[coolio2657]

It is standard security, nothing out of the blue for a default functionality included in an OS, meaning it is of solid average quality, which, however, unfortunately in the world of security means it is probably not up to par and worth using.

The encryption standards it uses are pretty good, but that is not where blanket whole-disk encryption (which I assume you're talking about) fail. For example, hackers could analyze the preboot environment of an encrypted mac and sniff out the password using a variety of methods. Simply put, whole-disk encryption is too complicated and bug-prone process to really trust to closed-source software.

As for single-file encryption, which is relatively neat and simple, Disk Utility would probably do a pretty good job.

[jackjeff]

Full disk encryption only really offers security for the following 2 scenarios:

- My computer/phone was lost and it was powered off. If my password is good and secure, then I can be assured the data contained on the disk will not fall into the wrong hands.

- I need to securely wipe data off the disk, because I'm selling the computer or something. Just deleting the master encryption key contained on the disk is probably enough to render the whole thing unreadable. I don't need to spend days using special software to overwrite all sectors multiple times.

Once the system is booted, the decryption key for the disk will be made available to the OS, and all files will be made available to root processes. At this stage, having a encrypted disk offers no more protection than having a non-encrypted one.

[yoz-y]

> I need to securely wipe data off the disk, because I'm selling the computer or something. Just deleting the master encryption key contained on the disk is probably enough to render the whole thing unreadable. I don't need to spend days using special software to overwrite all sectors multiple times.

From what I have read, on any reasonably recent drive (made in last two decades or so) a one time random pass is plenty fine.

[Terribledactyl]

That might be, but the main point here was that it's way faster. Do you want to destroy a few MBs per drive or a few TBs?

[duskwuff]

> For example, hackers could analyze the preboot environment of an encrypted mac and sniff out the password using a variety of methods.

The password is not available in the preboot environment. The disk encryption key is encrypted with the user's password, which must be entered to boot the machine.

While Apple hasn't open-sourced the implementation, they've explained how it operates in considerable detail. By all accounts, it's a rather good design.

[no_wizard]

You can even set a firmware password on top of that to block any attempts to boot into target disk mode or single user or recovery

[kogepathic]

Firmware passwords are trivial to bypass if you have physical access and the proper tools. [0]

$30 gets you the equipment needed to dump, modify, and re-write the firmware, clearing any firmware password.

[0] https://trmm.net/SPI_flash

[no_wizard]

Granted I maybe missed it but this doesn't Specifically State that it was successfully used to by pass the firmware lock? Since 2010 Apple has worked hard to close these loopholes https://m.imore.com/how-set-your-macs-firmware-password-and-...

[kogepathic]

Apple still does not integrate a TPM into their laptops.

And it doesn't matter, even if they did, you could modify the firmware on flash to bypass the checks.

There is nothing stopping someone with physical access from removing the firmware password via SPI flash.

It is a fundamental flaw of x86, IMHO, that there is no Boot ROM (BROM) which can perform signature/integrity checks on the UEFI firmware. ARM has this, x86 does not.