Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Full disk encryption coming in Lion?

Jethryn Freyman

Jethryn Freyman

macrumors 68020
Original poster
Aug 9, 2007
2,329
3
Australia
From here:

http://www.tuaw.com/2010/11/15/why-10-6-5-and-symantecs-pgp-whole-disk-encryption-didnt-get-a/

Jobs said:
From: Steve Jobs
Subject: Re: HiEd Frustrations
Date: November 11, 2010 4:49:01 PM CST
To: [redacted]

Disk encryption coming in Lion. Don't know about #2.

Sent from my iPhone
Click to expand...

... and the full email with headers:

Jobs said:
From: Steve Jobs
Subject: Re: HiEd Frustrations
Date: November 11, 2010 4:49:01 PM CST
To: [my name redacted]
Return-Path:
Received: from localhost ([unix socket]) by cyrus1a.mail.[mydomain redacted].edu (Cyrus v2.3.16) with LMTPA; Thu, 11 Nov 2010 16:49:52 -0600
Received: from mh5.mail.[mydomain redacted].edu (mh5.mail.[mydomain redacted].edu [x.x.199.32]) by cyrus1a.mail.[mydomain redacted].edu (Postfix) with ESMTP id 910842A80A6 for ; Thu, 11 Nov 2010 16:49:52 -0600 (CST)
Received: by mh5.mail.[mydomain redacted].edu (Postfix) id 85DF128F75B; Thu, 11 Nov 2010 16:49:52 -0600 (CST)
Received: from mh5.mail.[mydomain redacted].edu (localhost.localdomain [127.0.0.1]) by mh5.mail.[mydomain redacted].edu (Postfix) with ESMTP id 78FDB28F757 for ; Thu, 11 Nov 2010 16:49:52 -0600 (CST)
Received: from mh5.mail.[mydomain redacted].edu ([127.0.0.1]) by mh5.mail.[mydomain redacted].edu (mh5.mail.[mydomain redacted].edu [127.0.0.1]) (amavis, port 10024) with ESMTP id jmPRdhVzrSfB for ; Thu, 11 Nov 2010 16:49:51 -0600 (CST)
Received: from mail-out4.apple.com (mail-out4.apple.com [17.254.13.23]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mh5.mail.[mydomain redacted].edu (Postfix) with ESMTPS id CE56028F739 for ; Thu, 11 Nov 2010 16:49:49 -0600 (CST)
Received: from relay16.apple.com (relay16.apple.com [17.128.113.55]) by mail-out4.apple.com (Postfix) with ESMTP id 867B3BC5D7A8 for ; Thu, 11 Nov 2010 14:49:48 -0800 (PST)
Received: from et.apple.com (et.apple.com [17.151.62.12]) by relay16.apple.com (Apple SCV relay) with SMTP id 67.CE.03845.C037CDC4; Thu, 11 Nov 2010 14:49:48 -0800 (PST)
Received: from [17.248.4.101] (wave-dhcp101.apple.com [17.248.4.101]) by et.apple.com (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008; 32bit)) with ESMTPSA id for bk@[mydomain redacted].edu; Thu, 11 Nov 2010 14:49:48 -0800 (PST)
X-Sieve: CMU Sieve 2.3
Delivered-To: bk@[mydomain redacted].edu
X-Virus-Scanned: by amavis-2.6.4 at mh5.mail.[mydomain redacted].edu
X-Smtp-Auth: no
X-Policyd-Weight: NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_MX=-3.1 (check from: .apple. - helo: .mail-out4.apple. - helo-domain: .apple.) FROM/MX_MATCHES_HELO(DOMAIN)=-2; rate: -9.6
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
X-Auditid: 11807137-b7bf7ae000000f05-e3-4cdc730c67c8
Mime-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type: text/plain; charset=us-ascii
References:
X-Mailer: iPhone Mail (8B117)
In-Reply-To:
Message-Id:
X-Brightmail-Tracker: AAAAAQAAAZE=
X-Dspam-Result: Innocent
X-Dspam-Processed: Thu Nov 11 16:49:52 2010
X-Dspam-Confidence: 0.9920
X-Dspam-Probability: 0.0000
X-Dspam-Signature: 390,4cdc731025385225088591
X-Dspam-Factors: 27, University+>, 0.00196, >+Hi, 0.00208, >+Thanks, 0.00229, >+[mydomain redacted], 0.00283, >+>, 0.00600, >+>, 0.00600, >+I'm, 0.00666, wrote+>, 0.00672, It+would, 0.00812, Received*ESMTPSA, 0.00822, Received*ESMTPSA+id, 0.00822, Received*with+ESMTPSA, 0.00822, Sent+from, 0.00886, Research+Computing, 0.00923, glad+you're, 0.01000, >+Nothing, 0.01000, >+regards, 0.01000, us+The, 0.01000, edu>+713, 0.01000, areas+>, 0.01000, >+Bill, 0.01000, Received*(Apple, 0.01000, 34+PM, 0.01000, PGP, 0.01000, we're+having, 0.01000, a+fix, 0.01000, Received*(Apple+SCV, 0.01000
Click to expand...
 
iVoid said:
Now THAT would be a feature that'd get me excited over lion.
Click to expand...
Yes, I hate having to rely on PGP. It's a good product but I'd rather something more Apple-like, for example, the 10.6.5 update just broke PGP because it changed the boot.efi file that PGP used, this problem rendered Macs using PGP unbootable. Having a nice shiny Apple solution would hopefully be a way of avoiding problems like this in the future.
 
HAH! Confirmed!

http://macosrumors.com/2011/02/27/full-system-encryption-macosx-lion/

Anybody know any of the technical details?

I'm assuming it will use 256 bit AES. I'd also like to have the ability to NOT set a "safety net" password, and to use a separate password for booting and for login (beware keyloggers!)
---

OK, apparently it uses 128 bit AES in the XTS mode of operation. Not sure why they used 128 bit when every other product uses 256 bit though. It's not like the performance hit from moving to full 256 bit encryption is significant, given the fact that you're all ready encryption the whole disk.

Overall, good on Apple for doing it, I'll use it, at least now I won't have to worry about compatibility problems with PGP.
 
Last edited by a moderator:
Jethryn Freyman said:
OK, apparently it uses 128 bit AES in the XTS mode of operation. Not sure why they used 128 bit when every other product uses 256 bit though. It's not like the performance hit from moving to full 256 bit encryption is significant, given the fact that you're all ready encryption the whole disk.
Click to expand...

AES-256 has more rounds, and is therefore slower than AES-128, even in hardware implementations, such as AES-NI. In mobile applications AES-256 needs more battery power than AES-128. AES-128 is also stronger than AES-256 and AES-192. And btw, a strong key (a passphrase) is equally important.
 
I know were gonna see topic after topic about people forgeting their password and are locked out of their computer. trying to figure a work around:eek:
 
Mr. Retrofire said:
Save the recovery key on a USB-drive! Problem solved.
Click to expand...

yes i understand that..

but i guarantee maybe a few months after release there will be multiple people trying to find workarounds because they don't remember the passwerd or the recovery key.
 
frunkis54 said:
yes i understand that..

but i guarantee maybe a few months after release there will be multiple people trying to find workarounds because they don't remember the passwerd or the recovery key.
Click to expand...

No need. Lion Full Disk Encryption provides you with a recovery token and allows you to send it to Apple for safe keeping.
 
dacreativeguy said:
No need. Lion Full Disk Encryption provides you with a recovery token and allows you to send it to Apple for safe keeping.
Click to expand...

really?

i didn't see anything like that all i saw was before you turn it on it pretty much says do not lose either code or your screwed.
 
frunkis54 said:
really?

i didn't see anything like that all i saw was before you turn it on it pretty much says do not lose either code or your screwed.
Click to expand...

It's true. Apparently you need to set up some security questions with Apple and they'll only give you the token back if you get them all right.
 
Nermal said:
It's true. Apparently you need to set up some security questions with Apple and they'll only give you the token back if you get them all right.
Click to expand...

my bad i stopped where it shows the key if only i would have hit continue i would have saw that :)
 
Hmm...so I am going to encrypt that which I don't want others to see and send the key off to a third-party...


Nermal said:
It's true. Apparently you need to set up some security questions with Apple and they'll only give you the token back if you get them all right.
Click to expand...
 
No...that was a comment. Actually it was more of a rhetorical question with a dash of sarcasm.

I don't like people who misconstrue comments (or rhetorical questions) for complaints...NOW I am complaining.

Nermal said:
Then don't send the key. Are you seriously complaining about having an option? :eek:
Click to expand...
 
Last edited:
I think it's good that Apple has at least made full disk encryption ACCESSIBLE to Mac users and easy to use, just like Time Machine did for backups. Yes, it comes at a cost (i.e. using the user account password as the encryption password), but I guess this was their trade off between security and actually getting people to use it.

I don't see why Apple couldn't at least have it as an OPTION to set your own password, though.

Let's see what the final release of Lion brings.
 
Jethryn Freyman said:
I think it's good that Apple has at least made full disk encryption ACCESSIBLE to Mac users and easy to use, just like Time Machine did for backups. Yes, it comes at a cost (i.e. using the user account password as the encryption password), but I guess this was their trade off between security and actually getting people to use it.

I don't see why Apple couldn't at least have it as an OPTION to set your own password, though.

Let's see what the final release of Lion brings.
Click to expand...

Which User password and what if you have multiple users?
So could you create an Admin user when you first configure the machine.
Enable Disk encryption in that user, then once it's up and running import your Main user profile which could then have a different password.
 
Like MattInOz I too would like to know how this works on a mac with mutliple user accounts. Also, is the use of a guest account impossible with whole disk encryption? Have apple completely scrapped per-account encryption or have they left it as an option?
 
Further, does data pushed to Time Machine / Time Capsule remain encrypted (even optionally?) or will you have to choose between having automated, continuous backups or having your data secure?

Given Apple's market share (by no means negligible) and user demographic (much of the top 10% of users when ranked by $$ spent), it seems like they'd be in a perfect position to provide the first widespread use of real data security for the general public. I sure hope they follow up their initial release with complete, full-featured selection of cryptographic features.

They could also anoint a few multi-factor authentication solution vendors (or provide their own). It seems like there's a great opportunity to bring real, powerful encryption to the consumer, making it something you expect from the average joe and not simply an indicator that you're a very persistent geek. Seems like something Apple's well-suited for while being a great marketing differentiator when it comes to selling people on your particular 'cloud' services / storage - powerful, pervasive, open and tested encryption would make MobileMe much more attractive to me.
 
If a court subpoenaed Apple to decrypt someone's hard disk drive do you think Apple would be able to do it, bypassing the user's password?
 
I don't have Lion, but I've been following this pretty close.

ozaz said:
Like MattInOz I too would like to know how this works on a mac with mutliple user accounts.
Click to expand...
I think there is an option to allow other user accounts (i.e. their passwords) to also decrypt the disk. That's what I hear, not sure how it works, might be wrong...

Also, is the use of a guest account impossible with whole disk encryption?
Click to expand...
Doubt it, disk encryption requests a password on booting, from there it's basically transparent.

Have apple completely scrapped per-account encryption or have they left it as an option?
Click to expand...
Haven't seen per-account encryption in any screenshots.

ae35unit said:
Further, does data pushed to Time Machine / Time Capsule remain encrypted (even optionally?)
Click to expand...
You can now encrypt whole disks with Disk Utility. And when choosing a Time Machine disk, you have the option to encrypt it.

Given Apple's market share (by no means negligible) and user demographic (much of the top 10% of users when ranked by $$ spent), it seems like they'd be in a perfect position to provide the first widespread use of real data security for the general public.
Click to expand...
Definitely, just like they did with Time Machine.

I sure hope they follow up their initial release with complete, full-featured selection of cryptographic features.
Click to expand...
This is my hope too, specifically, them allowing to use whatever password you like for encryption, rather than doing it with your login password. Full disk encryption passwords are supposed to be LONG and complex, do you really want to be typing that in all the time when you're logged in just to authorise an app's installation? Also it makes it more vulnerable to keyloggers running on the OS and so forth,

edifyingGerbil said:
If a court subpoenaed Apple to decrypt someone's hard disk drive do you think Apple would be able to do it, bypassing the user's password?
Click to expand...
No, the encryption algorithm (AES) is totally secure when paired with a strong password. Of course, if you check the option to send the recovery key to Apple, it could probably be subpoenaed.
 
Jethryn Freyman said:
No, the encryption algorithm (AES) is totally secure when paired with a strong password. Of course, if you check the option to send the recovery key to Apple, it could probably be subpoenaed.
Click to expand...

Also, I wouldn't trust Apple to not have another way in.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back