A View from Simson Garfinkel
Preventing Data Loss with FileVault
Sometimes the price of protecting data is losing it.
FileVault is Apple’s encrypted file system. I use it on my laptop to prevent me from having one of those “data-loss incidents” in the event that my laptop gets lost or stolen.
FileVault is pretty cool. It keeps all your files in a single big “virtual disk” file. Whenever data is written into the virtual disk, the data is encrypted; when the data is read back, it’s decrypted. All this encryption and decryption is done transparently. And the disk is automatically mounted when you log into the Mac, with the encryption key being protected with your log-in password. All in all, it’s pretty slick.
But FileVault has also caused me to lose data–and on more than one occasion. Usually the data loss happens when my battery dies on a long flight. My MacBook is pretty good about shutting down before the battery dies, but a battery can go out of calibration. When that happens, sometimes the Mac just loses power. When this has happened to me in the past while I was saving a file, I’ve lost the entire directory where the file was being saved. Now that’s annoying.
The other failure mode that I’ve seen with FileVault, one that’s far more troubling, happened to me on Sunday night. My computer got real slow, the disk kept spinning, and eventually I had to power it off. When I turned it back on, I discovered that every file that had been written over the past 10 to 20 minutes was filled with corrupt data.
I keep excellent backups, so this wasn’t the horrible problem that it could have been. Yes, it did take me eight hours to reconstruct all the data on my laptop, but I was sleeping for most of that time. It was the laptop that was doing the work, slowly copying the data from one of my backups back to the laptop.
Periodically wiping out your laptop has another advantage, of course: it lets you pinpoint the problems in your backup system.
Frankly, I always treat my laptop as if it is on borrowed time. Between drops, theft, and buggy software, data that’s on a laptop is always living on borrowed time. If you aren’t constantly backing up your laptop whenever you have an Internet connection, you’re making a mistake.