Comments on: Mac OS X: Encrypting personal files http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/ Philipp on software and other interesting things Thu, 01 Oct 2009 18:05:34 +0000 http://wordpress.com/ hourly 1 By: Claus Conrad http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/#comment-131 Claus Conrad Sun, 17 Aug 2008 13:01:12 +0000 http://philikon.wordpress.com/?p=47#comment-131 While this is a very nice solution with built-in tools, some might be interested in the alternative solution TrueCrypt, making it possible to have cross-platform mountable encrypted images: http://www.truecrypt.org/ While this is a very nice solution with built-in tools, some might be interested in the alternative solution TrueCrypt, making it possible to have cross-platform mountable encrypted images: http://www.truecrypt.org/

]]> By: philikon http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/#comment-127 philikon Sat, 16 Aug 2008 11:29:17 +0000 http://philikon.wordpress.com/?p=47#comment-127 Justin, thanks for the feedback. Yes, consider unmounting before putting laptop to sleep. Before going through customs and immigration, consider turning the machine off altogether. Justin, thanks for the feedback. Yes, consider unmounting before putting laptop to sleep. Before going through customs and immigration, consider turning the machine off altogether.

]]> By: Justin Ryan http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/#comment-117 Justin Ryan Wed, 13 Aug 2008 00:54:32 +0000 http://philikon.wordpress.com/?p=47#comment-117 Some things to consider, as I've done this a long time myself: (a) This is true of FileVault esp, but also this solution - if you sleep your computer, and leave it logged in, root can access these files, as though root can't mount it, root can access every node of the filesystem. Something like SELinux could help this, but Apple haven't gone so far, yet. So, consider unmounting it. (b) If you maintain a symlink from ~/Secure to /Volumes/Secure, it shows up in Finder. (c) Symlinks can also be used to keep your ssh and pgp keys, even if themselves passphrase protected, in here. It is a very handy approach, and something Apple should put more engineering resources into integration and UI for. Some things to consider, as I’ve done this a long time myself:

(a) This is true of FileVault esp, but also this solution – if you sleep your computer, and leave it logged in, root can access these files, as though root can’t mount it, root can access every node of the filesystem. Something like SELinux could help this, but Apple haven’t gone so far, yet. So, consider unmounting it.

(b) If you maintain a symlink from ~/Secure to /Volumes/Secure, it shows up in Finder.

(c) Symlinks can also be used to keep your ssh and pgp keys, even if themselves passphrase protected, in here.

It is a very handy approach, and something Apple should put more engineering resources into integration and UI for.

]]> By: philikon http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/#comment-104 philikon Fri, 08 Aug 2008 15:45:58 +0000 http://philikon.wordpress.com/?p=47#comment-104 Finansist, could you let me know what the inaccuracies are? I'd be happy to correct them! Finansist, could you let me know what the inaccuracies are? I’d be happy to correct them!

]]> By: Finansist http://philikon.wordpress.com/2008/08/07/mac-os-x-encrypting-personal-files/#comment-102 Finansist Fri, 08 Aug 2008 14:22:33 +0000 http://philikon.wordpress.com/?p=47#comment-102 There are many inaccuracies in this article. There are many inaccuracies in this article.

]]>