OSX & FileVault Security Question...
If your home directory is protected by FireVault, it's supposed to be safe, right... FireVault automatically unlocks your home directory when you log in, and locks it when you log out, right? Beyond what I mentioned above, I have no idea how FireVault works so that's why I'm asking. So here's my question:
If your computer is on, your logged in, all of a sudden the power goes out. The next time power is restored to the system, is your home directory relocked at boot, or is it safe even before that? What if someone removes the HD from your computer (after a power outage) and tries to access your home directory using another computer (using your disk as an external disk on their computer)? Is the "sparcefile" still locked? Or is it accessible?
I leave my computer on almost 24/7 and am curious about this. Home wiring here in Japan SUCKS! I blow the circuit breaker in my apt all the time.
If your computer is on, your logged in, all of a sudden the power goes out. The next time power is restored to the system, is your home directory relocked at boot, or is it safe even before that? What if someone removes the HD from your computer (after a power outage) and tries to access your home directory using another computer (using your disk as an external disk on their computer)? Is the "sparcefile" still locked? Or is it accessible?
I leave my computer on almost 24/7 and am curious about this. Home wiring here in Japan SUCKS! I blow the circuit breaker in my apt all the time.
Comments
And it doesn't encrypt and decrypt your entire home folder when you log in and out, that would take huge amounts of time. It encrypts and decrypts "on the fly" so any file that is opened or removed/closed or added to your directory is encrypted or decrypted. So in short, no worries.
If you don't mind my asking, why do you need that much security anyway? Doin a little government work?
I got bored at work and my mind started wandering
Originally posted by DMBand0026
You should be safe, because even if your power went out and someone grabbed your HD if they put it another machine the encryption would be in effect when the drive became powered again.
And it doesn't encrypt and decrypt your entire home folder when you log in and out, that would take huge amounts of time. It encrypts and decrypts "on the fly" so any file that is opened or removed/closed or added to your directory is encrypted or decrypted. So in short, no worries.
If you don't mind my asking, why do you need that much security anyway? Doin a little government work?
You can see what I mean by doing it yourself, first notice how much "free space" is on the computer according to the finder (say 17.0 gb free). Then when you delete a .8gb file and empty the trash can, the finder still says 17.0gb free. But, when you restart and have the computer clear up space the next time you check there will be 17.8gb free. Unencrypting the space basically.
Used it for about 5 months now on my powerbook, nothing bad happened so far.
The majority of what is on my computer the world can see. But, i do have about five spreadsheets keeping track of my bank account and credit card numbers. (plainly listed). What i did was i used disk utility to create a 500 meg sparsedisk and selected encryption. A 500 meg disk uses about a ~10 meg overhead regardless of what is in it but unlike a regular dmg, it doesn't use all 500 right away.
Now, when i need access to my spreadsheet, all i have to do is open the image and enter my password. (i make sure keychain saving is not selected). If you do accidentally save your password with keychain, just go into keychain access and delete it.
So now, i have all the security for my important files but no risk for the rest of them
I also back up my entire home directory to a single encrypted dmg on a portable hard drive (which i formatted to HFS+ tp hold the file)
Why not try using the sparseimages this way you don't also have wasted space. IT does make sense for you to use file vault. I am glad to hear that is has been fixed.
I may actually start using it now to save myself the time of created a .dmg of my homefold once a week to put on my portably hard drive (later placed in a fire-proof safe)
I believe most of us take security of data very seriously and have taken steps to ensure it is kept secure. While the measures I have taken are more than most take, I'm always interested in schemes others use to safeguard their data. The more active measures in place, the better prepared we are.
To force FV to reclaim empty space just log out and log in. No need to restart.
I first installed FV when I wanted to send in my PB for repair at Apple. Not that I mistrust Apple so much but there is always the chance that the computer could get lost or stolen along the way.
Since then I've left it on as I travel a lot and there is always the chance that my PB could be stolen when on the road.
If you use iMovie you have to import movies to someplace outside your home folder. Encrypting is too slow to keep up with the camera.
A few times my desktop would fail to appear after a restart. One more restart would fix this. This hasn't happened in a while. Perhaps it was fixed in one of the updates.