You are here

OS X Lion: No encrypted RAID after all

Full disk encryptionI installed Lion last night and spent today figuring out what does - and does not - work. As a huge fan of full-disk encryption (FDE), I'm disappointed in their drive encryption.

RAID may have been improved, but Lion's encryption features, including Time Machine encryption, are not compatible with Apple's RAID.

The diagram at right (from Elementary Information Security) shows how full-disk encryption (FDE) typically integrates into the system software. The diagram doesn't show where the RAID software might reside. I'd expect it to be very closely tied to the device driver. However, it appears instead that Apple placed the FDE below the RAID software. Perhaps this improves performance, or perhaps the choice was driven by design decisions invisible outside Cupertino.

The Time Machine improvement: they have explicitly documented how to switch in a new mirrored drive for an old one. I haven't tried their suggested process since the upgrade. I'd tried the suggested process a couple of years ago, only to have it fail. So we'll see how it goes.

I had high hopes for Time Machine encryption when I first heard about it. Given that the encryption is controlled from within Time Machine itself, it sounds as if it applies to the Time Machine directory and not promiscuously to the whole Time Machine volume. The consensus, however, is that Apple implemented all of their new encryption features (File Valut 2, which encrypts the boot drive, as well as Time Machine) using a new technical feature called Core Storage. As an old fogie, I'm annoyed that they're reusing an established technical term, but I must admit that vendors stopped using "real" core storage (make of ferrite cores) over 30 years ago.

Apparently Core Storage is a mechanism for managing blocks of mass storage, and it operates below the Mac's file system. Now, there isn't anything (so far) that requires RAID to be implemented above Core Storage - arguably it's a features embedded inside Core Storage. Just like encryption.

So there's no built-in reason for not allowing encrypted RAID volumes. In fact, one blogger claims that it's possible to create an encrypted RAID volume using Disk Utility keyboard commands. No one knows if this yields a stable, reliable, and recoverable backup, though.

Some people justly argue that encryption and backups don't mix. Encryption is designed to reduce the accessiblity to data while backups are intended to increase accessibility. Clearly, unreliable encryption is not what we want here.

All Hard Drives Should Be Encryped

I really and truly believe that all hard drives should be encrypted. It's not because I'm paranoid, it's because I'm practical. It takes most of a day to erase a modern 1TB hard drive. If I want to discard an old hard drive, I really have no choice except to perform a time-consuming erase pass.

If, on the other hand, the drive is encrypted, then I simply have to discard the crypto key. Voila. No one, not even myself, can retrieve the contents.

Post category: 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer