On 12/12/2007 14:21 PM, "Ansgar -59cobalt- Wiechers"
<email@hidden> wrote:
>>> You missed the point. Without on-the-fly encryption data might leak
>>> out of a FileVault due to a power outage (or someone pulling the plug
>>> or whatever). The possible data leak would make it more than just a
>>> "physical 'don't let people play in your login' issue". On-the-fly
>>> encryption, however, takes care of this issue.
>>
>> How is it going to be an issue if they don't have access to your
>> machine?
>
> If they didn't have access to the machine you wouldn't need any kind of
> encryption in the first place.
Incorrect. I can think of a half-dozen situations that call for/require FV -
style encryption, regardless of physical access.
>
>>>> If you're going to insist that FV cover every possible edge case,
>>>> then you may as well not use it until you get whole-disk encryption
>>>> on the boot volume for your Mac, because all someone has to do is
>>>> save somewhere other than their home directory, and FV is useless.
>>>
>>> I'm not insisting on anything. I'm explaining the benefit that
>>> justifies on-the-fly encryption despite its performance impact.
>>
>> Do you expect FV to encrypt ALL data transfers, regardless of
>> location?
>
> FileVault is basically an encrypted filesystem mounted to the user's
> $HOME, so I do expect FileVault to encrypt all writes to that
> filesystem.
>
>> Because otherwise, you have problems in various temp directories that
>> exist outside of the home directory. How do you deal with /tmp and
>> others?
>
> Swap is already encrypted, and /tmp can be taken care of by something
> like this:
>
> ----8<----
> dd if=/dev/urandom bs=1000 count=1 | hdiutil create \
> -encryption -stdinpass -ov -size $size -fs HFS+ -mode 1777 \
> /private/temp.img
> hdiutil attach /private/temp.img -noautoopen -mountpoint /private/tmp
> chmod +t /private/tmp
> ---->8----
>
> Which other temp directories outside /tmp and $HOME user-writable? I'm
> not aware of any.
Swap is not encrypted by default, and are you going to do that for every
user-writable directory on the box? FV is really designed to solve one
specific problem, it is not even close to a full-on encryption setup.
Secondly, there are many situations where you have data kept outside of the
user home directory. Applications running local mysql databases, Adobe
Acrobat likes to put things all over the place, etc. You going to encrypt
all the cache files? There's a lot of non-obvious stuff being written
various places, you encrypting it all just in case someone steals your
machine? At that point, just encrypt the whole thing at the EFI level and be
done with it.
FV does exactly one thing...it encrypts your home directory so that when
you're not logged on, the data *in that directory* is secured. It's even
reasonably secure if someone else has physical access to that machine. There
is absolutely no sense in encrypting the writes to that directory when it's
mounted during login, barring a requirement of writing to an encrypted disk
image. Once you expect it to do anything past that, you run into problems.
The way FV works makes using it with Time Machine rather tricky, which is
probably why you don't have that feature yet.
--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
