Apple Computer Inc.’s secure encryption technology FileVault appears to be the latest operating system issue to affect the company in the last week. Since the release of Mac OS X Panther on October 24, 2003, Apple has been hit with a FireWire bug that damages data on external FireWire 800 drives and security warnings for Mac OS X Jaguar.
FileVault secures a user’s Home directory content with 128-bit AES encryption — a feature driven by mobile users’ need to secure their data in case their laptops are lost or stolen. Files are encrypted and decrypted on the fly, enabling users to keep content secure without interrupting access to their work.
But some users are experiencing problems with the technology and the circumstances are usually very similar. When you turn on FileVault, you must supply two passwords: a Master password and a user password. Once activated, you will be logged out of Panther while the files in your Home folder are encrypted — the reverse process happens when you turn off FileVault.
But when you shutdown or restart your computer, FileVault displays a message saying it can reclaim lost disk space in the encrypted directory — this is where the problems start. If you let FileVault reclaim this lost space, you could run into problems after you restart.
FileVault is suspected of resetting or destroying the data for Safari, Address Book, the Dock, Mail and the Keychain, among others. The Keychain is not only reset, but it will also not allow you to store passwords anymore, so every time you start a task that requires a password, you will need to re-enter your information. Users generally experience an unstable operating system and applications during this process — the only fix known at this time is to format the drive and reinstall.
FileVault does appear to work just fine as long as the user does not attempt to reclaim disk space when FileVault gives that option.
In a statement given to MacCentral on Monday Apple said they were aware of the issues with FileVault, but did not recommend against using the technology.
“Apple is aware that some customers have reported an issue when using FileVault’s ‘reclaim used space’ feature,” said Apple in the statement. “Apple is investigating these reports and any customers with questions should contact AppleCare.”
On October 30, 2003, Apple confirmed user reports that Mac OS X Panther disables or corrupts files on external FireWire 800 hard disks. Apple’s statement was followed by warnings from several hard disk manufacturers warning users not to plug-in their FireWire 800 drives to a computer that had been upgraded to Panther.
Last Friday, Apple said that they would release an update for the older Mac OS X Jaguar after three security flaws were discovered earlier in the week. The security problems, discovered by Cambridge, MA-based security research firm @Stake, only affects Mac OS X 10.2.8 and not the newer Mac OS X Panther.