Security on the Mac
Since its rise in popularity, Apple has been keen to focus, in part, on what it deems as one of the relative strengths of OS X over other operating systems: security. Part of this is the way the system is built, in the ‘UNIX core’; the other is array of features included over time, such as FileVault, and more recently, Gatekeeper.
Despite these inclusions, it is important to keep in mind that although these features can be useful, and definitely can serve to protect users against the malice of others, they are in no way a guarantee of protection. Unfortunately, the often excellent aspects of the unregulated nature of the Internet has the unfortunate by-product of harbouring some inherent risks involved in merely being connected.
That being said, there are some straightforward steps that you can take – depending upon how worried you are – to protect your information. I’ll detail them here.
‘Whole Disk’ Encryption
When a users says they use ‘Whole Disk’ encryption, they are usually explaining that most of the contents on their hard drive is encrypted by default, requiring their password at each startup. Whenever a computer with ‘whole disk’ encryption is running, a special service translates the encrypted data on the hard drive to the unencrypted data required by the operating system and programmes running on the computer. Running this translation service all of the time does have some impact on performance, but good implementations on modern computers can render this negligible.
Due to the nature of the way computers start up, it is generally very difficult to impossible to encrypt every single piece of information on the computer; the computer would struggle to know how to start up, before it could even ask for a password. So, although generally not a concern in relation to the security of your data – everything of importance that you generate should be encrypted – it’s worthwhile keeping in mind that ‘Whole Disk’ encryption is actually encrypting a large portion of your hard drive, and that’s where everything you’ve ever cared about is stored.
One of the easiest things for users to do, since OS X 10.7 (Lion), has been to enable FileVault 2 on their computer. This is a ‘whole disk’ encryption method, included in and supported by the operating system.
Inside the ‘Security & Privacy’ pane of System Preferences lies FileVault. While the previous version of FileVault encrypted users’ home directories, FileVault 2 takes a similar technology and applies it to most of the hard drive.
As the previous window warns, unless you can provide exact answers to the questions when you need to recover your key, Apple is unable to provide you your recovery key.
After filling out these questions, if you wish, the process in then complete.
The process of encryption is then undertaken after the restart, during which time you’re able to continue using your computer.
Why, then, does the ability to encrypt individual files continue to be of so much interest? Because ‘full disk’ encryption is only one part of how your files are likely to exist, and because nothing is ever always secure.
Even though you might desire to keep your files away from some people, it is conceivable that you might want to send a friend something sensitive. Due to the way email works – sending your message, via multiple computers, to your friend’s email server – your message can be accessed by any of the machines that relays your email on to another email server. Unfortunately, email (much like the internet, as a whole), is an insecure medium. By encrypting that which is private, you will be able to circumvent the ramifications of your message being intercepted.
Furthermore, ‘full disk’ encryption is subject to some attacks. As outlined this paper, it is necessary for the computer to store the password in memory, so that it can always decrypt the contents of the drive. Unfortunately, that means that access to the memory could yield the password to decrypt the drive. Clearly, ‘full disk’ encryption can’t do it all.
One of the most talked about aspects of disk images is the ability to encrypt them with a password. Encrypted disk images are files which, when ‘opened’, act much like you’ve attached some external media to your computer; that is, they act as if they are another drive, separate from your computer. When you create the disk image (pictured, below), you are able to nominate how much storage capacity your disk image should have.
You are able to choose two encryption methods: one where the emphasis is on speed; the other where the emphasis is on security.You will be prompted for the password you want to be entered before the files on this disk image can be accessed.
After entering the password, you’ll be able to do whatever you want to the contents of the drive, much like an external hard drive.
An alternative to using disk images, and a favourite application of mine, is TrueCrypt. While disk images work well on OS X, there is little to no support on Windows or Linux. TrueCrypt, however, is an open source, cross-platform application, that works in a very similar way to encrypted disk images. It also has a number of additional features, such as ‘plausible deniability’, where the user can claim that the encrypted file is nothing other than a corrupted file, indistinguishable from random data. There is also the ability to create hidden volumes, which allows users to show a decoy set of files if they are forced to reveal their key.
So, What’s The Best Choice?
As with most things, it’s a wise selection of each for different applications. The ease of set-up, and the low processing overheads when using FileVault 2 mean that unless you store absolutely nothing personal on your computer, it’s prudent to turn it on.
For particularly sensitive information, it’s best that you decide. Encrypted disk images are easy to deal with, and sparseimages can be used to accommodate increases in space requirements. On the other hand, if it’s a rational fear that someone is out to get your files, TrueCrypt will give you both the operating system cross-compatibility that a life on the run might necessitate, as well as the strength to help you avoid FBI decryption after a year of trying.