FileVault from the Day1.

Discussion in 'MacBook Pro' started by HerbertDerb, Jun 13, 2017.

  1. HerbertDerb macrumors regular


    Jan 10, 2017
    So going to make an order on the 15" 2017 MBP. Few things are in my mind before i get it and thinking about possible scenario that i might sell it down the line.

    With selling it away from few years down the line, the big thing to me is security. And because you cant remove the SSD from the laptop, this is a big thing to me...

    I have been searching from the net that is there a possible "Nuke" Software for Mac, like you have in windows pc's. But apperantely, you don't want to do that... Reason for that might be that re-installation might be difficult.

    But, luckily there is a "secure erase" in the disk utility when formating the drive. However, Apple doesn't allow you to "secure erase" the SSD's on the system.

    Sooooooo... What comes next? Filevault. And apperantely you want to turn on filevault since day 1. Reason for that is, that if you turn the filevault on when you have had it for couple of years. There might be some areas/sectors that the Filevault can't access and can't encrypt.

    Now i have couple of questions when using filevault (Note: I am first time Mac-user. I have never used Mac before)

    1. Does the FileVault make your life with Mac more difficult?
    2. Does touchid work with FileVault?

    And no, i am not a CIA/FBI agent. I just happen to know that it isn't that hard to recover files from "erased" drive.

    And better be safe than sorry. There is a possibility that the laptop gets stolen or the laptop itself might malfunction. And i don't wan't the "geniouses" on the Apple store to see my dickpicks....

    Thanks for your help.

    E: Also, one option to consider might be 3rd party app (Hider 2 for example). So i can seperately encrypt my dickpicks for whenever i need them... "( ͡° ͜ʖ ͡°)"

    What you guys think?
  2. keysofanxiety macrumors G3


    Nov 23, 2011
    Not sure about that. You can turn FileVault on or off at any time. Anyway you won't notice a difference with performance or usage. TouchID and everything else works with FileVault; you wouldn't even know it's on.

    If you're properly paranoid about the security of Erase then you can just go through USB DBaN when you're looking to sell. It works fine on any volume; Windows, Mac, Linux. But we're talking at least a good few years.

    If you have FileVault enabled then there's nothing people can do to recover your information if your laptop gets stolen or the laptop fails, unless they have your computer password.
  3. HerbertDerb thread starter macrumors regular


    Jan 10, 2017
    Yes you can turn it on and off. But overtime SSD's get wear and tearm in them. And sometimes some sections of the SSD might get corrupt. Meaning that the disk utility erase nor filevault can't access the data that's on there. (It doesn't even know there is data in there)

    For example:

    I put a dickipick on my Mac. The picture goes to one part of the SSD. Over few years that part of the SSD might become "unusable" and therefore the dickpick stays in there un-encrypted. If you didn't have FileVault enabled. (HOWEVER It is unlikely that somebody would get access to that part of the SSD in the later term. But it is possible).

    But good to know that if you turn on filevault, you won't even notice it.
  4. caramelpolice macrumors regular

    Oct 6, 2012
    If your SSD has TRIM enabled - and all stock Apple SSDs do - data recovery after deletion is practically impossible.
  5. New_Mac_Smell macrumors 68000


    Oct 17, 2016
    I was going to ask what you wanted to be so ultra cautious about but that's pretty much what I was thinking. MacBook Pro, the ultimate pron machine...

    If the corrupted section was host to a urm corrupted image, then it would still be corrupted and unusable either way. Maybe just maybe someone could get some of the data back, just the tip perhaps, but not the whole thing, depending on how large a MacBook Pro you had of course.
  6. keysofanxiety macrumors G3


    Nov 23, 2011
    If it's failing with duff or reallocated sectors then you'll see that in the SMART data. Any SMART application can monitor that. Plus it wouldn't store the data on there as it'll just avoid those sectors. Any possibly, hypothetical remnants of data somehow on a duff sector would be completely unrecoverable and jumbled; and that's the absolute "best case" scenario if you're trying to retrieve your glorious dick-pics. What you've described is a little on the paranoid side. :p

    SSDs are considerably more reliable than they used to be too. Many more under the hood advances. Modern SSDs can write at least 500GBs worth of data every single day for 5 years before they're likely to begin failing.

    Honestly there's no cause for concern.
  7. leman macrumors G3

    Oct 14, 2008
    You don't even notice that disk encryption is on. The entire encryption is completely transparent for you, the disk its decrypted as you log in. The performance is still incredible and the only difference is that if you forget your password, you won't be able to access your data (there are recovery keys etc. of course).
  8. HerbertDerb thread starter macrumors regular


    Jan 10, 2017
    Thank you for your replies! :)

    The dickpick part was a joke. I do use it for my business and for my personal stuff. Some things in your life you just want to prevent being seen by others....

Share This Page