FileVault Poll

FileVault Poll...

  • I've used it and had problems/didn't like it.

  • I've used it and had no problems/liked it.

  • I haven't used it but think it's a good thing.

  • I haven't used it but think it's a bad thing.

Results are only viewable after voting.
fryke

fryke

Moderator
Staff member
Mod
Ever used FileVault? Or just heard good/bad things about it? I wonder...
I wondered whether I should add "Never even heard about it", but I think if you would choose that one, you're not very relevant to this poll. ;) You can still put a comment into the thread, of course.
 
I haven't used FileVault and had mixed feelings about it (I opted for saying in the poll that it was a good thing, though). The idea of extra security for one's home directory sounds like a good thing to me. I would have thought that it could be all the more important for laptop owners, in case of theft.

On the other hand, I heard that FileVault uses a single, encrypted file to store all the data. If this is true, I could imagine that if that one file were somehow corrupted, it could be A Very Bad Thing...
 
Haven't used it, and I think it's a bad thing....sort of. I've heard from people far more informed on the matter than I am say that it has too many show-stopping gotchas to be a standard, easily-accessible feature, but that if you know what you're doing, you can use it with no real risks.

I don't know what all those gotchas are, but I seem to recall something about how you shouldn't use encrypted disk images within your home directory (which is itself an encrypted disk image with FileVault on).

Of course, with everything stored in one file, you are highly screwed if it becomes corrupt. AFAIK there are no consumer-level programs that allow you to recover data from corrupted encrypted disk images. I'm sure there's a way, but I'm also pretty sure that not just anyone can do it.

If I had a laptop, I would consider using it. But not until I did a lot of research on the topic and really knew what I was getting into.
 
I've seen it cause more problems than solve it.
For a few reasons I'm no into using it : first, it slows the system down by about 2 %. When editing certain things, I don't need to lose that 2 %. Then, I don't need EVERYTHING encrypted on my home folder, rather just certain files or folders, AND the things one the external, portable hard drive. Third, there is always the risk of corruption .. something corrupts, and your home folder is gone. Or the computer shuts down without shutting down properly, and it's gone. Way too often I see people with absolutely no backup of their files, and then things go wrong ...

So, instead open firmware password, and login prompt where you have to know the user name and password, AND then the things that need to be encrypted are encrypted, no matter if they are located on my home folder, elsewhere on the hard drive, or on the external hard drive, OR on my backup CD or DVDs.
 
Good poll!

I did use it, I had no idea what it was but if it offered more security it couldnt be a bad thing right? Well one day everything corrupted... or something and I think I lost everything, it was a while ago so I cant remember if I got my data back but it wasnt a good thing for me. It not like I have any confidential files on my computer anyway.
 
Ferdinand said:
That's exactly how I feel about this.
Click to expand...

Same for me. The wasted disk space for the encryption is the big reason for my decision. I also by on login and screen password set and change the passwords on a regular schedule.
 
Can't see how an encryption method that can't be undone if you forget the password could be a good thing.
 
Used it from the first day on my laptop and almost a year, haven't had any problems.

Had more than 10 forced shutdown/reboot.

The only thing that might have been caused by FileVault is that my Application and Support directory got corrupted. I was not able to read it, delete it, or write to it. Luckily I've got a backup.

I did try to turn it off a few months ago, but I think my home directory has grew too big and it always fails to decrypt everything, so I leave things as they are.
 
Natobasso said:
Can't see how an encryption method that can't be undone if you forget the password could be a good thing.
Click to expand...
? ... But if it can simply be _undone_ without the password, what good would the encryption be? Nah, I don't buy that. If I want security, I don't want a backdoor. You also don't buy a safe where you have to decide on a combination, but "0, 5, 10" will always work, right?
 
OS X allows you to set a master password for FileVault as well, so you could unlock FileVault with that even if you forget your account password. That's about as accommodating as any security system can be while still being secure.
 
I think it's good to provide several levels of security. I don't use it at home, but we have something equivalent on the portable PCs at work to avoid that anybody can steal one of our drives to get access to our data... it did happen probably 15 years ago when we presented a new software on a fair.
 
I've seen iProtector, another solution is to create virtual disks with encoding (use Disk Utilities for that).
 
The big advantage of FileVault is that it encrypts everything in your ~/Library folder. That includes all your application preferences, your bookmarks, your browser history, your cookies (which could contain lots of passwords), probably all your email, your calendars, etc. — quite a lot of personal data. AFAIK, FileVault is the only way to encrypt this data.
 
Yes. The basic *idea* of FileVault isn't entirely bad in my opinion. But it comes with so much collateral damage (or rather collateral issues), that I wouldn't really trust it personally. When they first introduced it, I wanted to try it. And it simply didn't work for me at that point, because on my notebooks, my home folder is _always_ bigger than the available free space. Well: Not when I buy a new one, of course - and I could have reinstalled everything, turned on FileVault and get the stuff back from the backup, but it just seemed too much hassle back then. And when I thought I'd try again, the first messages popped up on macosx.com and other forums about how it plainly didn't work right! People lost settings, people got strange messages about how something saved some space (freaky if you don't really know what the system means and what it's doing...)...

Sure, security is a good thing. More security is a better thing. But it all comes down when the hassle becomes too much.

If you're worried about those saved passwords: Don't save them. Security, in my opinion, also means that you change your passwords often enough and use separate ones for separate things.

Personally, I rather pay attention and _don't_ let my MacBook get stolen and _don't_ leave it in a Café when I'm going home. I know that sounds obvious, but if no one tampers with my notebook, local security isn't that much of an issue.

Remote security is a bigger problem. But if you're logged in, your FileVault image is decrypted. And if someone manages to hack his way onto your Mac from outside as your username, the filesystem is already decrypted, so FileVault isn't doing much good. Also I've come across tons of people who have FileVault activated but keep logged in and put their notebook to sleep - without any password protection. So a thief would simply wake it up and have access to everything - as long as he doesn't logout or restart. I guess it all depends on what kind of bad things you _expect_ will happen. ;)
 
Hmmm I always logged in on my MacBook and I have been wondering, when I close the lid and it goes to asleep, the files are still decrypted or? I have it to password prompt on wake up, but it can't be encrypting and decrypting every time I close and open the lid, right?

IMHO using FileVault is just a matter of backup your home folder to somewhere safe.
 
fryke said:
? ... But if it can simply be _undone_ without the password, what good would the encryption be? Nah, I don't buy that. If I want security, I don't want a backdoor. You also don't buy a safe where you have to decide on a combination, but "0, 5, 10" will always work, right?
Click to expand...

I disagree. I think a safe that is yours should have some way of getting back into it if you lose the password. Just like buildings have master keys, so should my encrypted data. Let's face it, though, just about anything is crackable if enough time/resources are spent on it so it's almost a moot point.
 
You must log in or register to reply here.
Back
Top