An Unencrypted Look at FileVault
Subject:   Vault and the swapfile
Date:   2003-12-21 13:39:09
From:   F.J.
Response to: Vault and the swapfile

Hi !

Would you worry about the contents of the swap file, you may want to write a script that automatically alters it on logout.

However, for most users, it should not be an issue.

Let me know if this helps !


Main Topics Oldest First

Showing messages 1 through 1 of 1.

  • Vault and the swapfile
    2003-12-21 14:15:01  anonymous2 [View]

    what do you mean, 'automatically alters it on logout'?

    to me, if something is written to the disk in the clear, ever, you're hosed. when they break out the scanning tunneling electron microscope they're going to find the data.

    what good is strong cryptography if your data gets written in the clear in a swap file??

    an easy fix is for apple to provide the option of encrypting the swap files too. Most of my linux machines use encrypted swap partitions, using the same software I use in linux to encrypt my /home partition.

    To me, until they add encrypted swap, FileVault is pretty much useless, and is only good for wasting CPU time. I suppose it makes it a bit more difficult to get your data, but a serious attacker is going to go straight for the swap files.