Path: csiph.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Jolly Roger <jollyroger@pobox.com>
Newsgroups: comp.sys.mac.apps,comp.sys.mac.hardware.storage,comp.sys.mac.system
Subject: Re: Encrypt existing Time Machine backups?
Date: 12 Oct 2015 22:27:59 GMT
Organization: People for the Ethical Treatment of Pirates
Lines: 50
Message-ID: <d82qffF6lacU5@mid.individual.net>
References: <WoadncwDy46iA4fLnZ2dnUU7-SmdnZ2d@earthlink.com> <d7vlh9Fdl0vU1@mid.individual.net> <JeudnbKe3tK6PofLnZ2dnUU7-SudnZ2d@giganews.com> <d7vmqtFdvs6U1@mid.individual.net> <JsidnQBK9d-lO4fLnZ2dnUU7-TGdnZ2d@earthlink.com> <d7vnecFe519U1@mid.individual.net> <cYKdncTRMJ_uLofLnZ2dnUU7-UednZ2d@earthlink.com> <1mc4v7w.18agada1f1q1iwN%nmassello@yahoo.com> <zZSdnYL6eciIdYfLnZ2dnUU7-XWdnZ2d@earthlink.com> <mvesrs$7l4$1@dont-email.me> <6Kmdne4aRMfDM4bLnZ2dnUU7-d-dnZ2d@giganews.com> <RcKdnd_Z4twJJobLnZ2dnUU7-VGdnZ2d@giganews.com> <mvh4a3$i0g$1@dont-email.me> <mdadnRDob63QtYHLnZ2dnUU7-RmdnZ2d@giganews.com>
X-Trace: individual.net X7MbQ85vU13ccc8zdWfwDQn3tZ1WyviTtLbkKBhHb2ML/RHbWi
Cancel-Lock: sha1:ubI7+SydgKJmNbijiBOCLzgSX/E=
X-Face: _.g>n!a$f3/H3jA]>9pN55*5<`}Tud57>1<n@LQ!aZ7vLO_nWbK~@T'XIS0,oAJcU.qLM dk/j8Udo?O"o9B9Jyx+ez2:B<nx(k3EdHnTvB]'eoVaR495,Rv~/vPa[e^JI+^h5Zk*i`Q;ezqDW< ZFs6kmAJWZjOH\8[$$7jm,Ogw3C_%QM'|H6nygNGhhl+@}n30Nz(^vWo@h>Y%b|b-Y~()~\t,LZ3e up1/bO{=-)
User-Agent: slrn/1.0.1 (Darwin)
Xref: csiph.com comp.sys.mac.apps:32611 comp.sys.mac.hardware.storage:1076 comp.sys.mac.system:83346

On 2015-10-12, Alan Browne <alan.browne@freelunchvideotron.ca> wrote:
> On 2015-10-12 16:15, John Somerset wrote:
>> On 10/12/15 9:54 AM, Alan Browne wrote:
>>> On 2015-10-12 08:58, Alan Browne wrote:
>>>> On 2015-10-11 19:56, John Somerset wrote:
>>
>>>>> Oh, I thought that encrypting a disk, as with Filevault, meant the
>>>>> whole
>>>>> disk had to be unencrypted to work. If memory can grab only what it
>>>>> needs, that sounds much faster.
>>>
>>> Doh.  I really misread what you wrote when I replied with the stuff
>>> below.
>>>
>>> But yes, the drive remains encrypted and the data from the FileVaulted
>>> drive is decrypted in memory on your Mac as needed, file by file (or
>>> probably block by block)
>>>
>> Am I correct that if I encrypted a folder, I couldn't get at any file
>> without decrypting the whole folder?
>
> As I understand it no.  When you access the folder using the password it 
> decrypts what you're "reading" for display or use but doesn't write an 
> unencrypted version of the folder or files to disk.
>
> JR or others can correct or clarify.

If we are talking about encrypted disk images, then I believe the
decryption happens in memory as needed to access the file system on the
mounted virtual volume.

>> Correct or not, that was my concept of it.  That's why I assumed
>> Filevault needed to decrypt a disk to get access to any of it.  It
>> sounded time-consuming, with disaster always lurking.
>
> Nope.  I've been using it for many years (previous version and current 
> File Vault 2 version) w/o issue.  Naturally my system (Filevault2) disk 
> is also backed up very regularly with Time Machine and other static 
> backups as warranted for things I want in read-only completely offline 
> backup (DVD's).

FileVault 1, the previous version which placed the user's home folder
contents into an encrypted disk image, was much more problematic and way
less secure.

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR