[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BRU, tape drives and XServe

Subject: Re: BRU, tape drives and XServe
From: "John C. Welch" <email@hidden>
Date: Wed, 12 Dec 2007 11:42:36 -0600
Delivered-to: email@hidden
Delivered-to: email@hidden
Thread-index: Acg85mG9EHrOgnZq2UqVGG7eOVWomQ==
Thread-topic: BRU, tape drives and XServe
User-agent: Microsoft-Entourage/11.2.5.060620

On 12/12/2007 11:36 AM, "Ansgar -59cobalt- Wiechers"
<email@hidden> wrote:

>>>> Actually, I don't think FV does on the fly encryption of every write
>>>> you do, but I could be wrong there. That kind of encryption has a
>>>> non-zero amount of overhead, and because you're talking about a lot
>>>> of encryption/decryption throughout the day (even if you never
>>>> recover something), that's a significant resouce hit.
>>> 
>>> It is. However, anything else would defeat the purpose of FileVault,
>>> because then files would have to be cached unencrypted outside the
>>> FileVault. AFAICS.
>> 
>> When you're logged in, you don't care, at that point, it's a physical
>> "don't let people play in your login" issue. You only care about FV
>> encryption when you aren't logged in. As long as nothing's left
>> unencrypted outside of FV when you're not logged in, it's all good.
> 
> I don't see how you'd be able to guarantee that without on-the-fly
> encryption. Simple example: if files are cached outside the FileVault
> something like a power outage may lead to data leakage.

Something like a power outage may lead to a hard drive crash too. There's no
"guarantee" with FV. I have yet to see Apple claim that FV is perfect in
that manner. If you're going to insist that FV cover every possible edge
case, then you may as well not use it until you get whole-disk encryption on
the boot volume for your Mac, because all someone has to do is save
somewhere other than their home directory, and FV is useless.

I don't expect FV to be perfect when the power drops, or a head crash. I
expect it to work as advertised, and it is not advertised as a military or
even high-security product.

-- 
John C. Welch         Writer/Analyst
Bynkii.com              Mac and other opinions
email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: BRU, tape drives and XServe
  - From: Ansgar -59cobalt- Wiechers <email@hidden>

References:
	>Re: BRU, tape drives and XServe (From: Ansgar -59cobalt- Wiechers <email@hidden>)

Prev by Date: Re: BRU, tape drives and XServe
Next by Date: Re: [10.5] Kerberos database
Previous by thread: Re: BRU, tape drives and XServe
Next by thread: Re: BRU, tape drives and XServe
Index(es):
- Date
- Thread

Home