[Noisebridge-discuss] Which can I trust more: TrueCrypt orOSXFileVault?
davidfine
d at vidfine.com
Sun Feb 13 06:16:40 UTC 2011
Firmware passwords don't generally hinder someone from removing the hard
drive and reading it. The SSD drive on a macbook air is not soldered to the
mainboard. Truecrypt is better than filevault in some ways. But it's
actually going to be difficult to make sure that things like the contents
of all your various caches end up on that encrypted volume, and that
nothing leaks into unencrypted areas, and that nothing is tampered with
when it's out of your sight. So it's a compromise. If you think someone
cares enough to send your hard drive to the forensics lab, FDE is the only
thing that will do.
--D
On Sat 12/02/11 7:52 PM , "Steve Camuti" mrcamuti at gmail.com sent:
Firmware passwords work great on MacBook Airs because the RAM is soldered
into the board, so you can't easily reset the password like you can on
every other portable Apple laptop.
That being said, my work uses WinSoft for software FDE in Macs since the
FDE drives work in macs... But without any actual encryption abilities.
Lame.
-Steve C
On Feb 12, 2011, at 3:41 AM, davidfine wrote:
I like truecrypt- but its full disk encryption only works for windows
(same for the Decoy password trick I think).
Truecrypt is more trustworthy if your threat model includes the people who
would have access to backdoors in proprietary software. If those people
care about you, your weak link is OS X in general. But hey, you might as
well use truecrypt, it's not that much extra work.
If you're concerned about this sort of thing what you really want is full
disk encryption because that also protects you from tampering.
Unfortunately the only ones I know for mac (PGP, SOPHOS) are commercial
software again... Seagate FDE drives don't work on macs either... There's
gotta be some way to do it with open software....
--D
On Sat 12/02/11 12:18 AM , "Sai" sai at saizai.com sent:
As context for my own needs (not meant as a restriction of the
discussion), I've just acquired a Macbook Air to replace my dead MBP
and the old Win7 I've been using in the interim.
I will be using it in various contexts (e.g. at hacker conferences,
crossing US borders, for business with high security needs, etc),
entailing multiple possible threats. I'd like to ensure it's fairly
well locked down just in case. I am not aware of any specific threats
against me per se; I'd just like to be cautious.
- Sai
_______________________________________________
Noisebridge-discuss mailing list
Noisebridge-discuss at lists.noisebridge.net
Links:
------
[1] https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
[2]
http://webmail.sonic.net/parse.php?redirect=https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20110212/432aba53/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list