Re: [Fed-Talk] how to crypto erase a Mac?
Re: [Fed-Talk] how to crypto erase a Mac?
- Subject: Re: [Fed-Talk] how to crypto erase a Mac?
- From: "Trouton, Rich R" <email@hidden>
- Date: Sat, 22 Nov 2014 23:19:53 +0000
- Thread-topic: [Fed-Talk] how to crypto erase a Mac?
If the FileVault 2-encrypted Mac in question can receive a wipe command via MDM, the wipe command yanks the volume encryption key. The volume encryption key is the last key in the chain of encryption keys used to unlock an encrypted volume, so
removing that key makes all data on the encrypted volume effectively unrecoverable.
I talk about the keys used in FileVault 2 and how they work together as part of this talk I gave at last year's Penn State MacAdmins conference:
Thanks,
Rich
On Nov 21, 2014, at 6:41 PM, Marcus, Allan B < email@hidden> wrote:
Sorry if this has been asked before.
If I use FV2 to encrypt a Mac’s drive, is there a way to delete the key used for that encryption? On iOS devices the keys are stored in efacable memory. On a Mac with an SSD is that the case too? From my understanding is SSD’s may or may not erase
data, which is why Apple did the efacable memory thing.
--
Thanks,
Allan Marcus
Chief IT Architect
Los Alamos National Laboratory
505-667-5666
If you always do what you always did, you will always get what you always got. [Albert Einstein]
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list ( email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
---
JFRC Help Desk
phone: x4030
The best way to get in touch with me is through email.
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden