Inside Mac OS X 10.7 Lion: File Vault full disk encryption and cloud key storageIn Mac OS X Lion, Apple has completely revamped FileVault, removing it as a simple encryption of users' Home folders and reinstating it as full disk encryption solution, with an apparent option to save disk encryption keys with Apple, likely via MobileMe.
Full disk encryption
FileVault previously helped to secure a user's files by encrypting the data within their Home folder, which includes documents, settings, Keychains, and most but not all sensitive data (excluding anything the user might save outside the Home folder).
In Lion, Apple has upgraded FileVault to the status of full disk encryption, a feature that secures the entire disk.
To access a FileVault encrypted disk, each user on the machine can be assigned the right to unlock the disk by adding a generated encryption key to the users' Keychains, a step that requires that they only need to remember their login password.
Decrypting the disk can be performed by those users at login, or with the key itself. Apple warns users in Lion that turning on Disk Encryption and subsequently forgetting both their login password and their recovery key will render the drive inaccessible, and data will be irrecoverably lost.
Disk encryption key storage
To help prevent users from losing their data, it appears Lion will offer an option to store the encryption key with Apple, apparently as part of its MobileMe cloud service (noting "fees may apply"). The feature is not currently active, as depicted in the screen shot below.
On Topic: Mac OS X
- Dropbox says OS X 10.10.1 Yosemite update resolves crashing issue, urges download
- Apple issues first OS X 10.10.2 Yosemite beta to developers for testing [u]
- Adobe announces Lightroom 5.7 with new Aperture and iPhoto importer tool, Black Friday subscription pricing
- Google launches first 64-bit Chrome Web browser for OS X
- Apple's OS X Yosemite 10.10.1 update improves Wi-Fi reliability, fixes Mail bugs, more