Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Replace FileVault With EncFS

Posted by timothy on from the for-secretive-tweakers dept.

agoston.horvath writes "I've written a HOWTO on replacing Mac OS X's built-in encryption (FileVault) with the well-known FUSE-based EncFS. It worked well for me, and most importantly: it is a lot handier than what Apple has put together. This is especially useful if you are using a backup solution like Time Machine. Includes Whys, Why Nots, and step-by-step instructions."

8 of 65 comments (clear)

  1. [citation needed] by shadow349 · · Score: 5, Funny

    FTFA:

    FileVault is a proprietary tool from a big and famous manufacturer. This means that you can be sure that there is a built-in backdoor for government bodies to use, in case you would be a terrorist suspect or trying to seize control by a coup. These backdoors are usually found and used against you in practice.

    [citation needed]

    1. Re:[citation needed] by Balau · · Score: 4, Informative
      I think it should be rephrased:

      FileVault is a proprietary tool from a big and famous manufacturer. This means that you can't be sure that there isn't a built-in backdoor for government bodies to use, ...

      other than that, I'm all for EncFS. What you lose in terms of security (directory structure and file size are visible) you gain in terms of performance and interoperability with other tools.

      --
      Working to work less.
    2. Re:[citation needed] by Anonymous Coward · · Score: 4, Insightful

      Are Apple's disk images really so mysterious and horrible as to be called "snake oil"? Reportedly they use AES encryption, and I thought open source projects had even reverse engeered the formats.

      No, they're not. Yes, they do, and yes, they have. That won't stop people that don't know anything about encryption from blindly posting Schneier's blog without context to whore for some karma, though.

  2. Answer by lakeland · · Score: 4, Informative

    I'm tempted to say RTFA but in the interest of saving you and no doubt others a bit of time:

    "The biggest mistake Apple did with FileVault is storing the encrypted home directory on a virtual file system. All of FileVault's drawbacks originate from this. The implementation is brilliant, free of bugs, fast and well thought over. But why they decided to have all the trouble with a filesystem in a filesystem remains a mystery."

    Essentially, instead of mounting /Users/your_username via FIleVault, Apple decided to add a sparse bundle file to your home directory with all of the contents. The worst impact of this design flaw is it adds a lot of time overhead at log out. If apple instead created a different partition for each user's home directory then there are no real flaws with FileVault.

    I can see why Apple did it they way they did - dynamically resizing partitions as the user adds data to their home directory sounds... scary.

  3. Re:Question by bazald · · Score: 3, Informative

    Maybe you could skim the article next time? Ah... who am I kidding. You just wanted first post, after all.

    FileVault:
    - Long waiting times at logout
    - No shrinking while logged in
    - Doesn't work well with Time Vault
    - Proprietary
    - Weak encryption
    + Well worked out and tested

    EncFS:
    +Get your space back
    +Get rid of the long waiting times at logout
    +Back your data up while logged in
    +Be safer by using open-source

    I can't vouch for the claims.

    --
    Insert self-referential sig here.
  4. Re:Question by TheRaven64 · · Score: 5, Interesting

    Having read the article, I'd recommend that no one else did. It's written in a preachy patronising tone by someone who is clearly an idiot. For example, he complains about weak encryption because it's 'only AES-128 and you can't change that', except that since 10.5 it's been AES-128 or AES-256, even AES-128 is more than secure enough, and the vulnerability with FileVault comes from how they store the key, not from the encryption used.

    He also mentions just as a throw-away 'Don't forget that encfs doesn't support fancy filesystem operations, so don't just throw your whole homedir in there - it won't work.' So, in fact, this can't replace FileVault. Looking at the EncFS web site, I can't see any evidence that it's been audited (even the design, let alone the code). He recommends storing your decryption key in the keychain, which seems very odd; if you don't trust Apple's encryption of your home directory, why would you trust Apple's encryption of your passwords?

    He finishes with 'The biggest mistake Apple did with FileVault is storing the encrypted home directory on a virtual file system'. Given that the limitations of EncFS come from the fact that it isn't a proper filesystem, I'd have to disagree there. FileVault does encryption at the block layer, just like most other encrypted filesystems. If you bother to read any of the papers in this area, you will see that there are a number of good reasons for doing this.

    Apple did two things wrong with FileVault. They didn't let Time Machine sync mounted File Vault images with other encrypted images and they didn't provide an implementation of something like the TRIM command to let the low-level bits delete space when it was no longer needed.

    --
    I am TheRaven on Soylent News
  5. Whoa - Big Fucking Limitation by diamondsw · · Score: 4, Informative

    FTFA:

    There are known problems with EncFS, as it only support basic POSIX operations (no locking, extended attributes, etc...). This works well for simple file storage or multiplatform applications, like MacPorts, Firefox, Thunderbird, etc..., but encrypting your whole homedir is known not to work.

    That is an absolute deal breaker. Mac OS X (and increasingly third party software) makes extensive use of that metadata in extended attributes. Until it can preserve that same metadata, this solution is a no-go for, oh, 99% of the population. And that last 1% is going to be on thin ice, hoping nothing breaks. Sorry for it sounding a bit like FUD, but this does entail a fair amount of uncertainty and doubt, and that brings some fear into it.

    It's a great idea, as FileVault is very limited in its approach, but this is far from a "replacement" for it.

    --
    I don't know what kind of crack I was on, but I suspect it was decaf.
  6. Re:Question by node+3 · · Score: 5, Insightful

    What are some flaws in FileVault that might make me prefer EncFS?

    I've only been thinking of activating FileVault lately and my only other experience has been with ELI in FBSD.

    The "flaws" in FileVault (really, just limitations, but whatever), are that they aren't backed up via Time Machine while you're logged in, and space isn't freed up until you log out.

    He states that it takes a long time to log out, but that's not true as of Snow Leopard. Sparsebundles recover space very quickly, and you can cancel the logout clean up process without worry.

    As for, why would you prefer EncFS? You wouldn't. It actually does work reliably. FTA:

    There are known problems with EncFS, as it only support basic POSIX operations (no locking, extended attributes, etc...). This works well for simple file storage or multiplatform applications, like MacPorts, Firefox, Thunderbird, etc..., but encrypting your whole homedir is known not to work.

    In other words, not only can it not replace FileVault, but it can't even be used for the things a normal Mac user might want to encrypt (Mail folder, iPhoto library, etc.).