Results 1 to 11 of 11
  1. #1

    Pigstick's Avatar
    Member Since
    May 12, 2011
    Location
    China
    Posts
    79
    Specs:
    Mac OSX 10.7.3: MBP 15" Early 2011 2.0GHz i7, 8GB, 500GB 5400RPM
    Security, encryption etc.
    Hi,

    Couple of months into the MBP and so far so good! I am about to go on holiday and have a few questions about security.

    1. Hardware. As I understand it, if nasty person steals my MBP then, ignoring the data, he could simply start the computer with a system disc and reformat the hard drive and have a nice new computer? Apple has an option to install a firmware password which would prevent this but according to their support site this can be disabled by physical access to the inside of the computer, so is it worth the trouble? I am thinking of this as sort of a BIOS type password?

    2. I currently use TrueCrypt which has served me well for years, for the relatively small number of files I need to encrypt, but I am conscious of the many posts recommending to use what comes with the machine- great advice so far. So I have read that I could use the disc utility to create a new image which would be encrypted? Is this actually a better way of doing things - TrueCrypt is excellent but can be a bit clunky? With TrueCrypt I can take it anywhere, could I put the disc image onto a thumb drive and open it from other Macs? I realise that I could encrypt the whole drive but this seems a bit over the top and wouldn't allow me to take a small number of encrypted files away... Some files I could simply encrypt using the option on Preview but I cannot find what level of encryption this is?

    3. And finally(!) it has now occurred to me that my Time Machine backups are not encrypted. I do not see an option for encryption on the Time Machine preferences, - is there a way to do this without encrypting my MBP hard drive?

    (Minor other thing. I was playing with Automator, having read an excellent post by lifeisabeach and have created a service - how do I delete it!!)

    Thanks for the help!

  2. #2


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    Quote Originally Posted by Pigstick View Post
    1. Hardware. As I understand it, if nasty person steals my MBP then, ignoring the data, he could simply start the computer with a system disc and reformat the hard drive and have a nice new computer? Apple has an option to install a firmware password which would prevent this but according to their support site this can be disabled by physical access to the inside of the computer, so is it worth the trouble? I am thinking of this as sort of a BIOS type password?
    Not really the same thing as a BIOS password. But the rest of your scenario is true. Disabling the firmware password is a LOT more trouble than just "has physical access to the computer," so yes if you think your laptop is at high risk of being stolen then it's probably worth doing.

    2. So I have read that I could use the disc utility to create a new image which would be encrypted? Is this actually a better way of doing things - TrueCrypt is excellent but can be a bit clunky? With TrueCrypt I can take it anywhere, could I put the disc image onto a thumb drive and open it from other Macs?
    Yes.


    3. And finally(!) it has now occurred to me that my Time Machine backups are not encrypted. I do not see an option for encryption on the Time Machine preferences, - is there a way to do this without encrypting my MBP hard drive?
    Not that I'm aware of, but your TM backup isn't on your MBP hard drive -- or at least it shouldn't be (that would be kind of dumb). I know there are hard drives that employ their own hardware-level encryption, but I've never used one so I have no idea if it would work with TM or not.

    Another option is using a clone program to create a clone image of the drive to an encrypted sparse disk image (this would be in place of using TM for backing up). I believe this can be done with SuperDuper or Carbon Copy Cloner though again I've never tried it.

  3. #3

    Pigstick's Avatar
    Member Since
    May 12, 2011
    Location
    China
    Posts
    79
    Specs:
    Mac OSX 10.7.3: MBP 15" Early 2011 2.0GHz i7, 8GB, 500GB 5400RPM
    Progress
    Thanks for the reply!

    I have had a play with the Disc Utility and created a .DMG 'file'(?) which I understand to be a kind of folder. Works great. Small enough to include on Dropbox and a neater interface than TrueCrypt, although I lose the ability to load it across systems.

    I am a bit surprised about Time Machine. It is one of my favourite things about the Mac, painless (and just cool to watch). Although I do not need to encrypt my entire hard drive on the computer, I do think that having a back up drive encrypted is sensible at times, especially if you store it off site as I do. If I lose my little hard drive (I'm preparing for a really bad day between my MBP being stolen and losing my back up drive!) I'd like to think it had some protection.

  4. #4


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    A DMG file is short for Disk Image. There are two types: fixed and "sparse." As you may already know, a sparse image grows as you put more stuff into it. Storing a sparse image on Dropbox will work fine as long as you're careful not to exceed the 2GB.

    Apple has a system for encrypting the entire User Folder (not the entire HD, since there's no reason for systems or apps to be encrypted) called FileVault. I would **STRONGLY** recommend you AVOID it -- it is very prone to people forgetting the master password or simply becoming corrupt, and if either of those happens your data is simply gone (there's no way to recover it).

    Lion (coming next month) will have a new scheme called Filevault 2 -- my advice would be to anyone considering the use of Filevault would be to wait and check out Filevault 2 and see if they've corrected the issues that made the original Filevault a huge disaster for so many people.

  5. #5

    Pigstick's Avatar
    Member Since
    May 12, 2011
    Location
    China
    Posts
    79
    Specs:
    Mac OSX 10.7.3: MBP 15" Early 2011 2.0GHz i7, 8GB, 500GB 5400RPM
    Hi,

    Thanks once again for the reply. I did not know about the sparse image so really useful tip - thanks.

    I didn't know about the problems with FileVault corrupting. That leads me to wonder about the stability of the .dmg image option I am now using - and like a lot. Does it suffer from the same issue, as I believe it uses the same encryption system, or is it more reliable? I am backing it up, along with Time Machine, so unlikely all would be lost but I'd rather avoid an unreliable method.

  6. #6


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    No, it doesn't suffer from the same issue.

  7. #7

    Slydude's Avatar
    Member Since
    Nov 15, 2009
    Location
    North Louisiana, USA
    Posts
    10,308
    Specs:
    2.8 GHz MacBook Pro 10.11, 8 GB mem, iPhone 6+
    Most of the time I deactivate services from the Keyboard preference pane and leave them on the system in case I need them later. If you want to delete a service the path is User/Library/Services.
    Sylvester Roque Former Contributing Editor About This Particular Macintosh

    "Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling

  8. #8

    Pigstick's Avatar
    Member Since
    May 12, 2011
    Location
    China
    Posts
    79
    Specs:
    Mac OSX 10.7.3: MBP 15" Early 2011 2.0GHz i7, 8GB, 500GB 5400RPM
    Thanks Slydude, problem sorted...

  9. #9

    Slydude's Avatar
    Member Since
    Nov 15, 2009
    Location
    North Louisiana, USA
    Posts
    10,308
    Specs:
    2.8 GHz MacBook Pro 10.11, 8 GB mem, iPhone 6+
    Glad that helped.
    Sylvester Roque Former Contributing Editor About This Particular Macintosh

    "Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling

  10. #10

    EvenStranger's Avatar
    Member Since
    Dec 09, 2010
    Location
    Virginia
    Posts
    844
    Specs:
    Currently 13" Late 2010 MBA, 4GB/128GB; Early 2011 13" MBP, dual core i7 2.7ghz, 4gb ram, 500gb hd
    I strongly recommend NOT using encryption UNLESS you have a good backup. Encryption creates a single point of failure for your data. Bits get corrupted, the entire vault is lost. If you're concerned with the security of your backups, I've been using an Apricorn drive - hardware encrypted with AES-256 bit encryption, numeric keypad for access, and bus powered. The retail on the 640GB drive is about $130 now. I've been very impressed with the drive.

  11. #11

    Pigstick's Avatar
    Member Since
    May 12, 2011
    Location
    China
    Posts
    79
    Specs:
    Mac OSX 10.7.3: MBP 15" Early 2011 2.0GHz i7, 8GB, 500GB 5400RPM
    Thanks for that. Had a look at the Apricorn drives and they look a good solution, just got to track down a local supplier. Theoretically I believe that hardware encryption should also be faster.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. encryption
    By the-libertine in forum OS X - Operating System
    Replies: 0
    Last Post: 09-29-2011, 11:50 PM
  2. Why did my network security encryption change from WPA to WEP?
    By Diva in forum Internet, Networking, and Wireless
    Replies: 2
    Last Post: 09-25-2009, 06:02 PM
  3. Replies: 5
    Last Post: 04-28-2008, 04:09 PM
  4. Encryption Help!
    By p1p3r in forum Switcher Hangout
    Replies: 1
    Last Post: 03-06-2008, 07:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •