Is the hard drive accessible via usb or thunderbolt?

Discussion in 'MacBook Air' started by msmth928, Mar 12, 2013.

  1. msmth928 macrumors regular

    Jun 3, 2009
    Just wondering whether the hard drive of my (2012) MBA would be accessible via usb or thunderbolt if it got stolen.

    I have my account password protected but would like to keep my files safe if possible - is filevault the only option? Or is password protection generally enough?

    (Does filevault slow down MBA's much if turned on?)
  2. garybUK Guest


    Jun 3, 2002
    You can start the computer in 'Target Disk Mode' by holding down T when you switch on the computer, this makes the computer behave as a giant external hdd.

    I guess if someone stole your laptop they can access it this way, Filevault would stop this as (IIRC from the old days).... it creates a giant encrypted/passworded sparse bundle which is mounted when you boot.....
  3. AlanShutko macrumors 6502a

    Jun 2, 2008
    Nowadays it doesn't use a sparse bundle, it encrypts the whole partition. But the result is the same: your data will not be retrievable without your password.
  4. msmth928 thread starter macrumors regular

    Jun 3, 2009
    Ah right thanks, I guess there's no way of disabling this in the bios? Would seem like a fairly good compromise if there was.

    Does encrypting the disk slow things down much?
  5. garybUK Guest


    Jun 3, 2002
    You can set a firmware password, boot up and press CMD-R to start the recovery partition, then on the Utilities menu choose Firmware Password. That will prompt before it will fire up Target Disk Mode.

    If you have an SSD then Filevault shouldn't slow down much, on my old PowerBook G4 it ran like a dog... not tried it recently.
  6. msmth928 thread starter macrumors regular

    Jun 3, 2009
    Can you see any downsides to using a firmware password? Once set, the data on my MBA should be relatively safe, no? (I can't imagine your typical thief trying to solder the HD chips just to get at someone's emails, can you? Would it even be easily possible?)

    Thanks again for the reply!
  7. garybUK Guest


    Jun 3, 2002
    No worries, it's actually a problem i didn't think of until you mentioned it...

    I suppose if they are really determined the rMBP's still have removable SATA cards so they could whack it in one of those OCZ Caddy things.

    I just did some reading up and looks like since Lion+ they moved to CoreStorage LVM Encryption rather than using SpareBundles so it should be much faster!!! I'd go this route as full disk encryption would be better than just a firmware password.

    Downsides to a firmware password... if you forget it, your hosed? also it'd be a pain in the butt when booting etc.
  8. jdechko macrumors 68040

    Jul 1, 2004
    Apparently with newer Macs, the firmware password can only be reset by Apple, either through Apple or an AASP.

    Also, I don't think you need to input your firmware password when booting from the internal HD, only when you want to boot from a different device (such as Internet recover, external HD, TDM, etc).

    Good security information to know, though. Seems like Apple has plugged a bunch of holes related to firmware passwords which makes them more effective security.
  9. Stetrain macrumors 68040

    Feb 6, 2009
    I don't think that a firmware password would keep them from popping out the SSD and sticking it into another Macbook Air (or a compatible external enclosure like OCZ sells) to see what's on it. No soldering required.

    You would need FileVault to prevent that.
  10. AlanShutko macrumors 6502a

    Jun 2, 2008
    The Core i* processors have hardware encryption, so Filevault is a very, very minimal performance impact. I do not notice the impact on my2012 i7 MBA.

    There was definitely more of an impact on the Core 2 Duos, but it was still tolerable from the stuff I've read.
  11. maxosx macrumors 68020

    Dec 13, 2012
    Southern California
    It hasn't on mine.
  12. Mrbobb macrumors 601

    Aug 27, 2012
    If just against nosy people, firmware pwd is enough. However if you have bank accounts info, and other stuff you NEVER want anybody to see EVER, then encryption is recommended.
  13. msmth928 thread starter macrumors regular

    Jun 3, 2009
    Thanks for the replies everyone - I have enabled filevault and there doesn't seem to be any noticeable slowdown :)
  14. Weaselboy Moderator


    Staff Member

    Jan 23, 2005
    I am coming in late to the thread, but it is good that you enabled FV2. With Lion and Mountain Lion Apple was nice enough to put the admin password reset utility right on the recovery partition. So all a thief needed to do was command-r boot and use the utility to reset your password and they are in. FV2 blocks this.

    Here is a good test from Anadtech showing the speed hit from enabling FV2. It is very minor.
  15. Miat macrumors 6502a

    Jul 13, 2012
    Running FV2 is not an issue on my 2007 C2D iMac.

Share This Page