However, nowadays the system volume is signed. Here, FileVault encrypts only the data (which is now on its own volume), the system itself stays unencrypted. An attacker with access to the hard drive contents would then not be able to read the data or modify the system (because everything is encrypted).Ĭurrent versions of macOS (11 and 12) go back to the old model. On later versions of macOS (10.7 to 10.15), FileVault would therefore encrypt both, the system and the data. They could then use that password to decrypt their copy of your data. The attacker could, e.g., copy your data in encrypted form and modify the system in such a way that it would send your password to a remote server the next time you logged in. An attacker with access to the hard drive contents would therefore not be able to read your data (it's encrypted), but would be able to modify the system. The first version of FileVault (Mac OS X 10.3 to 10.6) encrypted only your user data (home folder), not the system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |