I recently read an excellent presentation (click here for the PDF) entitled “VileFault” on the cryptographic mechanics of Mac OS X’s FileVault, a disk encryption utility. This is the first independent assessment I have read of FileVault. Other blog entries about FileVault can be found here, here, and here.
FileVault is a Mac OS X disk encryption utility that encrypts a user’s entire home directory (which contains all of a users documents and files but not programs). The Enterprise and Ultimate editions of Windows Vista contain a similar program called BitLocker Drive Encryption. An excellent open source drive encryption program, TrueCrypt, also exists. I think all of these programs mark a favorable trend toward more secure mobile computing.
To summarize the presentation, FileVault can be considered secure if it is used properly. To use FileVault effectively, users must avoid three vulnerabilities. First, users should use encrypted swap files by checking the “use secure virtual memory” setting in the security system setting panel.
Second, users should disable the Safe Sleep feature in OS X. Safe Sleep, like the Windows Hibernate feature, saves whatever is in memory to disk when the laptop battery gets too low. Unfortunately, the Safe Sleep file is not encrypted, allowing others to search for sensitive information using the “strings” or other string parsing tool.
Third, like many encryption solutions, the weakest link is usually the user’s password. The best encryption in the world can’t secure against simple passwords that can be cracked by a computer program in a matter of minutes. If you use a weak password, don’t bother using FileVault or any other form of encryption.
Interestingly, developer builds of Mac OS X Leopard show that FileVault has been significantly updated. It would be interesting to see another cryptographic assessment of FileVault after Leopard is release.