JonHoyle.com Mirror of MacCompanion
http://www.maccompanion.com/macc/archives/October2007/Columns/Security101.htm

macCompanion MyAppleSpace Forum Archives Products Services About Us FAQs

Resources

                                           

Consultants

Developers

Devotees

Downloads

"Foreign" Macs

Forums

Hearsay

Link Lists

Mac 3D

Macazines

Mac Jobs

MUG Shots

News

Radio

Reviews

Think Different

Training

 

Mac Security 101

http://www.applemacpunk.com

applemacpunk@cox.net

by Kale Feelhaver

 

FileVault: What does it do and why do I need it?

 

One of the questions I constantly hear is, “what does FileVault do and why do I need it?” FileVault is an encryption service built into Mac OS X that encrypts the contents of your home folder. However, just turning it on won’t necessarily increase your security. There are a few things you should know first.

 

I constantly hear… “…but nobody can get into my home folder anyway because OS X protects it.” This is true to a degree, but not entirely. Mac OS X uses the Unix permissions model to ensure only an authorized user has access to their own home folder. So if you have two users on the same Mac, they can not see the things inside the other’s home folder (with the exception of the Public directory).

 

Permissions are one thing, but encryption is another thing entirely. Think of permissions as security guards, and encryption as a lock box. Security guards are useful, but you can sneak past them, or trick them and get to the restricted area.

 

A lock box is different. Once the box is locked, nobody can view the contents except the person who has the key. Even if they steal the lock box from you… they still can’t open it. This is exactly how FileVault works. It assigns a cryptographic key to each user. When that user logs in, the box is opened. When they log out, the box is locked.

 

So why is this useful? Let’s say you’re traveling with your MacBook, and let’s say you’re a security conscious Mac user, so you have your system set not to allow automatic login (many Mac users have automatic login enabled which is a bad security practice). Now… let’s say your laptop is stolen. The perpetrator runs home and starts your laptop to try to steal your data. He gets dumped at a login screen and can’t go any further because he doesn’t know your password. However, if he is a savvy Mac user, he can still get to your data. He can pull the hard drive out of your Mac and put it into a USB enclosure. Then he can access the data on the disk without the permissions and passwords inhibiting him. If he’s an advanced Mac user, he probably understands target booting. Connect 2 Macs with a FireWire cable, then boot the first Mac with the T key held down. Then boot the second Mac normally. The second Mac will be able to access all of the data on the first Mac’s hard drive. While this is a convenient feature, and it is often useful, it is also a major security flaw.

 

In both of the above scenarios… FileVault would have made all the data in you home folder unreadable. For those of you who understand encryption, FileVault uses the AES-128 algorithm to encrypt. This algorithm yields 3.4 X 10^38 possible 128-bit keys. To put that in perspective, if you could crack a 56-bit DES key in 1 second, it would take you approximately 149,000,000,000,000 years to crack AES-128.

 

In order for FileVault to work though… a few other factors have to be taken into consideration. First, you must disable automatic login, or it completely defeats the purpose of FileVault. If your computer logs in automatically, it essentially “unlocks the box” without any input, which completely circumvents the encryption. Also, you must have a password set, and it must be hard to guess.

 

I know a lot of Mac users that have a blank password, or set it to something simple like “password”. Again, the account password is what “locks and unlocks the box”, so a weak or blank password will compromise the encryption. By the same token, do not store your password anywhere near your Mac.

 

I have met Mac users that write their password on a piece of tape and put it on the bottom of their laptop. Obviously, this compromises the encryption as well. Here’s the bottom line, if you’re going to use FileVault… you MUST protect your password. It is the key to the kingdom so to speak. Your password should be complex and secret, and do not share it with anyone (see Security 101: Secure Building Blocks, MacCompanion April 2006).

 

Also remember, FileVault only encrypts your home (/Users/your_user_name) folder and everything beneath it. I know several users that will create a folder on the root of their drive called “projects” (or something similar), and store everything in that folder. FileVault will NOT protect these files. It only protects things in your home folder. Make sure everything you need to keep secret is in your home folder before enabling FileVault.

 

Last but not least, do not leave your Mac logged in all the time. I know many Mac users that do this. Remember, when the Mac is logged in, the box is unlocked. So when you’re done working, either log off, or set your Mac to require a password to unlock from sleep or screen saver. Encryption does not work by itself. It also requires some user intervention, and a little education.

 

Is FileVault for you? It all depends on what data you store on your computer and what value you place on that data. If you store business critical data and financial information on your system, it may be worth it to you. If you store nothing of importance on your system and still make frequent backups just in case, it may be a nothing more than a hindrance. If you like having blank (or simple) passwords, FileVault really won’t protect anything. If you in a creative field and are protective of your work, FileVault might be a necessity. Every person’s needs are different. The most important thing to keep in mind is this… just turning on FileVault does not make it work. You must also be using a secure computing methodology in general. If you are already doing this, turning on FileVault will cause little impact to the way you work. If changing to a more secure methodology will be big change for you… you might want to take it one step at a time.