Apple At-Rest Encryption
Jon Callas
jon at callas.org
Wed May 27 22:01:13 PDT 2015
> On May 25, 2015, at 1:11 PM, anx <anx at riseup.net> wrote:
>
> What are some bottlenecks to Apple turning on File Vault by default? I
> can only come up with "battery life."
You should turn it on. The battery effect on the CPU is negligible; it’s using AES-NI in the processor and that’s running at less than one clock per byte. But if you’re on a computer that has flash – like any of the Air/Retina machines – the write time and power requirements of NAND flash are much better when you use a whitening function, of which AES makes a great one.
But in any event, it’s all going to be not worth worrying about in the costs. You might even benefit. You are also gaining in the security end. We can certainly debate whatever the operational security benefits are from encrypting your disk, but the real benefit comes from when you inevitably decommission that machine and storage. You are vastly, vastly better off with encrypted storage then, and better off for having encrypted it all along.
Jon
More information about the cypherpunks
mailing list