Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Encryption?

Using Filevault and/or an encrypted disk image (they're essentially the same thing) should have sufficient encryption to prevent all but professional-grade snooping. Only as good as the password on it (and how reluctant you are to give said password), but that's probably sufficient.

You could add additional layers of security, but you will eventually get to the point of diminishing returns.
 
Considering how many laptops are stolen each year, it is probably a good idea to encrypt it even if you are not doing any international travel.

I finally turned FileVault on last year because I was traveling weekly for work, and I figured the chances of losing the laptop were high. Of course, you should always back up your files as well, and make sure the backup is also encrypted. :D
 
Thanks much for the replies. I do a bit of international and that is why I am more concerned with encryption especially if customs besides wanting to search luggage and bags. I have no problem with the latter but scanning, possibly saving of personal data (Passwords, Credit Card Info, Sensitive Documents, etc) I kind of draw the line. Obviously they should be able to turn it on, boot to the login and see its not a weapon of any kind. But prying into your music, movies, documents, etc are for me a no-no. So encryption seems to be the way to go. Even though that is a hassle.

Bill.....:apple:
 
merc669 said:
Thanks much for the replies. I do a bit of international and that is why I am more concerned with encryption especially if customs besides wanting to search luggage and bags.
<<SNIP>>
Bill.....:apple:
Click to expand...

If you are really concerned (because like many of us all your life is documented on your Mac), then maybe you should consider storing your really important stuff that you do not need abroad on an external HD and just leaving that at home.

It is a hassle, but you might be able to figure out a routine that works best for you and safeguards your data from the prying eyes.
 
If you want a more transparent solution, you might want to look at TrueCrypt. It supports full-volume encryption (including the boot volume), and even if someone forces you to surrender your password, it supports hidden volumes for another level of plausible deniability.
 
For slightly stronger security, you should set up

Firmware password
Require password when restarting (I put: contact xx if found as reminder)
Turn on auto-logout after x amount of time

If you want a chance to recover your laptop, you could have a guest account with no password, but with Undercover installed.
 
Consultant, you mentioned you put contact xx in the password entry screen.

How do you change the text of this? I would love to put my company's name and contact info along with a reward fore return line on the initial (bootup) login screen, password entry screen when awakening from sleep, etc.

Thanks!
 
southerndoc said:
Consultant, you mentioned you put contact xx in the password entry screen.

How do you change the text of this? I would love to put my company's name and contact info along with a reward fore return line on the initial (bootup) login screen, password entry screen when awakening from sleep, etc.

Thanks!
Click to expand...

TinkerTool and some other system-modification utilities do that. I don't recall if that was the one I used, but I updated my system with some contact info in case the PowerBook decides to walkoff :rolleyes:
 
merc669 said:
Obviously they should be able to turn it on, boot to the login and see its not a weapon of any kind.
Click to expand...

So i guess if its all about the login screen then you do NOT need any encryption, since ur not revealing your password and they cant login. Now if you do reveal your password, encryption doesnt makes any difference... Only way encryption will help is if lets say after you denied telling them your password they took your HD and browsed it on another computer. Thats the only case encryption would save you...
 
sOwL said:
So i guess if its all about the login screen then you do NOT need any encryption, since ur not revealing your password and they cant login. Now if you do reveal your password, encryption doesnt makes any difference... Only way encryption will help is if lets say after you denied telling them your password they took your HD and browsed it on another computer. Thats the only case encryption would save you...
Click to expand...

Perhaps in the strict situation of an individual attempting to gain access to your computer while you stare at them, but there are a number of ways for them to access the unencrypted volume:

- Pull it out and put it in another computer, as you say
- Bring the mac up as a firewire target disk on another computer (just requires plugging in a firewire cable and rebooting)
- Rebooting off a system DVD and resetting the password

This is why, if you have sensitive data, just login / password control is not considered enough.

As I've said many times before, though, there is a difference between paranoia and plausible situations. I wouldn't bother encrypting your Mac just because you've used Safari to buy something with your credit card. I encrypt mine because there may be confidential (HIPAA governed) data related to patients in my e-mail. For that kind of application, just passwording it is not enough.

Ugh, speaking of which, there was just a news article on NPR about a surgeon (plastics) at the hospital at which I recruit for my dissertation having given a notebook computer to a family member without securely deleting patient records from 2,000 patients, including digital pictures, etc. Probably no intrusion occurs, but you "do not want to be that guy" about whom the news carries a story because you breached patient confidentiality inadvertently....
 
mkrishnan said:
Perhaps in the strict situation of an individual attempting to gain access to your computer while you stare at them, but there are a number of ways for them to access the unencrypted volume:

- Pull it out and put it in another computer, as you say
- Bring the mac up as a firewire target disk on another computer (just requires plugging in a firewire cable and rebooting)
- Rebooting off a system DVD and resetting the password

This is why, if you have sensitive data, just login / password control is not considered enough.

As I've said many times before, though, there is a difference between paranoia and plausible situations. I wouldn't bother encrypting your Mac just because you've used Safari to buy something with your credit card. I encrypt mine because there may be confidential (HIPAA governed) data related to patients in my e-mail. For that kind of application, just passwording it is not enough.

Ugh, speaking of which, there was just a news article on NPR about a surgeon (plastics) at the hospital at which I recruit for my dissertation having given a notebook computer to a family member without securely deleting patient records from 2,000 patients, including digital pictures, etc. Probably no intrusion occurs, but you "do not want to be that guy" about whom the news carries a story because you breached patient confidentiality inadvertently....
Click to expand...

ok, u won :D ill never use filevault anyway coz it slows downmy system and i dont have a laptop or a reason to care... none will try any of the above, and a password will be fine
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back