While the interface changes in Mac OS X Lion are confusing, the whole-disk encryption provided by FileVault is a definite step forward.
People who have their laptops stolen and then find their confidential documents posted all over the internet really have no excuse. If it is sensitive, it should be encrypted – especially if it is on a portable device that cannot be wiped remotely.
I hope a future release of iOS includes comparable whole-disk encryption capabilities. iPhones and iPads are even easier to lose than laptops.
Author: Milan
In the spring of 2005, I graduated from the University of British Columbia with a degree in International Relations and a general focus in the area of environmental politics. In the fall of 2005, I began reading for an M.Phil in IR at Wadham College, Oxford.
Outside school, I am very interested in photography, writing, and the outdoors. I am writing this blog to keep in touch with friends and family around the world, provide a more personal view of graduate student life in Oxford, and pass on some lessons I've learned here.
View all posts by Milan
Related: Two questions for data management
Full Disk Encryption Hard For Law Enforcement To Crack
“[T]here are three main problems with full disk encryption (FDE): First, evidence-gathering goons can turn off the computer (for transportation) without realizing it’s encrypted, and thus can’t get back at the data (unless the arrestee gives up his password, which he doesn’t have to do); second, if the analysis team doesn’t know that the disk is encrypted, it can waste hours trying to read something that’s ultimately unreadable; and finally, in the case of hardware-level disk encryption, tampering with the device can trigger self-destruction of the data. The paper does go on to suggest some ways to ameliorate these issues, but ultimately the researchers aren’t hopeful: ‘Research is needed to develop new techniques and technology for breaking or bypassing full disk encryption.'”
EFF delivers easy full-disk encryption for Ubuntu
Related: Recovering encryption keys from RAM