[144886] in cryptography@c2.net mail archive
Re: FileVault on other than home directories on MacOS?
daemon@ATHENA.MIT.EDU (=?UTF-8?Q?Ivan_Krsti=C4=87?=)
Tue Sep 22 08:49:01 2009
Cc: cryptography@metzdowd.com
From: =?UTF-8?Q?Ivan_Krsti=C4=87?= <krstic@solarsail.hcs.harvard.edu>
To: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <DC8A9A3A-2FB3-4BC3-B15A-D138F7F6CE9F@cs.columbia.edu>
Date: Tue, 22 Sep 2009 00:18:30 -0700
Steve,
On Sep 21, 2009, at 1:57 PM, Steven Bellovin wrote:
> Is there any way to use FileVault on MacOS except on home directories?
FileVault is essentially just the name for a plain encrypted disk =20
image which happens to have some voodoo associated with it to get =20
pivoted in as your homedir at login. This to say, you can make =20
arbitrarily many encrypted disk images with Disk Utility and use them =20=
as individual encrypted (non-homedir) folders. If you're asking =20
whether you can turn on encryption for existing system folders, the =20
answer is no; HFS+ itself offers no encryption facilities.
> I suppose I could install TrueCrypt (other suggestions or comments =20
> on TrueVault?), but I prefer to minimize the amount of extra =20
> software I have to maintain.
TrueCrypt is a fine solution and indeed very helpful if you need cross-=20=
platform encrypted volumes; it lets you trivially make an encrypted =20
USB key you can use on Linux, Windows and OS X. If you're *just* =20
talking about OS X, I don't believe TrueCrypt offers any advantages =20
over encrypted disk images unless you're big on conspiracy theories.
Cheers,
--
Ivan Krsti=C4=87 <krstic@solarsail.hcs.harvard.edu> | http://radian.org
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com