Virus on host notebook from external ssd?

Discussion in 'MacBook Pro' started by nndei, Jul 13, 2017.

  1. nndei macrumors newbie

    Jul 10, 2017

    I was wondering about getting an external SSD to boot macOS 10.12 from. I mean basically using my MBP as a host that shares all the hardware but the storage with the external SSD.

    My question is, if I get a virus on the SSD, will it affect the MPB even when booted on the soldered apple drive?
    So if I get a virus on the ssd, while booted on it, will the Mac still be safe if I use it normally, booting on the original internal drive?
    Thank you, neri
  2. killawat macrumors 65816

    Sep 11, 2014
    I'll try to answer and skip over a lot of the security bs but just to get to the gist

    If the OS running on your external SSD can mount your internal SSD then the files could be modified by anything, virus, accidental deletion etc.

    The safest way to protect yourself in this scenario is to FileVault encrypt the internal drive and don't mount it when enumerated by the external SSD install. On 10.12, this is enabled by default, unless the user disables this during initial setup.

    The external SSD install could still erase the device but not modify it.
  3. nndei thread starter macrumors newbie

    Jul 10, 2017
    I disabled filevault as I got the MacBook Pro because I felt like it would have limited its performances with programs like CAD or DAWs for music production, does it?
    I don't speak English mother-tongue and I didn't really get the part about "don't mount it when enumerated by the external ssd install", does it mean that during the installation process of the OS I get told to do something to link the two SSDs?

    And, for the last part, you're saying that the external ssd could still delete everything I have on the internal one, but not modify it's files and therefore cause a mess with a virus?
    If so then this is not a big problem as I keep backing files up right?

    Thank you!
  4. leman macrumors G3

    Oct 14, 2008
    You'll have to choose whether you want security or performance, can't really have both :) But the performance impact of FileVault is so small, that you most likely won't even notice it.

    What this means basically is "not enter the password for your internal SSD and don't let it appear as a volume, so that the external OS can't access it at all"
  5. nndei thread starter macrumors newbie

    Jul 10, 2017
    Oh, ok. So when does this thing show up eventually? Because I have never done anything but stuff like clean installs when I have to press alt when booting up and the terminal thing and so on... is there any certain scenario I'm which this thing happens as I get to
    1) make the ssd bootable
    2) start up on the ssd
    3) create an account on the ssd
    4) download stuff

    Or you mean I just need to create different passwords for the account on the internal and external?
    I swear I'm good at my stuff but with this stuff talking to me is like talking to a wall
  6. leman macrumors G3

    Oct 14, 2008
    Well, if you internal SSD were encrypted (FileVault), then when you boot from an external drive, the system would ask you for a decryption password. Thats it. You are right that normally it doesn't show, because no password is needed.
  7. nndei thread starter macrumors newbie

    Jul 10, 2017
    Ok so basically at that point I must not give it the password to decrypt the disk right?
    But can I boot on the ssd properly anyway?

    And also if I activate FileVault now (since it takes some time I can save some time for later) and insert the ssd because I want to check its health, will it ask for a password and remember it afterwards, even if now it is clean with no OS whatsoever on it?
    So do I need to activate FileVault once I have checked the ssd's health on the mac and installed the OS on?
    Or does it remember it if I use it to create the bootable ssd maybe?
  8. leman macrumors G3

    Oct 14, 2008
    I think you are making it much more confusing than it really is... the situation is really very simple. When you boot from an external drive, the OS on that drive will try to access (mount) your internal disk. If that disk is password protected, yo will be asked for a password. Just don't give the password, and the OS won't have any access to your internal disk.

    If you want to attach the external disk while running from the OS installed one the internal drive, its a completely different thing, because its a different instance of the OS!
  9. nndei thread starter macrumors newbie

    Jul 10, 2017
    Ok I think I got the first part.
    Yes I need to check the SSD's health beforehand because I have purchased one marked as "new with broken box" from a guy off eBay that claims it's completely working fine, he's got 100% feedback, lots of stars, and sells a lot of stuff here in my country since 2004 so I kind of believe him, but want to test myself before.
    Once I have tested it I will then create the bootable SSD using my Mac ofc…
    The SSD will be clean at that point because nothing would be installed on it, but will the procedure of creating the bootable SSD using my MBP create some sort of link between the drives anyway?
    that's all the sorcery I'm asking ahah
  10. leman macrumors G3

    Oct 14, 2008
    No. If you are SUPER-PARANOID, you can also make a bootable USB key with macOS installer and then install from there to the external disk :)
  11. nndei thread starter macrumors newbie

    Jul 10, 2017
    Ahah, that's a little too much. Thank you for your patience you have been very helpful
  12. nndei thread starter macrumors newbie

    Jul 10, 2017
    Hello again, I have managed to install macOS properly and use FileVault on my internal SSD. I was wondering how can I encrypt the bootcamp partition of my internal HD as well? Is there a FileVault kind of option for that? Or do I need to create the Windows partition again starting from the encrypted with FileVault internal HD?

Share This Page