Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How To Replace FileVault With EncFS

timothy posted more than 4 years ago | from the for-secretive-tweakers dept.

Encryption 65

agoston.horvath writes "I've written a HOWTO on replacing Mac OS X's built-in encryption (FileVault) with the well-known FUSE-based EncFS. It worked well for me, and most importantly: it is a lot handier than what Apple has put together. This is especially useful if you are using a backup solution like Time Machine. Includes Whys, Why Nots, and step-by-step instructions."

cancel ×

65 comments

Sorry! There are no comments related to the filter you selected.

Question (1)

swehack (975617) | more than 4 years ago | (#31136566)

What are some flaws in FileVault that might make me prefer EncFS? I've only been thinking of activating FileVault lately and my only other experience has been with ELI in FBSD.

Re:Question (1)

obarthelemy (160321) | more than 4 years ago | (#31136618)

RTFA ?

Answer (4, Informative)

lakeland (218447) | more than 4 years ago | (#31136624)

I'm tempted to say RTFA but in the interest of saving you and no doubt others a bit of time:

"The biggest mistake Apple did with FileVault is storing the encrypted home directory on a virtual file system. All of FileVault's drawbacks originate from this. The implementation is brilliant, free of bugs, fast and well thought over. But why they decided to have all the trouble with a filesystem in a filesystem remains a mystery."

Essentially, instead of mounting /Users/your_username via FIleVault, Apple decided to add a sparse bundle file to your home directory with all of the contents. The worst impact of this design flaw is it adds a lot of time overhead at log out. If apple instead created a different partition for each user's home directory then there are no real flaws with FileVault.

I can see why Apple did it they way they did - dynamically resizing partitions as the user adds data to their home directory sounds... scary.

Re:Answer (1)

remmelt (837671) | more than 4 years ago | (#31137086)

The biggest drawback of that is that Time Machine only works when you are logged out. Also, the "galaxy" interface does not work, but I consider that less of an issue.

The entire point of Time Machine is that it makes hourly incremental backups as you work. Logging out every hour as a penalty for wanting an encrypted home folder is not very seamless.

Re:Answer (1)

ChiRaven (800537) | more than 4 years ago | (#31138796)

"...free of bugs ..."

Maybe now. Back in about 2003 I used it, and one day when I logged on to my Mac, I got a message telling me that the file was not a valid FileVault file. To make a VERY long story short, ALL attempts (yes, I had AppleCare) to recover the data in that vault failed utterly, so my data record today goes back no further than 2003 for most things (except a few old files that I've found on ancient floppy disks from waaaaaayyyy back when, before the advent of hard drives). Among the things I lost were the "upgradeable" copies of Photoshop and Illustrator (which my late wife had used since they first came out), and the original boxes had been lost in an interstate move the year before. So I no longer have those software packages. Thanks a lot, Apple.

Re:Answer (1)

siliconincdotnet (525118) | more than 4 years ago | (#31139694)

Same here. When FileVault (VileFault, if you like) first came out I ran into the same problem as you. I was able to repair it, log in, and recover some of my data (most resulted in the spinning beachball of death). Trying to convert back to a non-encrypted FS resulted in the machine telling me I needed roughly 12 petabytes of free disk space.

Shame really, it was a good idea, but a very bad execution I think.

Re:Answer (1)

bill_mcgonigle (4333) | more than 4 years ago | (#31145954)

I can see why Apple did it they way they did - dynamically resizing partitions as the user adds data to their home directory sounds... scary.

It's almost like they shouldn't have ripped ZFS out last summer...

Re:Question (3, Informative)

bazald (886779) | more than 4 years ago | (#31136640)

Maybe you could skim the article next time? Ah... who am I kidding. You just wanted first post, after all.

FileVault:
- Long waiting times at logout
- No shrinking while logged in
- Doesn't work well with Time Vault
- Proprietary
- Weak encryption
+ Well worked out and tested

EncFS:
+Get your space back
+Get rid of the long waiting times at logout
+Back your data up while logged in
+Be safer by using open-source

I can't vouch for the claims.

Re:Question (2, Interesting)

SethJohnson (112166) | more than 4 years ago | (#31136982)

And another Mac OS X solution is to create encrypted disk images using Apple's Disk Utility application [apple.com] (comes with the OS).

I like it because I have an office network and need business files to be encrypted, but accessible by other employees. File Vault is a single-user system unless your server is Mac OS X (ours is linux) and the files are stored in a user directory on that server. That opens up the problem that the login for the server then unlocks all the encrypted files.

Using Mac OS X disk utility, I've created several encrypted disk images on the server that users can mount over the network while having to give a password, etc. The server never knows anything about the encryption, etc It also enables a granular security policy to allow access to certain volumes to certain users.

Problems are that the disk images don't expand like File Vault apparently does. Also, doesn't use Time Machine effectively. (entire disk image would get backed up each time rather than only modified files). Other problem is that if the server becomes inaccessible, the client machines will write files to a temp location on the hard drive and the client user won't know they're not being saved to the encrypted disk image. Can present a security risk to those files being readable at a later date.

Seth

Re:Question (0)

Anonymous Coward | more than 4 years ago | (#31137254)

Problems are that the disk images don't expand like File Vault apparently does.

The solution to this is to create the original disk image as a sparse image with a maximum size that you know you'll never reach. The volume will start small and grow as needed, up to that maximum size.

Re:Question (1)

TheRaven64 (641858) | more than 4 years ago | (#31137444)

This is what Time Machine did in 10.4, but it has the down side that the space is never reclaimed. If you copy a 100GB file into the image then delete it, you will still be using the 100GB (I don't think this is fixed). With 10.4, home directories were created to be sparse images the size of the hosting disk. When I went from a machine with an 80GB disk to a 160GB disk, my home directory was still not permitted to grow to more than 80GB without decrypting and then recreating the FileVault image. With 10.5, it uses a bundle containing 8MB files and can add to or delete them as required. I think it will delete the 8MB files on the fly as they become empty and, when you log out, will defragment the filesystem to free up partially-used files from the bundle.

Re:Question (1)

zippthorne (748122) | more than 4 years ago | (#31138002)

Your home directory will automatically reclaim space when you log out, that's why it takes so long to do so when you have file vault enabled. But you can reclaim the space on a sparse disk image as well. Unfortunately a quick google search suggests that there is no gui functionality for this.

http://discussions.apple.com/thread.jspa?threadID=1774309 [apple.com]

Re:Question (0)

Anonymous Coward | more than 4 years ago | (#31142950)

>This is what Time Machine did in 10.4

Ummm... There wasn't Time Machine in 10.4. It was a new feature in 10.5

Re:Question (1)

blueg3 (192743) | more than 4 years ago | (#31137280)

You should use Disk Utility to create a large sparsebundle file. Sparsebundles play reasonably well with Time Machine (which is why they exist) -- although as far as I know there's no solution that is both ideal for Time Machine and also doesn't leak file metadata.

FileVault exclusively uses features present in the Disk Images framework (which you can access with hdiutil), except for the trick where it automatically mounts and dismounts the image when you log in and out, using your login password.

Re:Question (1)

ttldkns (737309) | more than 4 years ago | (#31137332)

Problems are that the disk images don't expand like File Vault apparently does. Also, doesn't use Time Machine effectively.

These problems both go away if, when creating a new encrypted disk image, you set the format to "Sparse Bundle Disk Image". Sparse bundles are the same disk image format FileVault uses.

It creates a mac OS bundle which contains a series of smaller files called bands which store chunks of the encrypted file system. The file grows in size with the data and is time machine friendly as it can detect the changes in the individual bands and back them up individually.

Re:Question (5, Interesting)

TheRaven64 (641858) | more than 4 years ago | (#31137072)

Having read the article, I'd recommend that no one else did. It's written in a preachy patronising tone by someone who is clearly an idiot. For example, he complains about weak encryption because it's 'only AES-128 and you can't change that', except that since 10.5 it's been AES-128 or AES-256, even AES-128 is more than secure enough, and the vulnerability with FileVault comes from how they store the key, not from the encryption used.

He also mentions just as a throw-away 'Don't forget that encfs doesn't support fancy filesystem operations, so don't just throw your whole homedir in there - it won't work.' So, in fact, this can't replace FileVault. Looking at the EncFS web site, I can't see any evidence that it's been audited (even the design, let alone the code). He recommends storing your decryption key in the keychain, which seems very odd; if you don't trust Apple's encryption of your home directory, why would you trust Apple's encryption of your passwords?

He finishes with 'The biggest mistake Apple did with FileVault is storing the encrypted home directory on a virtual file system'. Given that the limitations of EncFS come from the fact that it isn't a proper filesystem, I'd have to disagree there. FileVault does encryption at the block layer, just like most other encrypted filesystems. If you bother to read any of the papers in this area, you will see that there are a number of good reasons for doing this.

Apple did two things wrong with FileVault. They didn't let Time Machine sync mounted File Vault images with other encrypted images and they didn't provide an implementation of something like the TRIM command to let the low-level bits delete space when it was no longer needed.

Re:Question (1)

macs4all (973270) | more than 4 years ago | (#31141752)

For example, he complains about weak encryption because it's 'only AES-128 and you can't change that', except that since 10.5 it's been AES-128 or AES-256, even AES-128 is more than secure enough....

Actually, because of the way that AES-256 and AES-192 were implemented, AES-128 is actually MORE secure than AES-256 (or AES-192 [schneier.com] ). IANAC (IANA Cryptologist); but I just finished a project where AES-128 encryption was used, and one of the whitepapers I read said that AES-192 and AES-256 were kind of a kludge, and was actually far more susceptible to a certain class of attacks than AES-128.

Re:Question (1)

agoston.horvath (1744070) | more than 4 years ago | (#31154002)

Theoretically, you are perfectly right, and I can't argue with you. I could have written this in a more precise and defendable way indeed. Moving over to the practical side, though, there is still the problem outlined in the article. What would you recommend to people seeking a solution? Doesn't this method solve the problem for a lot of people? Sure, not for everybody. But for a lot of people, it does. See, it is extremely hard to make something perfect. One always has to leverage in practice. Even writing a howto is no exception.

Re:Question (1)

TheRaven64 (641858) | more than 4 years ago | (#31156290)

What people does this solve what problem for? It advocates using an encryption solution that hasn't been audited, uses an approach that leaks metadata, and an implementation that is not compatible with a large number of Mac apps. The only people for whom this is a good solution are open source fanatics who hate the idea of using a proprietary solution (but are fine trusting their encryption keys to one) and who don't run any Mac apps. I doubt that there are many of those that run OS X.

Re:Question (1)

blueg3 (192743) | more than 4 years ago | (#31137248)

While the FileVault system is proprietary, all of the cryptography is just done through OpenSSL, and what cryptographic routines it uses are documented. (To be fair, they're not documented by Apple, they were reverse-engineered.)

I wouldn't call 128-bit AES "weak encryption", and FileVault supports 256-bit AES. The component that is weak is that you are required to use your login password as the FileVault password. FileVault only uses 1000-round PBKDF to generate a key from your password as it is, and elsewhere your password is hashed less securely, making a dictionary attack reasonable. There's also a second access key stored in the FileVault backup keychain.

The "get your space back" and "long waiting times at logout" seem to conflict. He claims that the long wait time is because unused space is recovered from the sparsebundle File Vault uses to back your home directory -- so you should have your space back. It seems unlikely that you need that space back *right now*, before you log out.

On the other hand, EncFS leaks a ton of metadata -- probably enough metadata for someone to get a very good idea of what your collection of files represent. (Granted, if you're not using full-disk encryption, you're leaking data into unencrypted space anyway.)

not actually solving non-existant problems. (2, Insightful)

SuperBanana (662181) | more than 4 years ago | (#31137566)

+Get your space back

Create a second account, use it to shrink primary account (useful regardless, for many other troubleshooting reasons.)

+Get rid of the long waiting times at logout

And how often do you log out of your Mac? The only time I do that is when I reboot, and according to uptime, I haven't rebooted in more than a week. That was only because of security updates.

+Be safer by using open-source

1)When is the last time you validated the checksum of a package or source? 2)When is the last time you reviewed (end to end) the code for an open-source program? 3)When is the last time you looked at ANY source, instead of just reading README and then typing "./configure"? 4)How many people out there are qualified to review source code enough to detect the myriad of security vulnerabilities possible, intentional or otherwise?

The open-source security mantra has been trotted out for a decade and it still rings as hollow as can be. It's about as intelligent as handing blueprints to every car owner and wondering why people are still buying cars that break. 99.99999% of your users a)can't be bothered b)aren't qualified.

Re:not actually solving non-existant problems. (1)

TheRaven64 (641858) | more than 4 years ago | (#31138060)

Regarding open source security, the point is that security experts can review the code. For something like OpenSSL, many people have already reviewed it. Ironically, in this case, FileVault's encryption actually has been subject to a lot of security, but I can't find any evidence that EncFS has been reviewed by anyone other than the authors and, as the saying in cryptographic circles goes; 'anyone can design a system so secure that they can't break into it.'

Re:not actually solving non-existant problems. (1)

am 2k (217885) | more than 4 years ago | (#31139050)

Even when it has been reviewed, how do you know you have the same source the reviewers had?

Re:not actually solving non-existant problems. (1)

Achromatic1978 (916097) | more than 4 years ago | (#31141148)

MD5/SHA1 checksum... but sure, this can be extrapolated out...

Re:not actually solving non-existant problems. (1)

am 2k (217885) | more than 4 years ago | (#31142202)

Well, how frequently do you actually check that?

Mind you, comparing the checksum of a file you downloaded from a server with the one provided by the very same server is completely pointless, you have to compare to the one provided by the reviewers (and you have to trust them as well).

Re:not actually solving non-existant problems. (1)

Gr8Apes (679165) | more than 4 years ago | (#31140408)

And how often do you log out of your Mac? The only time I do that is when I reboot, and according to uptime, I haven't rebooted in more than a week. That was only because of security updates.

One mac - 2 days after 21 days, because Parallels/Windows 2008 R2 along with safari ran me into 4GB of swap space it wouldn't release.
Mac two - 90 days. (No Parallels/Windows on this one - needs a reboot with new security patch.

Re:not actually solving non-existant problems. (1)

agoston.horvath (1744070) | more than 4 years ago | (#31154020)

Create a second account, use it to shrink primary account (useful regardless, for many other troubleshooting reasons.)

... and keep that in sync with your primary account. Seems like a lot of work to me.

And how often do you log out of your Mac?

If you are using time machine to make backups, you have to log out to back you your homedir. This means, you are forced to log out as often as you want to save your work.

Re:Question (0)

Anonymous Coward | more than 4 years ago | (#31137628)

I'd argue that AES-128 is not typically considered "weak encryption", and that simply saying "proprietary == bad/unsafe, open source == good/safe" is a bit of a reach, but otherwise the claims are more or less accurate.

He failed to note an important weakness of EncFS in that summary though -- it only supports basic file attributes and operations, not the entire set of operations available on an HFS+ (or any other modern) file system, so it may not be appropriate for all uses.

He also makes an argument against disk images in general that I don't understand and he doesn't explain, but that's neither here nor there in terms of the +/- list above.

Re:Question (5, Insightful)

node 3 (115640) | more than 4 years ago | (#31137580)

What are some flaws in FileVault that might make me prefer EncFS?

I've only been thinking of activating FileVault lately and my only other experience has been with ELI in FBSD.

The "flaws" in FileVault (really, just limitations, but whatever), are that they aren't backed up via Time Machine while you're logged in, and space isn't freed up until you log out.

He states that it takes a long time to log out, but that's not true as of Snow Leopard. Sparsebundles recover space very quickly, and you can cancel the logout clean up process without worry.

As for, why would you prefer EncFS? You wouldn't. It actually does work reliably. FTA:

There are known problems with EncFS, as it only support basic POSIX operations (no locking, extended attributes, etc...). This works well for simple file storage or multiplatform applications, like MacPorts, Firefox, Thunderbird, etc..., but encrypting your whole homedir is known not to work.

In other words, not only can it not replace FileVault, but it can't even be used for the things a normal Mac user might want to encrypt (Mail folder, iPhoto library, etc.).

Re:Question (1)

node 3 (115640) | more than 4 years ago | (#31137586)

Where I wrote:

As for, why would you prefer EncFS? You wouldn't. It actually does work reliably. FTA:

I meant:

As for, why would you prefer EncFS? You wouldn't. It actually doesn't work reliably. FTA:

Re:Question (1)

mlts (1038732) | more than 4 years ago | (#31142894)

On the Mac, I see five popular utilities for encryption: FileVault/sparsebundle, PGP WDE, TrueCrypt, and EncFS.

PGP WDE of course is good against leakage. Since everything is encrypted even the OS, there is nothing an attacker can figure out about the contents of the drive.

TrueCrypt also good against leakage. One can't tell what filesystem is used inside a TC volume, much less actual contents unless they are able to find details outside the volume (most recently used history, etc.)

FileVault/sparse bundles are a great solution because they not just go a good way in hiding contents, but 8MB bands which get changed are a lot easier for a backup utility to back up than a full image. The downside is that this is an Apple-only utility, so there is no cross platform compatibility.

EncFS is good because it takes no additional partitioning or volume storage, offers a good amount of choices for security, and has been around in some incarnation since Matt Blaze made CFS. It also hasn't had any major weaknesses in security.

What I use:

PGP WDE for starters. Not just data files are important. I like protecting programs and license keys which cost a pretty penny, as well as data which is important but does not reside in the home directory, such as stuff that lands in /tmp.

FileVault. It is transparant, and the version in SL seems to be robust enough that I don't have to worry about the glitches which bit people in previous OS versions. I use this for separating various projects by users, so work stuff doesn't mingle with general home directory stuff. The bad thing is that with FileVault, you can't ssh in via remote and have it automatically mount your files. But on a laptop, this isn't really an issue.

Truecrypt is good for archiving files, because other platforms can read it, assuming one uses FAT32 or FAT. NTFS is also an option, with a commercial utility.

EncFS is a good choice, and it is cross-platform, so another machine can read the files. However, I just don't get around to using it because the sparse bundle functionality in Apple's Disk Image is so useful. An attacker can't discern what is in the sparse image, but a backup program is easily able to back up changes.

All in all, I wish Apple would implement something like BitLocker. It would take a TPM [1] to be present on Macs, but what it would give a user is completely transparent encryption in day to day use, but still keeping data out of the hands of an attacker, unless the blackhat both knows the user's password and is able to gain physical possession of the Mac. It is not completely secure, but it is as good as one is going to get for most things. If a blackhat is able to read the RAM of a machine, they would be able to do this with FileVault if a user is logged on. A blackhat who has the cash to decap a TPM chip nondestructively usually has the cash for a rubber hose, and rubber hose decryption has a far higher success rate of working. Another advantage of a BitLocker type encryption system is that the OS is protected too, keeping keyloggers and Trojans from being inserted.

[1]: Shipped turned off and disabled as per spec, of course. The user can enable it if/when he or she wants to.

Re:Question (0)

Anonymous Coward | more than 4 years ago | (#31138300)

If you do decide to activate FileVault, don't forget to go into disk utility afterward, and in the "Erase" tab for the hard drive, click "Erase Free Space." That'll hopefully clear any of the data that's already in a non-bad block (including stuff you emptied from the trash, but forgot to secure empty from trash) using "zero-out", overkill, or super-overkill techniques.

Anything in a re-mapped block, of course, would still be present, but you might be able to quantify your risk by counting the number of bad blocks (if it's zero, then presumably you're safe?) somehow. (the utility "badblocks" is not in snow leopard.)

[citation needed] (5, Funny)

shadow349 (1034412) | more than 4 years ago | (#31136598)

FTFA:

FileVault is a proprietary tool from a big and famous manufacturer. This means that you can be sure that there is a built-in backdoor for government bodies to use, in case you would be a terrorist suspect or trying to seize control by a coup. These backdoors are usually found and used against you in practice.

[citation needed]

Re:[citation needed] (4, Informative)

Balau (1286776) | more than 4 years ago | (#31136790)

I think it should be rephrased:

FileVault is a proprietary tool from a big and famous manufacturer. This means that you can't be sure that there isn't a built-in backdoor for government bodies to use, ...

other than that, I'm all for EncFS. What you lose in terms of security (directory structure and file size are visible) you gain in terms of performance and interoperability with other tools.

Re:[citation needed] (0)

Anonymous Coward | more than 4 years ago | (#31140920)

Performance? Did I just read you correctly? You're saying something that sits on top of a user-level API (FUSE) is faster than a kernel filesystem driver?

Uh... OK

FUSE is a cool idea and fun to play with it but has never been a performance champion.

Re:[citation needed] (1)

agoston.horvath (1744070) | more than 4 years ago | (#31154042)

FileVault is also using a helper process for encryption. I fail to see why FUSE would be slower. In practice, they eat about the same cpu time and have about the same throughput. Never did any real measurements, though.

Re:[citation needed] (2, Insightful)

vlm (69642) | more than 4 years ago | (#31136898)

[citation needed]

The six year archive of schneier's blog?

http://www.schneier.com/ [schneier.com]

It often seems that the closed source crypto marketplace in a binary state, either publicly known as snake oil, or not yet publicly known as snake oil. After being burned a zillion times, it seems its all snake oil.

Re:[citation needed] (1)

nine-times (778537) | more than 4 years ago | (#31137214)

Are Apple's disk images really so mysterious and horrible as to be called "snake oil"? Reportedly they use AES encryption, and I thought open source projects had even reverse engeered the formats.

Re:[citation needed] (4, Insightful)

Anonymous Coward | more than 4 years ago | (#31137338)

Are Apple's disk images really so mysterious and horrible as to be called "snake oil"? Reportedly they use AES encryption, and I thought open source projects had even reverse engeered the formats.

No, they're not. Yes, they do, and yes, they have. That won't stop people that don't know anything about encryption from blindly posting Schneier's blog without context to whore for some karma, though.

Re:[citation needed] (1)

moonbender (547943) | more than 4 years ago | (#31138960)

For what it's worth, I think there are a lot of things they could do wrong (on purpose or more likely by accident) in their crypto implementation that'd make things a lot easier for someone trying to decrypt it. And these implementation things wouldn't necessarily be occurant to someone reverse enineering the format. Saying that it's AES-128/256 only provides an upper limit for the strength.

PGP is proprietary (0)

Anonymous Coward | more than 4 years ago | (#31137824)

[citation needed]

The six year archive of schneier's blog?

http://www.schneier.com/ [schneier.com]

It often seems that the closed source crypto marketplace in a binary state, either publicly known as snake oil, or not yet publicly known as snake oil. After being burned a zillion times, it seems its all snake oil.

PGP Inc.'s stuff is "a proprietary tool from a big and famous manufacturer". Has the source to their 'enterprise' products been released and inspected? Should we not trust PGP? (BTW, Schneier is on their "Technical Advisory Board".)

What about the encryption used in RIM's products to transfer e-mails to BlackBerrys? The SSL use in IE? S/MIME in Outlook? RSA's SecurID tokens? STU-III/STE phones?

Take off your tin foil hat and think rationally.

Re:[citation needed] (1)

Vahokif (1292866) | more than 4 years ago | (#31137516)

You wouldn't doubt it for a second if it was Microsoft, right?

Re:[citation needed] (1)

noidentity (188756) | more than 4 years ago | (#31138090)

FileVault is a proprietary tool from a big and famous manufacturer. This means that you can be sure that there is a built-in backdoor for government bodies to use, in case you would be a terrorist suspect or trying to seize control by a coup. These backdoors are usually found and used against you in practice.

He simply mentions the above because his article is written for such people, terrorist suspects and people trying to seize control by a coup (but not by other means).

Typical Linux Fag Bullshit (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31136666)

The whole article is stupid. If you believe any of this crap you're a fucking idiot. HURR DURR REPLACE A STABLE PIECE OF SOFTWARE WITH AN UNSTABLE ONE LOL

and he thinks his ideas mean anything to macusers? (1)

peragrin (659227) | more than 4 years ago | (#31136832)

If you actually read the article while he makes good points to do what he says you have to install macports, and then use the command line.

There is no easy way to setup his system. Sure it has more options but the average user of any OS isn't able to understand all of them. File vault and windows bit locker for all their faults and variations are easy to use encryption. and until all encryption/decryption systems are built into the OS and are easy to implenment then encryption will only be used a handful of people.

I still want a cross platform easy to use encryption setup that only requires my key to work. not for me to have to bring my own software that I may or may not be allowed to run to decrypt the drive.

Re:and he thinks his ideas mean anything to macuse (1)

nine-times (778537) | more than 4 years ago | (#31137228)

I don't think we'll see a universal filesystem encryption scheme until we at least see a universally supported filesystem.

Headline story? (0, Troll)

syousef (465911) | more than 4 years ago | (#31136904)

Why is this a headline story on slashdot. It's a nice little achievement but hardly news. Anyway aren't Apple products suppose to "just work"? How dare this poster find a need for or better fit with something not specifically sanctioned by The Holy Jobs and his minions! ;-)

Plenty happy with FileVault (2, Insightful)

WebManWalking (1225366) | more than 4 years ago | (#31137016)

Just turn it on and forget about it.

NSA has VileFault (spoonerism, not typo) for brute force dictionary attacks on weak passwords. I don't think NSA would take that route if Apple gave them a back door.

Whoa - Big Fucking Limitation (4, Informative)

diamondsw (685967) | more than 4 years ago | (#31137198)

FTFA:

There are known problems with EncFS, as it only support basic POSIX operations (no locking, extended attributes, etc...). This works well for simple file storage or multiplatform applications, like MacPorts, Firefox, Thunderbird, etc..., but encrypting your whole homedir is known not to work.

That is an absolute deal breaker. Mac OS X (and increasingly third party software) makes extensive use of that metadata in extended attributes. Until it can preserve that same metadata, this solution is a no-go for, oh, 99% of the population. And that last 1% is going to be on thin ice, hoping nothing breaks. Sorry for it sounding a bit like FUD, but this does entail a fair amount of uncertainty and doubt, and that brings some fear into it.

It's a great idea, as FileVault is very limited in its approach, but this is far from a "replacement" for it.

Re:Whoa - Big Fucking Limitation (1)

Enahs (1606) | more than 4 years ago | (#31138692)

Maybe you should, you know, verify that fact before you vent your spleen. EncFS supports xattr, even on OS X. Apparently some people have trouble building the MacPorts version with xattr enabled.

http://www.arg0.net/encfs [arg0.net]

Re:Whoa - Big Fucking Limitation (1)

argent (18001) | more than 4 years ago | (#31140380)

Mac OS X (and increasingly third party software) makes extensive use of that metadata in extended attributes.

Boo Hoo, you won't be able to use Spotlight on your encfs.

Any application that actually *depends on* extended attributes should be shot. File system metadata... even such commonplace metadata as the file name... is inherently fragile, and should only be used as a convenience and depended on as a last resort.

Re:Whoa - Big Fucking Limitation (1)

Hurricane78 (562437) | more than 4 years ago | (#31141348)

You mean 99% of the OS X users!

I couldn’t care less.

Re:Whoa - Big Fucking Limitation (1)

cerberusss (660701) | more than 4 years ago | (#31142906)

That is an absolute deal breaker. Mac OS X (and increasingly third party software) makes extensive use of that metadata in extended attributes.

If you just use it to hide your porn for your boss or your significant other, that's not a real objection.

Re:Whoa - Big Fucking Limitation (1)

bill_mcgonigle (4333) | more than 4 years ago | (#31145976)

It's a great idea, as FileVault is very limited in its approach, but this is far from a "replacement" for it.

So a reasonable thing to do would be to create an EncFS mountpoint and symlink in appropriate directories to your homedir, still on FileVault.

Except, I guess that's just ordinary and usable and doesn't garner a Slashdot headline.

PGP Whole Disk Encryption (1)

D H NG (779318) | more than 4 years ago | (#31138110)

I recently replaced FileVault on my MacBook Pro with PGP Whole Disk Encryption, and the results have been nothing but headache. Now when I close the lid, the laptop doesn't go into hibernate mode, and the laptop doesn't recognize my iPod when I plugged it in.

Re:PGP Whole Disk Encryption (1)

zippthorne (748122) | more than 4 years ago | (#31138434)

If you don't care what happens when the battery runs out, you can disable SafeSleep (so it's just straight-up suspend to ram) by setting the hibernatemode parameter to 0

see "man pmset" for more info.

For some reason, laptops are set to SafeSleep and desktops are not, which seems backwards to me: desktops don't have a nice battery to gradually drain in the event of power failure, so I'd think they'd want to protect the ram image by writing out the memory at the begining, but laptops do have a conveninent battery to gracefully fail in the event of power loss, so I fail to see why they would need to hibernate immediately. If I had me druthers, I'd put it on a timer: closing the lid goes to sleep, but after 10 minutes or so (user selectable) of no acceleration detected, only then does it write out the memory state and power down. Some times the lid is just closed to carry the machine to another room.

Re:PGP Whole Disk Encryption (1)

toQDuj (806112) | more than 4 years ago | (#31141652)

There's a smarter implementation of this, called "smartsleep". I don't have the time to explain, so google it.

Weak Encryption? (1)

cbreak (1575875) | more than 4 years ago | (#31138408)

Weak encryption? What was that guy smoking? AES is state-of-the-art, it's security is widely considered sufficient: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Security [wikipedia.org] . While there exist attacks on AES 256 which make it a bit less secure, it's still almost as secure as AES 128 which is used in FileVault by default.

Re:Weak Encryption? (1)

godoffsck (943749) | more than 4 years ago | (#31142858)

I wouldn't say it's state of the art given that it's pretty much a decade old. Threefish is newer and I wouldn't say even that is state of the art.

EncFSVault (1)

Enahs (1606) | more than 4 years ago | (#31138722)

I wish this project was still alive and well, but it's not been updated since April 2008. :-(

http://code.google.com/p/encfsvault/downloads/list [google.com]

Basically it automates the process of setting up your home dir to use EncFS. If someone could update it and add some features such as painless uninstall. It's pretty easy to disable if you're comfortable with the command line but I wouldn't feel right recommending it.

Fun (1)

c4t3y3 (1571639) | more than 4 years ago | (#31138886)

http://techieblurbs.blogspot.com/2010/02/howto-replace-filevault-with-encfs.html [blogspot.com]

Be safer by using open-source. FileVault is a proprietary tool from a big and famous manufacturer. This means that you can be sure that there is a built-in backdoor for government bodies to use.

On the other side...

There are known problems with EncFS, as it only support basic POSIX operations (no locking, extended attributes, etc...). This works well for simple file storage or multiplatform applications, like MacPorts, Firefox, Thunderbird, etc..., but encrypting your whole homedir is known not to work.

So what is your priority? avoid file corruption or avoid the NSA?

Re:Fun (1)

agoston.horvath (1744070) | more than 4 years ago | (#31154086)

Up to you. If you don't like it, don't use it. I merely propose a way for people who would want to do this.

4k sectors (1)

TD-Linux (1295697) | more than 4 years ago | (#31139596)

Don't forget that the header of encfs causes it not to be 4k block aligned, which kills performance on 4k-sector drives, which should be arriving very soon (filesystems have used 4k or larger sector sizes for a long time, however).

Good idea, so-so choice of technologies (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31140728)

The gist of the tip is to create an encrypted container, move your important stuff into that container and then create symlinks from/to the original locations. Be sure to mount/unencrypt the container at boot.

Why ENCFS? Why not a very strong encrypted disk image? Why not Truecrypt? The author doesn't say.

Thanks for feedback (1)

agoston.horvath (1744070) | more than 4 years ago | (#31154082)

Wow, I was not expecting such a huge amount of comments.

I've updated the article based on this. Most importantly, removed the proprietary part - indeed, that has nothing to do with the howto. This intended to be a howto, not a troll text. I just wanted to add some background to it, for better understanding.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>