec | [Reply | View]
  
  
  sumeetpannu,
  
  Thanks for your kind words! I am not aware of any such API unfortunately, although FileVault does integrate with the Mac OS X Keychain and Authentication Framework: maybe there is something to investigate there…
  
  Cheers,
  FJ

• How to turn off FireVault
  2006-06-05 01:19:06  Wolf175 [Reply | View]
  
  
  I used FireVault for a few weeks, but do not know, how to turn it off, when I travel and need to transfer my e-mail to a Hotmail-account, which I can open anywhere.
  When I try to "turn off FireVault", I receive the following information: "There isn't enough space on your hard disk to turn off FireVault. Turning off Fire Vault requires an additional 4082.0 GB (!) of free disk space to create an unencrypted copy of the home folder...."
  My iMac has a capacity of 70 GB, of which I use 53, leaving 17 GB available.
• How to turn off FireVault
  2006-06-05 04:29:32  FJ de Kermadec | [Reply | View]
  
  
  Wolf175,
  
  Thanks for taking the time to write. I am not entirely sure why FileVault makes it impossible for you to access your email. Indeed, should the email be stored on an IMAP server, you should be able to access it from any machine. Should it be on a POP account, transferring it to Hotmail should not require that you disable FileVault.
  
  Nevertheless, the answer to your question on how to disable FileVault here is quite straightforward: since your iMac needs to make an unencrypted copy of your home folder before deleting the FileVault sparse image, it will need as much free space on your hard drive as your Home folder currently occupies. Hence, if your home folder takes 30 or so GB (a wild guess given your entire system uses 53 GB), you will need 30+ GB free on the drive.
  
  It therefore seems you will need to delete files from either within your vault to shrink it or outside to free space on your drive. Then, your iMac will have enough free space to perform its copy operation and, hence, disable FileVault smoothly.
  
  I hope this answers your question,
  FJ
• How to turn off FireVault
  2006-06-06 23:45:22  Wolf175 [Reply | View]
  
  
  Dear FJ
  Thank you so much for taking the time to answer! I am glad, I still found your site in the internet, because in the meantime my iMac collapsed and I lost - amongst many other things - all my bookmarks.
  If I am not mistaken, my iMac has to open each day (during my trips abroad) for a few minutes in order to receive my mail from my POP-account and forward it to my Hotmail-account, where I can read it in hotels etc. In order to open the computer with the FireVault-protection working, I had to type in my password ...
  That is, why I wanted to disable it.
  After reading your letter, I decided to disregard that erroneous message about having to delete over 4000 GBs (I thought, machines make no mistakes ...) and simply threw out all my music. That helped. I could disable the FireVault.
  But then I tried to install and use TECHTOOL PRO Version 4 in order to defragmentize my HD. - That was more, than my iMac could take. I could not start it again and had to re-install the system (which solved the fragmentization ;-).
  After the nervous breakdown of my iMac, I decided, that it is simpler for him/her, if I take out any information, that should not be read by intruders.
  Thanks and Cheers! Wolf175
  
• How to turn off FileVault
  2006-06-07 12:28:33  FJ de Kermadec | [Reply | View]
  
  
  Wolf175,
  
  You are most welcome, it is always a pleasure to hear from my readers!
  
  I see… Yes, you would indeed need your Mac to log in automatically so as to forward messages from the client side. Most email providers however offer the ability to automatically "forward" messages you receive to another address — a feature usually available through an account control panel of some sort. This would allow you to deflect messages from your POP account to your Hotmail address without the need for your Mac to get involved in the process.
  
  Cheers,
  FJ

• The paradoxes in the article
  2005-04-26 19:23:21  josh2059 [Reply | View]
  
  
  You said under "The Competition" the following:
  "The strength of FileVault lies in the fact that it is fully integrated into Mac OS X, at the lowest level: the operating system itself takes care of performing the tasks on the fly, without relying upon add-ons."
  
  You go on to say under "Threats Against Which FileVault Cannot Protect You,"
  
  "However, it is important to keep in mind that, as soon as you log in, Mac OS X decrypts the data so that you and your applications can access it. Therefore, once you are logged in, a hacker or a virus can steal information as easily as when it is not encrypted."
  
  This is almost a direct contradiction. If the encryption/decryption is done on the fly the data sits there in its encrypted form and when a user opens it, the data is decrypted. However, your second statement makes it seem like the entire image is decrypted and then mounted. This means when a user opens a file for editing, he's editing a plaintext file which will be decrypted and added to the image when he logs out (thus not being on the fly). So, which is it?
  I have been looking extensively through the MAC OS X kernel and I have not found anything about FileVault in the kernel. I also looked on a MAC which wasn't using filevault to see if any new modules had been loaded and none had. Also, I cannot find any mention of FileVault in the modules that are loaded.
  I suspect FileVault exists entirely in user space. This means it decrypts the image, mounts it as usually you would, and then waits. When the user logs out, the image is subsequently unmounted and repackaged (re-encrypted). I'd appreciate any clarifications/contradictions you guys might have.
  
  Thanks,
  Josh
  
  
• The paradoxes in the article
  2005-04-27 00:45:38  FJ de Kermadec | [Reply | View]
  
  
  Hi!
  
  First of all, thank you very much for taking the time to write, I really do appreciate it! :^)
  
  The encryption does happen on-the-fly as the file is never stored outside of the FileVault itself, much like if you were to create your own encrypted image and save a document immediately inside of it as you are working on it. Should the computer crash or be force-rebooted in any way, there would be no trace of the file outside of the vault, even without a proper shutdown procedure — that is, provided that the application you are using does not store caches in strange, non-standard places.
  
  However, you are entirely right about FileVault existing in the user space: the FileVault image is mounted as a whole and, as you are logged in, any application running with your privileges or the system privileges can access your files as if they were unencrypted — which is necessary for the system to function normally.
  
  Both aspects of FileVault aren't in contradiction but it is true that it might seem surprising at first.
  
  I hope this answers your question and remain at your disposition to provide you with any additional information you may deem useful.
  
  Truly yours,
  FJ

• User folder free space is different from drive free space
  2005-02-22 07:54:46  hunterhicks [Reply | View]
  
  
  Howdy all, used Carbon Copy Cloner to supersize my drive (CCC duplicates your drive to another one, keeping all your settings and such.) All went well. As a filevault user, I set up another admin account without FV, and CCC'd the drive from that account while logged out of my FV account . All good.
  But.
  Now when I am in my normal home folder, it still thinks it is on the small drive (reporting 4 gig free) and anywhere else on the disk it reports the correct 44 gig free. That's crazy! Anyone know how to tell the filevault account to 'update' and check for free space?
  The other users (non FV) show the correct amount of free space.
  Weird, huh?
  I would think there is some pref file, some command line utility, etc. to make the image adjust itself. Normally, it has to adjust itself every time you delete something outside (and inside) of the FileVault'd folder. There must be a way to "tickle" it to get it to evaluate the space situation.
  Here is what I have done trying to get it to fix itself:
  I just updated to 10.3.8 hoping that would trigger it, I repaired permissions, I used diskutil on the sparse image from a different account, and I threw some stuff out and let it 'reclaim space' when you log out- all with no good news.
  
  Ideas?
  Thanks!
  Hunter

• Do I've lost my home?
  2005-01-28 03:24:02  >>-LuKe--> [Reply | View]
  
  
  I've FileVault protected home directory and I've shutoff regulary, but when I reboot my home there isn't.
  Disk utility get an error -9972 when I attempt to open manually my sparseimage home file.
  There's a possibility to recover all or part of data?
  And if there is, how can I proceed?
  
  Thank
• Uh Oh...
  2005-01-29 10:51:44  FJ de Kermadec | [Reply | View]
  
  
  Hi!
  
  First of all, thank you very much for taking the time to post! :^)
  
  Ooops, that's an interesting situation indeed — and not in an especially good way… The first thing to do would be to try to proceed methodically by transferring the closed .sparseimage file on a known-good system and trying to mount it there.
  
  Alternatively, you can try following these steps:
  http://docs.info.apple.com/article.html?artnum=25695
  
  Let me know if this helps!
  
  Truly yours,
  FJ
• *#@/§^
  2005-02-01 00:58:01  >>-LuKe--> [Reply | View]
  
  
  Hi FJ, thank you very much for your help.
  Unfortunately there's nothing to do.
  I've attempt to open the .sparseimage file (35,4Gb!) on other Mac with Disk Utility but it get a -9972 error (missing document in the catalog for extent)!!!
  I've also try to repair manually by creating a new account with the same caracters of the original, then compared the start of two .sparseimage files with Disk Editor, but... nothing.
  I think that the file is definitively lost.
  What do you think?
  The last is try to decript the file in the CIA computers!!! :-(
  Thank, bye.
• *#@/§^
  2005-02-01 01:19:19  FJ de Kermadec | [Reply | View]
  
  
  Hi again!
  
  Should Disk Utility be unable to access the file in the procedure outlined by Apple in the KB document, there are indeed chances that the file is lost...
  
  What would be interesting though would be to try to see what could have caused such corruption in order to avoid it in the future. Some always-running disk utilities or "optimization" applications, for example, can lead to such problems...
  
  FJ
• In the future...
  2005-02-02 00:45:29  >>-LuKe--> [Reply | View]
  
  
  In the Apple forums writing that the operation that use hard disk massively, can cause crash of the encripted file!
  And FileVault activation are promote by Apple only for job or activities like store sensible data, nothing all.
  I take care my Mac running Norton Disk Doctor some time, but some people says that its not pretty good, and would be preferred other utilities like TechToolPro or DiskWarrior.
  Yes, it would be interesting to know the cause of corruption, but I think that is a mix of its.
  See you, bye.
  
  LuKe
  

• system crashed and lost evrything..
  2004-05-08 06:16:41  dieri [Reply | View]
  
  
  Any tips on how I restore my ibook?
  The system crashed and when I rebooted, everything was lost, all my photos, preferences, everything...
  Who was it that said filevault was safe to turn on?
  Any ideas?
• system crashed and lost evrything..
  2004-05-08 08:44:57  françois josephde kermadec [Reply | View]
  
  
  Hi !
  
  While it is difficult to know what may have happened on your installation without more specific details, you may want to boot your computer from an external drive or use it into FireWire Target Disk Mode -- this is not a requirement but will make the following step easier.
  
  Then, locate a file called "[username].sparseimage" -- the one we are talking about in the article. While booted from the hard drive, it will be normally hidden but can nevertheless be located easily.
  
  Finally, try double-clicking on its icon to open it, like any other password-protected disk image.
  
  Let me know if this helps !
  
  F.J.
• system crashed and lost evrything..
  2004-05-09 15:40:01  dieri [Reply | View]
  
  
  Hi Francois,
  
  Thanks for the tip, I don't have a firewire cable for TDM but i found the file with the finder and clicked it anyway..When I did I got the "no mountable" error..mentioned in a few other posts on this subject..
  
  We've also done this ..
  hdid -stdinpass /Users/username/username.sparseimage
  
  but nothing...
  
  All and any tips gratefully accepted...
  
• system crashed and lost evrything..
  2004-05-11 19:28:07  buzzdwyer [Reply | View]
  
  
  hi,
  i have the proplem with filevault and i have tryed the same things you have said here,,,
  did you find a way to restore your home folder?
  any info would be great.
  buzz
• system crashed and lost everything..
  2004-05-19 14:45:12  dieri [Reply | View]
  
  
  No.
  Looks like I'll have to do a copy in case some one works out how to fix the problem.
  Probably do a complete reinstall and never turn on filevault again.
  

• Terrible disk performance with FileVault
  2004-03-24 17:57:48  kylebarrow [Reply | View]
  
  

  Some actual before and after benchmark numbers (Xbench) for a typical FileVault candidate:

  
  
  

  12 inch PowerBook G4 benchmarks before and after FileVault

  
  
  

  Not much change in CPU overhead but disk performance is truly nasty. Apple really needs to offer selective encryption of home contents in future versions of FileVault.

  
  
  

• Preference OOPS!
  2004-03-13 04:11:01  davyd [Reply | View]
  
  
  By way of background..I turned file vault on when i had OSX 10.3 on my powerbook 15", little did I know of its problems...(which I thought were restricted to iBooks). Anyway I didnt have any problem, but then recently I upgraded to 10.3.2 and I clicked the recover space function when it prompted me recently and after that I lost all my preferences for OSX!
  
  Not too drastic really but just annoying.. it did get me to wonder if there were other problems with fileVault and only then did I discover this article!
  
  My question for you guys what should I do? Should I turn off FV and then turn it back on? Would this give FV a fresh start using 10.3.2??
  
  Any ideas what I should do?
  
  cheers
• Preference OOPS!
  2004-03-13 11:22:24  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  Don't worry, FileVault is perfectly stable and reliable and you really shouldn't experience any more issues ! I heavily rely on it myself (for testing and support purposes) and never encountered problems. :-)
  
  Turning FileVault off and on again will force Mac OS X to create a new encrypted image, therefore solving any directory problems on it. However, for added security, I would recommend that you backup your data first and run a disk and permissions repair by using the Disk Utility between the two steps -- boot from the Mac OS X Install CD to repair the disk and from your hard drive to repair the permissions.
  
  Also, you may want to make sure that you have plenty of empty space left on your hard drive : at least slightly more than the size of your unencrypted home.
  
  Let me know if this helps !
  
  F.J.

• OS 10 stable? What a joke.
  2004-01-28 15:34:14  acornhusk@yahoo.com [Reply | View]
  
  
  When it comes to productivity, yes OS 10 all the way.
  but to say it is stable is an out right lie.
  
  I've used a PB12 867Mhz w/ 640MB & PB12 1Ghz w/ 768MB, OS 10.2.8 & OS 10.3.2 respectively. I get occasional crashes stemming from what I suspect is coming from switching between external monitor@work & lcd elsewhere.
  
  Also some programs act up and require that I at the very least log out to get it running again. Or worst case scenerio reboot the computer.
  
  As for for the integrity of FV. I don't know. I did a clean install and patched to 10.3.2 before enabling filevault and restoring my stuff into my home directory. I am noticing some settings getting reset to default (ie the desktop icon in the sidebar keeps popping back up occasionally ... maybe it has something to do w/ the security patches. Bluetooth also gets turned on after a rebooth sometimes. Makes me suspicious if it has something to do w/ the resizing of FV.
  
  I guess I have to use fast user switching and create a "work" account w/o filevault.
  
  OT I thought that logoff scripts are not working yet. I heard the infrastructure is there in library/starupitem but its not implemented.
• Mac OS X is stable
  2004-01-29 00:34:18  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  Would you encounter such issues with Mac OS X, chances are that one of your applications or drivers is interfering with it and therefore, slightly damages your installation over time.
  
  You may want to be especially careful about disk utilities and "always on" drivers.
  
  F.J.

• FileVault and Journaled FS...
  2004-01-15 09:00:27  anonymous2 [Reply | View]
  
  
  Hi! A great article about FileVault!
  
  But I am wondering if the following could be potential problem...
  
  AFAIK, journaled HFS+ is the default filesystem for Panther. FileVault works by creating a loopback block device (the *.sparseimage file) and FileVault / Disk Utility will also format the block device as journaled HFS+.
  
  Now we have a situation of a journalled FS running on top of another journalled FS. I _suspect_ this will lead to:
  1. performance penality, and/or, worse,
  2. possible deadlock in the kernel.
  
  Is it something to worry about? Should users turn journalling off when mounting the sparseimage?
  
  - Jay
• FileVault and Journaled FS...
  2004-01-15 09:05:57  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  Thanks for the kind words, I really do appreciate them !
  
  I do not think that there is anything to worry about. Indeed, file system journaling is handled by Mac OS X in a very efficient way and should not have any performance or stability impact on your installation.
  
  F.J.

• a word of warning
  2003-12-29 07:18:14  anonymous2 [Reply | View]
  
  
  FYI to those who are considering playing with FileVault: if you have a large home directory (I admit maybe a little too large) and not too much free space DON'T TURN ON FILEVAULT (unless you are positive you want to use it). I turned on FileVault a few days ago and decided it was nice, but I didn't really need it. However, I quickly discovered that to turn FileVault off you must have enough free space to create a duplicate home directory. While this isn't irreverisble it is more than a little annoying.
  
  As for me... I need to give some serious thought to what I keep in the the home directory.
  
  j.l.

• Auto-expanding disk image?
  2003-12-22 12:28:34  anonymous2 [Reply | View]
  
  
  I just tried using Disk Utility to make a sparse disk image but it doesn't automatically resize when it runs out of space. Is it possible to make an image that has this feature without using FileVault? I don't want to encrypt my entire home directory, but I do have some stuff I want encrypted and I don't like having to guess at how much space I'll need.
• Auto-expanding disk image?
  2003-12-26 04:34:14  anonymous2 [Reply | View]
  
  
  Regardless of how big you define them, sparse disk images only occupy as much room as is used. I just created a 10GB secure image to play with, and after formatting the image occupies 34MB initially.
  
  The reason you still have to specify an image size is that the structure of a disk's file system is dependant on the disk's size. Hence the image you make isn't actually "growing", rather the contents of the unused space is not saved on the host drive.

• FileVault
  2003-12-22 09:17:12  ddp [Reply | View]
  
  
  Very informative article. Helped me gain a much better understanding of FileVaults purpose and implementation. This allows me to more intelligently advise clients on when and when not to use it.
• FileVault
  2003-12-22 09:22:53  FJ de Kermadec | [Reply | View]
  
  
  Thank you for the kind words, I really do appreciate them !
  
  F.J.

• Forced Restarts
  2003-12-21 13:30:51  anonymous2 [Reply | View]
  
  
  Re: File Vault being senstive to forced restarts
  
  Gakk!!! MacOS X is not that stable. Wish it were true but it ain't so. I would _never_ turn on FileVault due to this problem alone. Sensitive information I encrypt myself. 99.999% of my information does not need encryption and I don't personally like the trend toward having the system handle everything. I like still thinking for myself. :)
  
  -Walter
  
  http://www.bltoner.com -- iron-on heat transfer toners for t-shirts on laser printers
• Re: Forced Restarts
  2003-12-22 12:18:38  anonymous2 [Reply | View]
  
  
  HFS+ is a journalled filesystem, so forced restarts are not such a big problem. What does a journalled filesystem do? It essentially ensures that any change made to the filesystem is "atomic", which means that it either entirely completes or does not happen at all. If you force-restart while the disk is in the middle of an operation then the next time the computer starts up it will look at the filesystem's journal and detect that an incomplete operation occurred. It will then undo the incomplete change. (Note that this is how a journalled filesystem *could* work in principle, not how HFS+ actually works AFAIK.)
  
  In other words, it's much harder to corrupt a journalled filesystem even if you force-restart or lose power.
  
• Forced Restarts
  2003-12-22 08:43:06  anonymous2 [Reply | View]
  
  
  I've been using FileVault since 10.3.1 and have suffered at least half a dozen forced restarts due to the iPod getting funky. My home folder is more than 10GB in size and nothing bad has happened to the encrypted home folder.
  
  As I side note, I reformatted the iPod and everything is fine as ever.
  
  David
• Forced Restarts
  2003-12-21 13:36:08  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  I am sorry to hear that you are experiencing issues with Mac OS X. Indeed, you should be able to enjoy a rock-solid installation !
  
  May I suggest that you have a look at the installation instructions I posted on the forums ? Clean-installing Panther and making sure that you do not use any incompatible third-party applications ( be especially careful about disk utilities ) should allow you to unleash the full potential of Mac OS X.
  
  F.J.
• Forced Restarts
  2003-12-21 14:04:24  anonymous2 [Reply | View]
  
  
  I've clean installed every single version of the MacOS since 1.0. I'm an IT geek. :) I know how to get that part right so that is not the issue.
  
  Unfortunately Apple occasionally has problems in their own software (egads, bugs on the Mac OS???) (inserting PCMCIA memory cards in a PowerBook can cause lockups in certain circumstances if the Finder is in the background on a clean system under MacOS X 10.2.6 - old news).
  
  Plus we have to live with Third-Party apps that screw up - Apple doesn't provide everything. Part of the whole point of MacOS X was it was supposed to provide a safe environment to catch those before they took down the rest of the system.
  
  The end result is MacOS X still crashes from time to time. If this crashing is going to produce problems with File Vault then that is a big issue. Losing all your data is scary.
  
  Best to just encrypt by hand what really needs encrypting (not much) and then keep good backups (encrypted or not encrypted as your little heart desires).
  
  By the way, speaking of encryption and backups, be aware that if the vendor who makes the software that you are making backups with stops supporting that software or file format or they go belly up and it is in a proprietary format (even worse encrypted) then you are up the proverbial creek without even a canoe never mind a paddle. Think ShrinkWrap from Aladdin... Much like this File Vault situation.
• Forced Restarts
  2003-12-21 14:17:52  FJ de Kermadec | [Reply | View]
  
  
  Hi again !
  
  I am glad to hear that you are an experienced user :-)
  
  However, may I still suggest that you post on the Apple Discussions, call Apple or your usual support provider ? Indeed, you really should not experience issues.
  
  Its architecture allows it to be very resistant to faulty third-party applications. However, using such software in your workflow is not recommended either !
  
  Apple always does its absolute best to improve the quality of its products and welcomes your feedback. Would you think that you have located a bug, there are many feedback channels available. Also, would you have some coding experience, you can become an ADC member — membership is free.
  
  For your information, FileVault does not use a proprietary encryption system. More information may be found here : http://www.apple.com/macosx/features/filevault/
  
  F.J.
• Forced Restarts
  2004-01-28 14:36:10  mclaincausey [Reply | View]
  
  
  I never have kernel panics or forced restarts, and I'm using an old Yikes! G4 350MHz with only 480MB of RAM. I don't see how OS X could be regarded as "unstable." It is the most stable desktop OS on the market.
  
  Sure, you can find headless Unix boxes with uptimes of several months, but to have a desktop capable of that kind of stability is amazing. When he says OS X is "unstable" I can only think he's been unlucky and/or is comparing it to server OSes, which is unreasonable.
  
  Long live OS X!
  Mac
• Don't use 3rd Party Apps???
  2003-12-21 17:29:47  anonymous2 [Reply | View]
  
  
  F.J. wrote:
  > Its architecture allows it to be very resistant to faulty
  > third-party applications. However, using such software in
  > your workflow is not recommended either !
  
  That is an interesting statement. Are you seriously suggesting that users should only use Apple products on their Macs? What about Excel? Word? Photoshop? TurboTax? X-Plane? Are you aware that Apple specifically promotes the use of 3rd party applications on the Mac? They do encourage other people to develope for their hardware and software...
• Don't use 3rd Party Apps???
  2003-12-22 09:18:30  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  I am afraid you misunderstood my previous reply : sorry if I have been unclear.
  
  I just wanted to say that relying on *poorly-written* third-party applications in a workflow was to be avoided.
  
  Of course, there are millions of excellent third-party Mac OS X applications available that can be used safely ! I know that Apple does its absolute best to help developers and am always glad to see new applications coming to the Mac.
  
  F.J.

• the filevault disk image
  2003-12-20 23:27:33  anonymous2 [Reply | View]
  
  
  I recently turned on FileVault and it seems to have affected the way files are seen in the home directory. A script I had written to copy files from my home dir to a folder on an external hard drive no longer works. So now I am left without an easy daily backup solution. Is there a way around this?
• the filevault disk image
  2003-12-21 15:38:01  anonymous2 [Reply | View]
  
  
  Hello,
  
  As F.J. notes in his article, Filefault mounts a disk image for your home directory, this means that your home directory is not longer truly located at Users/username but is instead a volume mounted at that directory. You can see this using two accounts and fast user switching. Log into the account with Filevault on and switch to a second account, you will see a link in the Users folder for the account with FileVault. Then switch back and log out of the filevault account. Then from the second account, you will see a folder in the User's folder with the disk image in it.
  
  Even when looking at your own home directory, you don't see that there is this link there, your script is running into this unix link and does not know how to follow it. There are ways around this, but it is hard to give you answer without know more about your script. Please post at Apple's discussions if you would like assistance.
  
  -travis n
• the filevault disk image
  2003-12-21 13:32:11  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  The issue is most likely due to the change in the file-structure implied by FileVault. Indeed, paths to files may be slightly different for your script.
  
  Would your script have log options, you may want to have a look at its output.
  
  Also, the Apple Discussions feature a special UNIX forum where you will find many experienced UNIX scripters who can help you troubleshoot this issue.
  
  Let me know if this helps !
  
  F.J.
• the filevault disk image
  2003-12-21 21:05:21  anonymous2 [Reply | View]
  
  
  I should have been more specific. It's an Applescript, and the key line is "duplicate (folder BackupSource of startup disk) to (folder BackupFolder of disk BackupDisk)".
  
  I've also found that I can't just grab my home dir and copy it to a folder on another drive, it says something like: 'can't copy, you don't have permission for some of these items'.
• the filevault disk image
  2003-12-22 09:28:29  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  Your Home directory is at the center of your installation's filesystem and, therefore, Mac OS X prevents any potentially malicious application from moving it or tempering with it.
  
  However, there are ways to backup a whole Home folder quite easily.
  
  May I suggest, for example, that you have a look at applications like this one ?
  
  http://www.apple.com/downloads/macosx/system_disk_utilities/carboncopycloner.html
  
  Would you like to write your own script, you may want to use a shell script ( i.e. UNIX commands ). Indeed, since these scripts can be easily given additional privileges for a limited period of time, they will better interact with Mac OS X when it comes to working with essential system files.
  
  Would you be an experienced AppleScripter, keep in mind that shell script commands can be included in an AppleScript.
  
  Let me know if this helps !
  
  F.J.
• the filevault disk image
  2003-12-23 11:10:49  anonymous2 [Reply | View]
  
  
  Checked out CCC, looks cool, although may not be exactly what I need. I've found a number of 'panther broke my applescript' posts on the apple discussion boards, looks like some of those are morphing into 'filevault broke my applescripts' posts. Indeed, I have found that any applescript I've written which copies files from my filevaulted home folder is now broken with FV turned on.
• the filevault disk image
  2003-12-24 08:31:11  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  In my experience, AppleScript is a very powerful language that should allow you to perform the tasks you want — although FileVault may require you to change it slightly.
  
  You may want to take advantage of the latest "script editor" debugging tools to see at which point your script experiences issues.
  
  Many AppleScript "issues" are simply due to the fact that most users slightly changed their directory structure after upgrading their installation.
  
  Did you try posting on the Apple Discussions ?
  
  F.J.

• FileVault and sleep mode for Laptop Users ..
  2003-12-20 20:51:38  anonymous2 [Reply | View]
  
  
  Most laptop users do not logout. They just close their screens and put their computer into sleep mode. For these users, the protection layer is just their user passwords which unlocks the screen. This password I believe is less secure than the FileVault password no?
  
  Also, what about multiple users? Can a user who is logged in via ssh see the contents of the FileVault user?
  
  S.r.
  
• FileVault and sleep mode for Laptop Users ..
  2003-12-21 13:46:26  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  You can use FileVault in combination with the screen saver lock feature. However, it is true that using the screen saver lock does not log you out and, therefore, does not "close" the vault.
  
  Therefore, you should not rely on the screen saver to protect your computer over a long period of time — it is a convenient way to protect it when you are away from your keyboard for a few seconds but has not been designed to fulfill the same purpose than FileVault.
  
  FileVault does not change the normal Mac OS X permissions system and the usual permissions-related safeguards continue to work normally.
  
  Let me know if this helps !
  
  F.J.

• My good experience with FileVault
  2003-12-20 15:10:35  anonymous2 [Reply | View]
  
  
  I waited until Panther 10.3.1 came out before migrating my 30GB Home folder to FileVault. I moved my iTunes library outside of Home, but everything else stayed.
  
  To my surprise and delight, when next I ran a Retrospect incremental backup on my machine, all the files within the Home directory were interpreted correctly and only truly changed files were copied to the backup.
  
  (For the CD/DVD backup mentioned in the article I recommend Retrospect, and to use an "encrypted backup set" so you don't have to worry about the backup media falling into the wrong hands either.)
  
  I give FileVault 4.5 out of 5 arbitrary points.
  
  Bill McHargue

• Vault and the swapfile
  2003-12-20 10:05:43  anonymous2 [Reply | View]
  
  
  The truly paranoid in the Unix world :) worry about the virtual memory system that copies memory to disc when real memory runs out.
  
  I've always figured that File Vault doesn't address this question. Sure the original key-corporate document is encrypted, but if you edit it with Word, chances are that at least bits of it are copied in clear-text to the swap file.
  
  Is Apple looking to address this, for the truly paranoid :)
  
• Vault and the swapfile
  2004-01-11 12:14:16  anonymous2 [Reply | View]
  
  
  Now I don't recomend this to anyone really, but I when I sent a powermac g4 in for repairs, what I did, is I logged in as root, and used secure delete on the swap file. restarted the computer and let it recreate the swap file. Now this could be a VERY incorrect way of doing this. But it doesn't appear to have damaged my mac os x installtion. Do I do this often no, only once. But i don't think it would hurt if you were going to sell the computer, or send it in for repairs. Let me know if I am mistaken.
• Vault and the swapfile
  2003-12-21 14:50:37  tychay [Reply | View]
  
  
  There are free scripts around that will allow you to store your swap file on a separate drive (for instance, search for SwapRelocator). These are invariably written in shell script and just modify some of the quirky startup procedure behavior on the Mac.
  
  I'm sure you can modify it to mount a SPARSE AES-128 dmg (hdiutil mount <dmg file name>) and then use it as the swap file location. This should prevent anyone doing forensic attacks on the swap files.
  
  I have not tried this myself. Obviously, there will be a performance it if your Mac has been idle for a while. A lot of people forget that the Mac is a Unix underneath. More and more utils are getting command line equivalents (Thank God).
  
  Hope this helps,
  
  terry
• Vault and the swapfile
  2003-12-21 13:39:09  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  Would you worry about the contents of the swap file, you may want to write a script that automatically alters it on logout.
  
  However, for most users, it should not be an issue.
  
  Let me know if this helps !
  
  F.J.
• Vault and the swapfile
  2003-12-21 14:15:01  anonymous2 [Reply | View]
  
  
  what do you mean, 'automatically alters it on logout'?
  
  to me, if something is written to the disk in the clear, ever, you're hosed. when they break out the scanning tunneling electron microscope they're going to find the data.
  
  what good is strong cryptography if your data gets written in the clear in a swap file??
  
  an easy fix is for apple to provide the option of encrypting the swap files too. Most of my linux machines use encrypted swap partitions, using the same software I use in linux to encrypt my /home partition.
  
  To me, until they add encrypted swap, FileVault is pretty much useless, and is only good for wasting CPU time. I suppose it makes it a bit more difficult to get your data, but a serious attacker is going to go straight for the swap files.
• Vault and the swapfile
  2003-12-21 14:23:13  FJ de Kermadec | [Reply | View]
  
  
  Hi again !
  
  Mac OS X allows you to automatically run shell scripts at logout. Would you want to delete the swap files, put them into an encrypted folder or volume, a script can do this for you.
  
  Also, it would be necessary to determine how much data gets written into the swap files, when, under which conditions... More information about how Mac OS X handles memory and such files can be found on the ADC website.
  
  F.J.
• Vault and the swapfile
  2003-12-21 12:29:06  anonymous2 [Reply | View]
  
  
  I too worry about the swap file. that seems to me a glaring hole large enough to drive a truck through, unless the swap file is also encrypted.
• Vault and the swapfile
  2003-12-21 14:53:46  tychay [Reply | View]
  
  
  Hardly. Windows and Unix have this same "glaring hole". Most of what goes in the swapfile are idle system and application libraries.
  
  Take care,
  
  terry
• Vault and the swapfile
  2003-12-21 15:03:16  anonymous2 [Reply | View]
  
  
  in linux though, it's pretty using to use an encrypted swap partition.
• Vault and the swapfile
  2003-12-21 15:15:38  tychay [Reply | View]
  
  
  Huh?
  
  Swap files in Linux are stored in a special filesystem called "swap" which stripes the data across volumes. It is not encrypted.
  
  It can be made to be encrypted. I only know of one majordistribution that has this feature (Mandrake) and it isn't well known nor enabled-by-default. The reason is that Linux is mostly used in a server environment where it is hard to physically compromise the machine.
  
  There are a lot of "secure" distribution versions of popular distributions (Knoppix-MIB for instance) and software add ons (via init scripts) that can enable it. For the most part they work by doing what I suggested earlier with the minor difference that swapfiles in Darwin are files, not filesystems.
  
  They also can be made to encrypt or hold resident in RAM /tmp. Another nice feature.
  
  The best solution in the Darwin world is to port the secure swap features from OpenBSD.
  
  Take care,
  
  terry
• Vault and the swapfile
  2003-12-21 17:22:41  anonymous2 [Reply | View]
  
  
  check out http://loop-aes.sourceforge.net/
  
  using an encrypted swap partition in linux is a compile of a kernel module away. I've been using it for over a year. In the past I used it with redhat, now I use it with gentoo.
  
  
• Vault and the swapfile
  2003-12-21 17:41:38  anonymous2 [Reply | View]
  
  
  the stable gentoo kernel has a large crypto-API in it which I think can be used to encrypt swap also, I haven't checked yet

• FileVault
  2003-12-20 07:27:08  r_miller [Reply | View]
  
  
  I think FileVault is more suited for laptop security, although, it certainly works for desktops too. However, I think it is more of a deterrent to keep would be info thieves from stolen laptops. Maybe they just toss the laptop if they cannot get into it or possibly sell it on ebay. It keeps out the causal thief. Also, people should not associate this with Wi-Fi security as it has nothing to be with securing the airwaves.

• FileVault performance tax
  2003-12-20 05:05:20  anonymous2 [Reply | View]
  
  
  The author is a bit wrong about why FileVault has no perceivable performance impact. He claims that Mac OS X is fast enough to handle the encryption/decryption with out user notice. This is not true. It is precisely because Mac OS X is so *slow* that you don't notice the encryption/decryption overhead. A Mac OS X system call has an order of magnitude more overhead than a Linux system call for example. And since there is already so much overhead in a Mac OS X kernel operation, adding the additional encryption/decryption overhead is unoticeable.
• FileVault performance tax
  2003-12-21 17:22:15  anonymous2 [Reply | View]
  
  
  The problem is it is a tax all of the time. If it just happened when I expected it to slow down the system it wouldn't be so bad, I'd go out for coffee. *grin* But by taxing every little transaction it is like the Canadian VAT driving up the price and slowing down the whole economy. The fact is not everything needs the filevault protection but in most users cases they are going to not set it up properly. Sure they should put things like pictures, movies, music and non-sensitive data outside their home directory so it isn't in the filevault but then you are violating some of the whole concept of the user space. It is at cross purposes. Even worse is that the user's Library where lots of temp files, caches (e.g., Safari) and preferences are stored is inside the filevault. These files get lots of transactions and are heavily used. That's going to take a hit. I do not like it.
• FileVault performance tax
  2003-12-21 07:42:53  anonymous2 [Reply | View]
  
  
  This is a worthless post without a single fact. What do you mean by magnitude? Which system calls? And how is OSX so slow? Facts and benchmarks please to prove your point. Otherwise ignore this guy.
• FileVault performance tax
  2003-12-22 01:07:13  anonymous2 [Reply | View]
  
  
  OS X has an order of magnitude worse performance on basic operations. That means 10x slower than other operating systems on the same hardware (I only mentioned Linux earlier for a performance contrast; I in no way advocate Linux over Mac OS; kernel performance is only one factor in the worth of a system). Doing benchmarks for basic kernel ops is simple. For example, to determine system call overhead, execute getpid() 10 million times, count the number of cycles for all calls and divide by 10 million (understand that you include some libc overhead in this number too, but if you are smart you can avoid that). Repeat for Linux. You'll see what I mean. If you want to know why the difference is 10x, look at the implementations in the two kernels. Once is focused on performance. The other does everything wrong for performance. But if an application spends only 5% of its time executing system calls, it doesn't matter, right? Not so fast ... the OS X kernel has large TLB and cache foot prints which affect all applications.
  
  And back to the encryption overhead. It is simple math. If the kernel were very fast, you would have to notice encryption overhead. It can only be unnoticeable when the overhead is dwarfed by other factors.
  
  I'm not going to publish benchmark numbers for Mac OS X. I'm not one of the many Mac people who try to earn fame by showing how poorly Apple implemented something. Thus why I remain anonymous. I'll publish something if I have an improvement to report (like how to fix the problems, and the performance benefit of the improvement).
  
• FileVault performance tax
  2008-07-21 15:50:00  softweyr [Reply | View]
  
  
  I know this is age-old, but I want to reply just in case somebody else trips across this drivel. The Linux kernel guys long ago decided to "micro-optimize" certain trivial Linux system calls, including getpid(), so getpid() is no longer useful as a kernel micro benchmark on Linux. The first time you call getpid(), it does the syscall and retrieves the actual pid, every time after this it uses a cached copy of the pid. This makes getpid() useless as a microbenchmark to compare Linux to any other system, and was a waste of time for real applications which are unliked to spin on getpid(), but an indication of the Linux mindset in optimizing silly things that don't matter.
• FileVault performance tax
  2003-12-20 07:20:37  FJ de Kermadec | [Reply | View]
  
  
  Hi !
  
  First of all, thank you for your feedback !
  
  I am afraid that you read a part of the article somewhat too quickly. Indeed, I wrote that FileVault does not lead to a noticeable slowdown in a real-world business environment. Users who rely on resource-intensive video or audio applications, should take extra steps, as stated.
  
  I am afraid that your perception of the speed of Mac OS X does not reflect its real performance. Indeed, many studies have shown that its UNIX core is very fast ! You will find numerous links to such reports on the Apple site as well as on independent third-party publications.
  
  Mac OS X or its UNIX base alone, Darwin, are now used my many research labs to perform some advanced calculations that require stability and speed, as well as by some of the leading computer animation companies that require a OS and hardware capable of performing intense calculations.
  
  Again, thanks for your feedback.
  
  F.J.
• FileVault performance tax
  2003-12-20 07:14:57  anonymous2 [Reply | View]
  
  
  would all that overhead in the kernal be the same that let's OSX run all sorts of business and creative apps that linux people would droll over?
  
  Sorry. just trying to keep things in perspective here. I just am remembering linus's crying about how apple "monolithic (or was it the other type of kernal) was "crap". Ummm linus, linux is good for a server and that's about it unless you are a übergeek that just likes to fiddle. What good is a leaner kernal to normal users if it doesn't run the apps they want or need?
  
  Bck on topic. I've used FV on my dual 2gig g5. I would agreee with the author. if you do "business" type work. then use it. If you do "creative" type work you may not want to.
  
  i've heard of improvments in 10.3.1 and 10.3.2 and i only have experience with 10.3
  
  
• FileVault performance tax
  2003-12-21 15:03:51  tychay [Reply | View]
  
  
  It's the other way around. NT and Darwin have a microkernel and Linux has a monolithic. Not too sure if it is a big issue anymore since many of the advantages of a ukernel have been incorporated in Linux, very few things take advantage of the inherent advantages of a ukernel ("Classic" old Windows compatibility), and the slowdown of a ukernel vs. a monolithic gets marginalized as applications get more complex. (Certainly not an "order of magnitude" like the original flamebait claims.)
  
  Honestly, if Darwin were so slow, then why is the #3 fastest supercomputer using it? Certainly there are Linux drivers for the G5 now--heck, 64-bit support is now standard in kernel 2.6.
  
  BTW, Linux is far good for more than just a server. It makes the core of many excellent operating system distributions. It is an excellent and rapidly improving embeddable operating system (in fact, I think it will overtake WindowsCE at the rate its going). It now has even hooks for the beginnings of a serious real-time operating system.
• FileVault performance tax
  2003-12-26 21:19:45  anonymous2 [Reply | View]
  
  
  I can't comment on NT but the original CMU and OSF Mach are ukernels, Apple xnu is not in the true sense. The FreeBSD "server" is not a real Mach server but bolts directly onto Apple's own variant of Mach so there is really no major slowdown there. Nevertheless, there is some overhead with making BSD system calls. Depending on what you want to do, task_self() might be more appropriate than getpid(). I'm also not sure how you actually timed the system calls. FYI, there are no release-quality kernels that will leave you with a working G5 Linux system, there is no accelerated OpenGL on NVIDIA cards and ppc64 64-bit Linux is not in any sense standard in kernel 2.6. Linux probably makes a poor choice if you want to do anything serious on your (Apple) ppc. As for the TLB overhead etc. pick up a good book on computer architecture and the ppc user manuals: the code for managing the TLB is very standard (read: same) across any operating system that will run on the ppc.

• Secure User
  2003-12-19 18:02:38  anonymous2 [Reply | View]
  
  
  Most of what's on most people's drives doesn't really need to be secure. My advice is to make a second "user" on your computer with File Vault turned on. With "fast user switching" in OS 10.3.x you can easily switch between the secure and the "unsecure" users. If you only have a few files to secure then I suggest making an AES encrypted disk image which you can mount from within your user account. You can even make a SPARSE image from the disk utility. There is usually no need to secure your entire user folder, unless you are particularly paranoid.
• Secure User
  2003-12-28 15:33:28  anonymous2 [Reply | View]
  
  
  This is what I'd adopt as well however I'd like the Mail of my primary account to be encrypted. That and my documents folder are truely the sensative parts of my harddrive. I really don't care or need encrypted iPhoto or iTunes folders and Apple should consider an option to disable these somehow. In my case it makes a dramatic difference in the size of my Home folder. As well as another Images directory that I have.

• FileVault for Windows ?
  2003-12-19 17:42:17  anonymous2 [Reply | View]
  
  
  Do you know FileVault alternative for Windows ?
  
  I used E4M (Encryption for the masses) but it's a little old and I never found an open and recent alternative.
• FileVault for Windows ?
  2004-02-01 17:43:20  lcpguy [Reply | View]
  
  
  Yes! Even better!!!
  
  DiskCRYPT from www.securstar.com.
  
  It can allow you to use up to 4 passwords for the really paranoid. Instead of AES 128, one of its options is AES 256, plus many more to choose from. It will encrypt the entire disk or just allow you to create virtual disks, ala Apple's disk images. Fantastic product and totally stable. I think it sells for around $79.00 US.
  
  John
• FileVault for Windows ?
  2003-12-23 15:31:11  anonymous2 [Reply | View]
  
  
  i use pgp disks. mount them off a directory or as a drive letter. works like a charm. just dont loose your php keys!
  
  you can also add multiple pgp users to a disk for shared secure images, etc.