Just how secure is an encrypted disk image?

Discussion in 'Mac Basics and Help' started by motulist, Mar 26, 2007.

  1. motulist macrumors 68040

    motulist

    Joined:
    Dec 2, 2003
    #1
    How secure is an encrypted disk image? Assuming the password isn't discovered by other means, is a 128 encrypted disk image breachable by any sub-FBI supercomputer means? Could any information be pulled out, such as file names, even if they aren't loadable?
     
  2. Eidorian macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Indianapolis
  3. motulist thread starter macrumors 68040

    motulist

    Joined:
    Dec 2, 2003
    #3
    DOH! 10.3.9 doesn't have a checkbox for secure virtual memory in the security pref pane. At least not when file vault is turned off. I didn't think file vault had to be turned on for my encrypted disk images to be totally secure.
     
  4. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #4
    I'm not super technical...but a lot of these issues are unique to FileVault and not a general characteristic of OS X's implementation of AES-128 encrypted disk images, correct?

    Although the secure VM is a good issue, since the VM file potentially has sensitive data in it.
     
  5. Eidorian macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Indianapolis
    #5
    The strength should be based on AES-128 and the user's password.
     
  6. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #6
    Also make sure you are not set up to automatically log into the disk image using your login keychain, natch, as that pretty much defeats the security entirely. :D
     
  7. Eidorian macrumors Penryn

    Eidorian

    Joined:
    Mar 23, 2005
    Location:
    Indianapolis
    #7
    A login window is a must.
     
  8. motulist thread starter macrumors 68040

    motulist

    Joined:
    Dec 2, 2003
    #8
    Yeah, I think it's terrible security that the remember password checkbox is checked by default.
     

Share This Page