[X4U] Macintosh security (How to protect files and Applications for stolen computers)

John Richardson richards at spawar.navy.mil
Mon Nov 14 13:29:46 PST 2005


Hello,

Good news first: this is a preemptive email. The computer is still happy.
This is not an email on network security.

Host system is an iMac running OSX 10.3.5 with a DVD burner.

Assumptions
0) The physical security has been compromised.
1) The basic first level strategy is a blanket encryption of the home
directory using file vault.

Some questions (answers or links to the FAQ's that answer the question)
a) How much time does it take for file vault to encrypt 100GB?
b) How "reversible" is file vault? How long will it take to decrypt (assume
same time to encrypt)?
c) Are there any issues with using file vault on 10.3.5 or above? Tiger?

2)This seems like overkill, so some apple store employee suggested this.
a) Take the files you want protected. Create a disk image and encrypt the
disk image using Apple's disk utilities. [I suppose that you could then use
file vault to double encrypt the material]

This is the strategy I'll probably use.

General Question: How good is the File Vault and disk utility encryption?
What are the commercial programs that have better (stronger) encryption.

3) Applications
This is probably the most interesting question, providing that 1) and 2)
above solve the problem of data disclosure in your home directory.

Suppose that you have 20 expensive commercial applications on your machine.
The thief just acquired lots of tools.

Is there a reasonable method (time/money) to password protect the
applications? Perhaps a plist? The boot ROM?

4) Speaking of ROM, can open firmware protection keep a theif from ever
using your beloved Apple?

5) Lastly, notice all those locks on the computers in the apple stores.
These are in place but the apple store only sells locks with 4 feet cables.
Any commercial systems that people would recommend with longer length
cables.

John F. Richardson




More information about the X4U mailing list