Dec 19, 2012

How secure is FileVault?

I'm pretty new to the world of Mac, having used mostly Windows PCs for more years than I like to admit. I've never used FileVault before, but I just turned on FileVault on my work issued MacBook. Is this really a secure encryption method, or is it just a weak "consumer use" security blanket?

Here's a good background article.


"FileVault 1 was introduced with Mac OS X Panther. Encryption may apply to a user's home directory, but not the startup volume. The operating system uses an encrypted sparse disk image – a large single file – to present a volume for the home directory.
Mac OS X Leopard and Mac OS X Snow Leopard use more modern sparse bundle disk images[1] – 8 MB bands (files) within a bundle.

OS X Lion and greater offer FileVault 2,[2] which encrypts the OS X startup volume in its entirety and typically includes the home directory – without using a disk image. For this approach to disk encryption, authorised users’ information is loaded from a separate non encrypted boot volume[3] (partition/slice type Apple_Boot).

Systems with FileVault 2 may describe FileVault 1 as legacy FileVault."

FireVault II is as secure as your password for the most part. It uses 128-bit AES encryption. If someone got hold of your Mac and didn't have your FireVault password, they might be able to boot it from an external drive, but that would only let them reach the non-encrypted portions of your system (which at least in the original FireVault was all the stuff that is not in your home folder. 


Answer this