ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  An Unencrypted Look at FileVault
Subject:   The paradoxes in the article
Date:   2005-04-27 00:45:38
From:   F.J.
Response to: The paradoxes in the article

Hi!


First of all, thank you very much for taking the time to write, I really do appreciate it! :^)


The encryption does happen on-the-fly as the file is never stored outside of the FileVault itself, much like if you were to create your own encrypted image and save a document immediately inside of it as you are working on it. Should the computer crash or be force-rebooted in any way, there would be no trace of the file outside of the vault, even without a proper shutdown procedure — that is, provided that the application you are using does not store caches in strange, non-standard places.


However, you are entirely right about FileVault existing in the user space: the FileVault image is mounted as a whole and, as you are logged in, any application running with your privileges or the system privileges can access your files as if they were unencrypted — which is necessary for the system to function normally.


Both aspects of FileVault aren't in contradiction but it is true that it might seem surprising at first.


I hope this answers your question and remain at your disposition to provide you with any additional information you may deem useful.


Truly yours,
FJ