Tuesday, May 01, 2007
Preventing Data Loss with FileVault
Sometimes the price of protecting data is losing it.
FileVault is Apple's encrypted file system. I use it on my laptop to prevent me from having one of those "data-loss incidents" in the event that my laptop gets lost or stolen.
FileVault is pretty cool. It keeps all your files in a single big "virtual disk" file. Whenever data is written into the virtual disk, the data is encrypted; when the data is read back, it's decrypted. All this encryption and decryption is done transparently. And the disk is automatically mounted when you log into the Mac, with the encryption key being protected with your log-in password. All in all, it's pretty slick.
But FileVault has also caused me to lose data--and on more than one occasion. Usually the data loss happens when my battery dies on a long flight. My MacBook is pretty good about shutting down before the battery dies, but a battery can go out of calibration. When that happens, sometimes the Mac just loses power. When this has happened to me in the past while I was saving a file, I've lost the entire directory where the file was being saved. Now that's annoying.
The other failure mode that I've seen with FileVault, one that's far more troubling, happened to me on Sunday night. My computer got real slow, the disk kept spinning, and eventually I had to power it off. When I turned it back on, I discovered that every file that had been written over the past 10 to 20 minutes was filled with corrupt data.
I keep excellent backups, so this wasn't the horrible problem that it could have been. Yes, it did take me eight hours to reconstruct all the data on my laptop, but I was sleeping for most of that time. It was the laptop that was doing the work, slowly copying the data from one of my backups back to the laptop.
Periodically wiping out your laptop has another advantage, of course: it lets you pinpoint the problems in your backup system.
Frankly, I always treat my laptop as if it is on borrowed time. Between drops, theft, and buggy software, data that's on a laptop is always living on borrowed time. If you aren't constantly backing up your laptop whenever you have an Internet connection, you're making a mistake.
Massachusetts Institute of Technology
Comments
A single file is great in terms of backups and migrations because it ensures that if you copy the entire file then you've backed up everything. Also, if you copy the file to another computer with the right configuration and a little tweaking then you can make that computer run your old OS (in case your hardware crashes). Security is also improved because it only requires a single broker, but if that broker is broke than it can be broker than having multiple brokers.
The downsides to the argument are that if the file is corrupt or cannot be mounted because the headers are corrupt then the entire disk is lost. I know that there are probably programs to help in this case, but let's assume that we are the average user which doesn't know about those programs. Also, if a single file is corrupt in the disk file when it is written then it could cascade to other files and wipe out 20 minutes worth of data. This is more than likely a problem with the FileVault program in that it buffers a certain number of bytes and cannot write those bytes if the disk fails.
FileVault may be a great program in desktop Macs, but I don't think it was really designed to be used in Laptops. The programming required to make it run without fault on Laptops would be quite complex and I think Apple just didn't think these problems would come up because they probably figured that the OS would take care of the problem.
I'm sure I'll get a bunch of comments about the subject line, but remember that all OS's are different, each has their own problems, and none are perfect. Use whatever OS fits your needs, not what one is the coolest and most trendy.
Buckwheat469
05/01/2007
Posts:33
with any type of filesystem, if the headers are corrupt you're not going to be able to mount it or access it in the normal fashion. that's happen to me twice (with windows, i might add, NTFS partitions) in the past year or two. the partition table got corrupted, so i couldnt boot it. i still managed to get the data off of it, since it's still there just unmountable, but most people would be screwed if this happened.
brunascle
05/02/2007
Posts:68
Do you have any suggestions on how to do this? Apple's .mac solution is like most other backup software: too intrusive. Rsync sounds close, but I haven't yet found a solution that's easy enough to put on my wife's or parents computer and forget about it.
What do you use to keep your backups current?
x509v3
05/02/2007
Posts:1
it encrypts your data on the server using either a shared key or your own private key, its free for up to 2GB (more if you refer people - extra 256mb per referral - for both referrer and referree), and if you want to backup alot of data, its only US$4.95 per month for unlimited storage and retrieval.
Add to this automatic incremental backups in the background (all the time, or when your computer is idle), and the ability to restore files back to any previous version, and you have an all round killer backup service.
Check it out at https://mozy.com/?code=Y66GLH . Use my code if you want the extra 256mb. or not if you dont - i dont really mind.
i must say i'm much more at ease knowing my laptop data is constantly being backed up and kept secure on an offsite machine.
gregorius
05/06/2007
Posts:1
-Don
http://vdata.org/
dredman
05/30/2007
Posts:1
Frida
08/29/2007
Posts:5