Encrypting File System Options for Mac OS X?

fieldmouse asks: "I recently had a laptop running Mac OS X stolen. Despite the fact that I got it back, that incident has me looking for an encrypting file system for Mac OS X; preferably one that would create a psuedo drive that I could unlock once when I log on. Anybody have any suggestions?" About 2 years ago, Ask Slashdot did the Linux version of this question. Has this gap been filled in Apple's latest OS offering?

Disk Image?

[Drizzt Do'Urden]

Create an encrypted disk image with Disk Copy, make it writable, and drop your sensitive data in it ;)

Use Disk Copy and stay neat

[Paul Burney]

The application/system items on the drive don't need to be encrypted of course so just create a new disk image in disk copy, choosing the 128-bit AES encryption option. You will be prompted for a password to use. (Don't save it to the keychain, duh.) You will have to enter your password twice when you open the image.

Now be very careful with your documents/items and always save them to the encrypted disk image.

The other benefit is that keeping all your important things on that image allows for easy backups.

Re:Use Disk Copy and stay neat

[klui]

Do these AES images work with OS 9's Disk Copy? My only hesitation since I still have PGPDisk (the free version) which works between Mac OS 9 and Windows.

Re:Use Disk Copy and stay neat

[Parsec]

They will be mutually incompatible. You can't use PGPDisk with Classic in X (fails to mount) and you can't use AES images in MOS9.

To convert, you'll have to copy your data out into unencrypted space via PGPDisk in MOS9, boot into X to copy your data into an AES image, and do a good wipe of your unencrypted data. The AES image can also be stored and mounted from a server, while PGPDisk didn't like that.

Re:Use Disk Copy and stay neat

[nickovs]

Disk images in OS X can be mounted with the hdiutil command. I've never tried mounting an encrypted disk but given the way that Apple implement their crypto using CDSA I expect that it will simply offer up the usual dialogue boxes and let you type in the key (since the prompts for passphrases to CDSA are generated by the kernel code).

Re:Use Disk Copy and stay neat

[EccentricAnomaly]

And you can mount encrypted and unencrypted disk images remotely via a url... cool dat

Re:Use Disk Copy and stay neat

[nickovs]

Just to confirm, if you type hdiutil mount imagefile.dmg on an encrypted image you get a prompt to enter the passphrase and it then mounts successfully. I can not see a simple way to provide the passphrase from a program but you might be able to do it with some careful AppleScript. Of course this would totally negate any security if you kept the passphrase in the script.

Re:Use Disk Copy and stay neat

[bleyddyn]

if you type hdiutil mount imagefile.dmg on an encrypted image you get a prompt to enter the passphrase

I wish I knew what I was doing wrong, but I've never been able to get that to work. I always get errors like the following:

/usr/bin/hdid: "Misc.dmg" does not appear to be a disk image: No such file or directory

hdiutil: mount: mount failed (57344).
hdiutil: mount failed - unknown error (57344)

But I've mounted the disk images numerous times from the finder.

A Simple Solution

[PastorOfMuppets]

Use Disk Copy (located in the Utilities folder) to ccreate an encrypted disk image and add that image to you "Login Items" in the Login Prefrence Pane.

Or the old fashioned way

[xinu]

Not that I've tried this or even really given it much thought about it. But the command line "crypt" in your .login and .logout could always crypt and decrypt your home dir. Just a thought.

Re:Or the old fashioned way

[Anonymous Coward]

Besides, he is stupid. crypt has very weak encryption.

Re:Or the old fashioned way

[mkldev]

The concept is sound. The utility isn't. Mac OS X ships with OpenSSL installed, which is capable of encrypting/decrypting with a wide variety of encryption schemes.

The real problem with this is that it's far too easy to recover the original unencrypted material if you just delete it. You also need to do a multi-pass wipe. I don't know of any tools to do this (apart from Wipe in Classic), but you could write one pretty easily.

There's also the issue of multiple concurrent login sessions, but since I assume you meant login via the GUI login pane, that's not so much of an issue (except when you try to ssh into the machine).

well

[caveat]

if there's a Linux solution, there's at least a relatively easy to create OS X solution, at least. (or does X fully support only HFS+ disks?)

Re:well

[Erik K. Veland]

Well, if you run a server and no carbon applications you are fine with UFS. HFS+ is still the way to go for 99% of all users though.

Re:well

[mkldev]

Carbon apps (at least well-written Carbon apps) work fine with UFS. I assume you meant Classic apps, which of course, can't see anything but HFS/HFS+ and certain remotely mounted volumes, and can't launch except from HFS+.

Disk Image

[mlknowle]

I made a 200mb disc image using Apple's (built in) Disk Copy app, and enabled the encryption options. I keep sensitive docs and client notes on it; whenever I need it, I open the disk image, type my passphrase and the disk pops up like any other removable media.

When I'm finished, I just eject it. How secure is this? I'm not sure what function Disk Copy uses for encryption, but it is enough that if my laptop were stolen, I'd worry about the computer, not the data.

Advance Encryption Standard (AES)

[stux]

http://csrc.nist.gov/encryption/aes/aesfact.html

(or you could just mod up the previous guy ;))

Including the all important "What is the Advanced Encryption Standard (AES)?"

Crypt

[xinu]

I'm going to post this again, but with a link this time.

Look at Crypt [securemac.com] using Blowfish and all that jazz.

Running Solaris as an Admin I have crypt encrypt some docs upon .login and upon .logout for some documents. Never tried it for OSX but I don't see how it should be any different other then it's going to pop up a GUI asking for your passwd.

Following the UNIX and Perl mantra, there is always another way of doing something...

Re:Crypt

[c13v3rm0nk3y]

I hate to be a "meto", but I second this. Very cool app for encrypting discrete files on your Mac. It has the option of scrubbing the original file after encryption.

Re:Crypt

[llamalicious]

for the acronym impaired:
that's TIMTOWDI:
There is more than one way to do it.

From the 2nd edition Camel book.

DropAES encrypt as you go

[kraksmoka]

http://homepage.mac.com/hteric/FileSharing1.html Also has compression in utility. Uses built in SSL to create blowfish or triple des encrypted files. Not so elegant as the image, but more shareable.

Disc Image

[djupedal]

...allows encryption

CFS

[Anonymous Coward]

Use Matt Blaze's CFS. It supports encrypted (3DES) volumes, with timeout support among others. It's NFS loopback mount, so it will work on pretty much any UNIX -- including MacOS X and *BSD. NetBSD has TCFS which is AFAIK more tightly integrated (at VFS level).
Get CFS here: http://www.crypto.com/software/

Disk Copy

[gabe]

Here's another vote for Disk Copy.app. Very simple and easy to use. If you need to encrypt only a few files, try Puzzle Palace.

also Open Firmware Password utility

[bhamm]

i don't personally encrypt my drive, although after reading the other replies, I may tinker with that a bit.. what i've been doing with my powerbook g4 is using Open Firmware Password which prevents booting from anything except a single designated 10.x partition. If you try to boot from another partition, CD, or external drive, you're presented with a very plain password screen with no instructions. I then have the screen saver set to require my password to get back to the finder. it's not obviously quite as secure as encrypting an entire volume, but is fairly secure..

Re:also Open Firmware Password utility

[usr122122121]

If you try to boot from another partition, CD, or external drive, you're presented with a very plain password screen with no instructions. I then have the screen saver set to require my password to get back to the finder. it's not obviously quite as secure as encrypting an entire volume, but is fairly secure.

The open firmware password method is a very useful if you are limiting physical access to the computer... however, if the computer was stolen, you don't have that sort of control.

The thief could very easily remove the hard drive from the computer and place it into another one to circumvent Open Firmware Passwording. Thus, in addition to Open Firmware Passwording you must also have some sort of encryption to safeguard the files on the disk.

Disk Copy with second keychain

[ekc]

As others have mentioned, Disk Copy is definitely the way to go for creating a password-encrypted volume in Mac OS X. You can make the disk images as large as you want, they are functionally pretty much indistinguishable from normal volumes, and there's no reformatting involved.

I just wanted to add one point about storing your passwords that makes life even simpler. Try using Keychain Access to create a second keychain you call "secure" or something to that effect. Make this temporarily the default keychain so that when you create your disk images, you can store the passwords to this new keychain. Configure the keychain so that it will relock itself after a short period of time (say 15 minutes), then set the default back to your regular keychain.

That way, you need only enter the password once to have access to every encrypted disk image, and in my experience, by the time you're done and you unmount the volumes, everything will be locked again!

Recovering Stolen Goods

[mumkin]

Nice to hear that fieldmouse's laptop was returned, but it begs the question: how did you get it back? Since you were successful in this, I'm interested in whatever actions you took beforehand/afterward which facilitated recovery. Or was it just dumb luck? Tips to help the rest of us prevent/deal with a theft?

Show me the code

[bckspc]

For keeping your passwords safe from the average laptop thief, Disk Copy is probably fine. But for protecting your sensitive info from The Man, I'd be just a little wary of proprietary packages. Has anyone seen the source code for Disk Copy? Are you absolutely sure that there are no backdoors for law enforcement? Apple would stand up to the Feds in defense of their loyal customers, right?

Depending on the level of security you're after, I recommend open source software that's been audited by lots of paranoid geeks.

--
Design + Activism [backspace.com]

Experience with the disk image solution

[Aram Fingal]

I have been using encrypted disk images in Mac OS X for well over a year now and it works very well.

I was worried, at first, that disk images could become corrupted if something went wrong and make the entire contents unreadable. They are actually quite robust. You can even open a terminal and kill the process called hdid which will force unmount the image in the middle of a copy operation, and your data is still safe.

You can open an image from an AppleTalk server and use that to encrypt your network traffic. It works, I've checked it with a packet sniffer.

Part of the reason images are so good for backups is that they preserve the relative pointing of aliases. If you just do a finder drag-and-drop copy with a folder, any copied aliases from that folder will point to the item in the original and not the copy.

The encryption process can make use of both AltiVec (Velocity Engine) and multiple processors. With a G4, you hardly notice the processor time needed to perform the encryption/decryption.