I don't use it. Any data I want to secure goes in a TrueCrypt volume.
That's another option as well that I'm considering but given the ease of FV its difficult to dispute
Can you even use TrueCrypt for your boot drive? I'd stick to FileVault 2 on the boot volume to keep things simpler. And also probably on the Time Machine drive.That's another option as well that I'm considering but given the ease of FV its difficult to disputeI don't use it. Any data I want to secure goes in a TrueCrypt volume.
Can you even use TrueCrypt for your boot drive? I'd stick to FileVault 2 on the boot volume to keep things simpler.
Passwords to email accounts? IM Accounts? Passwords to web sites? Copies of tax returns?I don't think you can. Honestly, I don't have a reason to encrypt my boot drive. Maybe I should just because I can, but I personally have nothing on my boot drive worth encrypting.
Passwords to email accounts? IM Accounts? Passwords to web sites? Copies of tax returns?
Possibly enough information for someone to (help) do an identity theft possibly? Your address book?
There's more on ones computer than most people realize.
I can understand not wanting to use beta software for encryption but as I stated in my post, Lion has been out for a while now and no real reports of issues with FV2.I tried FileVault2 back with a Lion Developer's Preview and decided against the overhead and potential risk.
FileVault 2 (unlike the original FileVault) has very little overhead. So unless you're running your system at the edge, it shouldn't matter.I've taken a different approach -- encrypted DMG files (which behave like drives). I tried FileVault2 back with a Lion Developer's Preview and decided against the overhead and potential risk.
And passwords for encrypted DMGs can wind up on the keychain as well, which would of course negate the security you get by using encrypted DMGs. And I suspect using encrypted DMGs would have the same or more of a performance impact than FileVault 2 does.I take this approach, using encrypted DMGs but I find that unless you are very disciplined slowly your sensitive files will make their way into the documents folder and not in the encrypted folder.
Agreed, that you're information is still exposed though the usefulness of that data may not be as great as your tax returns or bank statement (at least to most of the thieves).And passwords for encrypted DMGs can wind up on the keychain as well, which would of course negate the security you get by using encrypted DMGs. And I suspect using encrypted DMGs would have the same or more of a performance impact than FileVault 2 does.
I don't use it. Any data I want to secure goes in a TrueCrypt volume.
And passwords for encrypted DMGs can wind up on the keychain as well, which would of course negate the security you get by using encrypted DMGs. And I suspect using encrypted DMGs would have the same or more of a performance impact than FileVault 2 does.
I've spent the last few days cleaning up my boot drive freeing up space.
I know, I expect it to take all day and even into the night. That's why I was cleaning up, removing unwanted or unnecessary files.FileVault is going to read and rewrite every block on the disk, whether you have data there or not. Empty or full, it's going to take a long time.
Nope, I don't use external volumes, I have a NAS and the format of that is such that I cannot and will not encrypt that but the data on that is not sensitiveIf you intend to use FileVault on new external volumes, you can format them as encrypted using Disk Utility - which only takes a minute or two. Unfortunately, this does not work for boot volumes.
My point is that if your system disk is not encrypted and your encrypted DMG password winds up on the keychain, that DMG loses its protection.If you use FileVault2 you are still protected by only a single password, the same situation as encrypted DMGs with password saved in the keychain. The performance impact of encrypted DMGs is less because only sensitive information is encrypted. The operating system, application programs, and non-sensitive data are clear.
...
Yes, the backup volume would need to be encrypted as well for proper protection. My Time Machine disk is encrypted.Also I know that any backups I make will have the sensitive data encrypted since I'm backing up the DMG as a file. I really don't know without investigating what happens to backups with FileVault2. I expect the backup volumes would have to be encrypted as well and since I back up to drives connected to a Snow Leopard Server system FileVault2 isn't available there.
Agreed, my encrypted DMG's password is NOT in the keychain for that very reason.My point is that if your system disk is not encrypted and your encrypted DMG password winds up on the keychain, that DMG loses its protection.
Agreed, my encrypted DMG's password is NOT in the keychain for that very reason.
My point is that if your system disk is not encrypted and your encrypted DMG password winds up on the keychain, that DMG loses its protection.
I'm not sure I understand your question.I don't see the point. When you log in all the disk becomes effectively unencrypted with FileVault II.