File Vault 2 - Full Drive Encryption

Discussion in 'Mac OS X Lion (10.7)' started by VydorScope, Nov 6, 2011.

  1. VydorScope macrumors regular

    VydorScope

    Joined:
    Oct 12, 2011
    #1
    Is anyone using the full drive encryption that comes with Lion vai the new File Vault? Any problems/pitfalls with it? I use True Crypt for full drive encryption on some of my externals, and bit locker on my work laptop... looking for something simular for my Macs.

    Thanks!
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #3
    I am using FV2 on both my iMac and a Macbook Pro with absolutely no problems. It is completely transparent.
     
  3. VydorScope thread starter macrumors regular

    VydorScope

    Joined:
    Oct 12, 2011
    #4
    Cool, was it something that you could let work in the background to do the initial encrypt? Was a reboot required?
     
  4. Dark Dragoon macrumors 6502a

    Dark Dragoon

    Joined:
    Jul 28, 2006
    Location:
    UK
    #5
    I have FileVault 2 enabled on two of my Macs, and it works fine for me.

    The only noticeable difference you'll see for everyday usage is the different login screen which appears right after you turn the computer on. You just login with you account password normally, which unlocks the drive and the computer then boots and logs into your account.

    A reboot is required to enable FileVault 2, after that it encrypts the drive in the background, so you can continue working while it's doing this.
     
  5. eenuuk macrumors regular

    Joined:
    Nov 3, 2011
    Location:
    UK
    #6
    You can use True Crypt on the Mac too!

    I use FV2 on my iMac and MBP - No issues for me, I personally think it slows down emptying the trash can and also transferring from the computer to an external - nothing that I would loose sleep over though!

     
  6. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #7
    When you first turn on FV2, it reboots once to start the initial encryption of the disk and that is it. No reboot required after that. You can use the computer normally while it is encrypting.

    I have not noticed either of these issues.
     
  7. VydorScope thread starter macrumors regular

    VydorScope

    Joined:
    Oct 12, 2011
    #8
    Cool... now i just have to find a time when its not to painful to close all 20,000 programs I have open and reboot! :D
     
  8. Mr. Retrofire, Nov 7, 2011
    Last edited: Nov 7, 2011

    Mr. Retrofire macrumors 601

    Mr. Retrofire

    Joined:
    Mar 2, 2010
    Location:
    www.emiliana.cl/en
    #9
    It is "transparent" on all Macs which support the AES-NI.

    I should also add, that the recent security updates for Lion remove a security hole (FW-DMA), regarding FV2.

    From --> http://support.apple.com/kb/HT5002
     
  9. VydorScope thread starter macrumors regular

    VydorScope

    Joined:
    Oct 12, 2011
    #10
    Hmm mine is a Core 2 Duo and is not listed, does that mean FV2 wont work? It gave me no error when I opened it.
     
  10. eenuuk macrumors regular

    Joined:
    Nov 3, 2011
    Location:
    UK
    #11
    Both my machines are core 2 duos and work fine

     
  11. petisjioweelsha macrumors member

    Joined:
    Nov 7, 2011
    Location:
    USA
    #12
    FV2 will definitely work on a C2D, but there might be a a small slowdown of the system. You likely won't even notice any difference.

    That list just shows processors which have a dedicated encryption feature.
     
  12. yetanotherdave macrumors 68000

    yetanotherdave

    Joined:
    Apr 27, 2007
    Location:
    Bristol, England
    #13
    The only issue I had was that I have a dual HDD system, FV2 only wants to encrypt the boot drive, which is useless if you have all your data (home area) on the non boot drive!
    You can use FV2 to encrypt the second drive, but you have to do it from the command line.
    The problems then start when you try and boot and login after encrypting your data volume, you can't! The drive is encrypted and you haven't had an opportunity to unlock it. Fortunately I had a second admin account with it's home area on the boot dive, so I was able to login, unlock the home volume and go back into my main user account.

    This would be a total PITA to do everytime you startup the computer, fortunately I found a script that unlocks the second HDD on startup for you. it's here if you need it https://github.com/jridgewell/unlock
    install instructions
    https://github.com/jridgewell/Unlock/blob/master/README.md
     
  13. CodeBreaker macrumors 6502

    Joined:
    Nov 5, 2010
    Location:
    Sea of Tranquility
    #14
    The only thing to be careful with is partitioning a FV 2 drive. If you enable File Vault 2 on a drive, the drive becomes a Core Storage volume. You cannot directly add/remove/resize partitions to such a drive with Disk Utility.

    You first need to disable File Vault, wait for the drive to be reconverted from Core Storage, change the partitions and then again re-enable File Vault.
     
  14. Mr. Retrofire macrumors 601

    Mr. Retrofire

    Joined:
    Mar 2, 2010
    Location:
    www.emiliana.cl/en
    #15
  15. Dark Dragoon macrumors 6502a

    Dark Dragoon

    Joined:
    Jul 28, 2006
    Location:
    UK
    #16
    Yeah this is a bit of a pain, though it is only an issue if you have moved your home to the other drive, if you just want to have other drives encrypted for storing data on there isn't a problem as you can unlock them at login.
     
  16. eenuuk macrumors regular

    Joined:
    Nov 3, 2011
    Location:
    UK
    #17
    Or you can just transfer the content of that drive to another and format it as an encrypted FV2 volume then move your stuff back

     

Share This Page