Encrypting File System?

[awrc]

My latest Must Have gadget is the Wiebetech Firewire Keychain. I've ordered one, along with a 512MB compact flash card, with the intent off producing a fairly capacious way of keeping important data with me.

OK, 512MB is overkill, but Amazon had a Viking 512MB compact flash card for $199, which is a steal.

One of the main uses I have in mind for this is as a master repository of Useful Information. I want to end the hunt for serial numbers that ensues every time I do a system reinstall (esp annoying when I've got an upgrade that insists I also enter the previous version's serial).

However, I don't want this information to be too easily accessible should someone steal/find my gizmo. Is there any such thing as an encrypting file system for the Mac?

Right now I'm considering a number of ideas. Simplest of the lot is just a Stuffit archive with individual files encrypted, but it's a little clumsy sinec it seems to want per-file passwords. What I'd had in mind (and the documentation says can't be done) is an archive that can just have little files dropped on it with no need for passwords, but that requires a password to get at.

There's no end of similar things that can be done with various Darwin tools. It's just all...clumsy.

Anyone got any ideas of an elegant way to go about something like that?

Al

PS I don't expect to have 500MB worth of serial numbers, by the way. That'll just be one small file. The rest'll be stuff like a copy of my resume in case I ever need it, but not the sort of stuff people keep in PDAs or iPods (since I have a PDA and an iPod for this). It's too small to be an OS X boot disk too. Maybe I should have titled this thread "what interesting and useful stuff can you get in 512MB of slow storage?"

 

[yamadataro]

I'm having the same issue these days. Mac sucks in terms of easy data encryption.

For just keeping passwords and serial numbers etc, I currently use WebConfidential for Mac OS X and Palm. It's a software made specifically for storing sensitive info, not encrypted file system. It comes with a conduit for new Palm Hotsync for OS X. So you can sync or just use it on a single platform. Its encryption is very secure. It also automatically closes and encrypts your data file after certain minutes which is very difficult to do with ordinary file encryption software like StuffIt. The only thing I'm unhappy about WebConfidential is Mac side's interface design. It doesn't have a list view! And you have to live with the categories defined by the developper. They should hire a designer. It's not perfect, but it works.

What I'm thinking right now is the OS X 10.2's new disk image function. Here's a quote from Macworld magazine's review:

"Stronger Security -- Apple has made several security improvements. User names and passwords can now be more than eight characters long -- especially useful when you're trying to generate secure but memorable passwords. A new Keychain menu item lets you lock and unlock not only your Keychain but also your entire system: choose Lock Screen, and your Mac will instantly jump to a password-protected screen saver. Likewise, if you're using encrypted disk images created by Apple's Disk Copy utility to store sensitive information on a laptop, when you wake that laptop up, you'll be forced to reenter the secure volume's password."
http://www.macworld.com/2002/10/features/jaguar.html

Here's what I'll do for storing sensitive data after getting 10.2 :

Mac side: whatever database or word processing software with an encrypted disk image.
Palm side: any software that syncs with your Mac data (in my case it's FileMaker Mobile) with a security software for Palm OS like PDA Defence (http://www.pdadefense.com/)

I just hope that new disk image function is something I expect it to be. I'll know that this Saturday, I guess.

Does this solve your issue? ...Oh, you don't want any passwords??? Well, we always need at least one password to secure something, don't we? If you can access your data without any password, he can access that too.

I think the closest you can get is this disk image function in conjunction with the Key Chain. But I have a feeling that when a sucker steals your Mac in the sleep state along with your memory card, he will have a complete access to your data because the key chain still is open, am I right?

 

[yamadataro]

I've just read some article about PGP Corporation's software releases today. We have to wait till November, but they seem to offer a comprehensive easy-to-use security solution for disk management, email and instant messaging for all of the major platform including Mac OS 9 / X, Windows, Palm and PocketPC.

PGP disk software can encrypt a whole disk system on the fly.

Their product page even says that you can sync your key (password) between your Mac and Palm.

Sounds like a promissing product.

http://www.pgp.com/display.php?pageID=21

 

[awrc]

Originally posted by yamadataro
Does this solve your issue? ...Oh, you don't want any passwords??? Well, we always need at least one password to secure something, don't we? If you can access your data without any password, he can access that too.

I'm not too concerned about someone having access to my actual machine, more that if the keychain gets dropped they won't get everything without a fight Yes, it sounds like the new version of Disk Utility might offer what I need.

Last time my apartment was burgled they stole the actual physical software as well as the machines, so having the serials encrypted on a keychain wouldn't have done me much good anyway. Also, if worst comes to worst, I've got a lockdown kit with a really good padlock to prevent anything untoward happening to the Mac.

But I have a feeling that when a sucker steals your Mac in the sleep state along with your memory card, he will have a complete access to your data because the key chain still is open, am I right?

Yes, but he's going to have to steal the UPS as well and carry the whole assembly down six flights of stairs very quickly if he doesn't want the machine to go from the sleep state to the off state

 

[yamadataro]

Uh, I've never worried about my desktop mac to be an issue of security. It's my powerbooks and palms that I'm worried about. I mean my desktop is always in a secure environment (e.g. my room). But I guess you had some uninvited guests to your room. huh?

Nothing beats a good pad lock! That's the winner

I remember using a chain & pad lock product called a Manhattan Chain for my bike when I was living in NY. It was heavy as hell, but whoever trying to steal my bike had to use a powertool and work on it for like 5 min, compared with 3 sec. with wire lock. It might have been easier to cut the bike itself!

Oh, and I remember that older powerbooks had hard drives which were easy to remove. The manual actually said that you can do so for security reasons!