[X4U] Macintosh security (How to protect files and
Applications for stolen computers)
David Ledger
dledger at ivdcs.demon.co.uk
Wed Nov 16 10:37:28 PST 2005
>From: "John Richardson" <richards at spawar.navy.mil>
>Host system is an iMac running OSX 10.3.5 with a DVD burner.
>Assumptions
>0) The physical security has been compromised.
>1) The basic first level strategy is a blanket encryption of the home
>directory using file vault.
> . . . . .
>General Question: How good is the File Vault and disk utility encryption?
>What are the commercial programs that have better (stronger) encryption.
The best encryption uses methods that are open and public, and rely
on a well tested well known algorithm, the key and the key length
alone to provide the security. (Other than anything that the NSA or
the military may have and that is not generally known about - I see
you are ...navy.mil). Security by obscurity is only obscure. Read
Bruce Schneier's 'Secrets & Lies' if you need convincing of that.
GPG with a large key length is probably as good as it gets outside of
the unknowns above - and its free.
<http://sourceforge.net/projects/macgpg>
It includes symmetric and public/private key encryption which you can
apply to your disc image file. Symmetric will be much quicker.
Also available in commercial versions as PGP etc.
Don't lose the key!!!
David
--
David Ledger - Freelance Unix Sysadmin in the UK.
Chair of HPUX SysAdmin SIG of hpUG technical user group (www.hpug.org.uk)
david.ledger at ivdcs.co.uk
www.ivdcs.co.uk
More information about the X4U
mailing list