Full disk encryptuion

Discussion in 'Mac Apps and Mac App Store' started by ring, Apr 7, 2012.

  1. ring macrumors regular

    Joined:
    Nov 17, 2011
    #1
    Since we are all aware that filevault2 has been cracked (in a mere matter of minutes), what is the best way to secure the entirety of your Mac OS operating system. The truecrypt manual says it supports full disk system encryption for a variety of winblows devices, but not mac.


    Are there any secure alternatives that you can personally recommend?

    I also heard that so long as your computer isn't in "sleep" mode, FV2 will still hold it's integrity. Is this true?


    Thanks and as always:

    Love,
    Ring
    :apple::apple::apple::apple:
     
  2. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #2
    Very few people actually need full disk encryption. For the small subset of your files with sensitive information, make an encrypted disk image.
     
  3. cerote macrumors 6502a

    cerote

    Joined:
    Mar 2, 2009
    #3
    You mean with expensive software. And there are more things needed for them to crack it. The computer still has to be on for them to do it. So just use file vault 2 and just shut off your computer every time you are away.

    Filevault is fine.
     
  4. burne macrumors 6502

    burne

    Joined:
    Jul 4, 2007
    Location:
    Haarlem, the Netherlands
    #4
    The very same company has been blowing its horn over their very expensive software being able to 'crack' truecrypt, bitlocker and a host of application-based encryptions.

    Apple just came up in their publicity-calender.

    They rely on cached copies of your password somewhere in memory, being reabable by their application. Secure virtual memory makes that harder, ASLR makes it harder, and soon their app is toast because it becomes impossible when somebody thinks of a way to prevent the last tiny loophole.

    When the feds kick down your frontdoor you just pull the plug from your computer. If you are truely paranoid you could have your burglar-alarms switch off your computers.
     
  5. Fabricman112 macrumors regular

    Fabricman112

    Joined:
    Apr 3, 2010
    #5
  6. ring thread starter macrumors regular

    Joined:
    Nov 17, 2011
    #6
    As inclined by the Security Now Podcast, and Steve Gibson (the host), I fundamentally distrust any encryption that isn't open sourced. Because "How can we tell if Apple installed a backdoor that can be used by a (3 letter agency) or a (bad guy exploiting the backdoor for a (3 letter agency)).


    Further thoughts? :apple:
     
  7. flynz4 macrumors 68040

    Joined:
    Aug 9, 2009
    Location:
    Portland, OR
    #7
    I do not agree with this. Even having access to ones email address is probably sufficient to perform identity theft. Access to the entire computer disk is worse. I do think it is true that most people do not think they have sensitive information... but that is not necessary mean they shouldn't protect their systems. Being a victim of identity theft can really upset ones life from what I understand.

    We personally use FV2 on all of our computers. When traveling, we shut down our MBAs when not in use. I am a lot more worried about theft of our iPads or iPhones.

    /Jim
     
  8. GeekGuys macrumors regular

    Joined:
    Mar 13, 2009
    #8
    If you are able to replace the hard drive then you can replace the stock drive with an encrypted version. Full Disk Encryption is better than FV (which is built into Lion) as it removes the crypto work from the kernel and does it in hardware.

    Some drives are compatible with Mac EFI but check before hand.
     
  9. ring thread starter macrumors regular

    Joined:
    Nov 17, 2011
    #9
    FV (2) does work w/ full disk encryption.
     

Share This Page