ForTech
  • Home
  • Computers
  • Gaming
  • Internet
  • Business
  • Tech
  • How To
  • Gadgets
  • Lifestyle
  • Smartphone
No Result
View All Result
  • Home
  • Computers
  • Gaming
  • Internet
  • Business
  • Tech
  • How To
  • Gadgets
  • Lifestyle
  • Smartphone
No Result
View All Result
ForTech
No Result
View All Result
Home Apple

FileVault 2 & T2 Security Chip: Keep Hackers Away from Mac’s Startup Disk

by KEN
June 25, 2020
FileVault 2 & T2 Security Chip: Keep Hackers Away from Mac’s Startup Disk

Today, so much important and sensitive information are stored on computers, so it makes the data security increasingly demanding. This article will specifically introduce FileVault 2 and T2 chip on Mac platform and explain how the two security features protect your personal data from theft and leaking.

What is FileVault 2 and how does it protect your data?

FileVault is a built-in encryption feature on Mac computers using XTS-AES-128 encryption with a 256-bit key. It was first added to Mac OS X 10.3 Panther to encrypt only home folder, and then Mac OS X 10.7 Lion and later was equipped with FileVault 2 to encrypt the full startup disk. When the FileVault is enabled, a user will be asked to create a master password and recovery key will be automatically created too. Either a master password or a recovery key will be required to decrypt the data on startup disk. Since the current FileVault 2 uses full disk encryption, all data added or edited will be automatically encrypted during your use of the Mac’s hard drive. Unauthorized access to the data on startup disk will be locked outside.

If you want to secure your data on a Mac, especially a MacBook which you carry it around a lot, you had better enable FileVault. However, since FileVault is operated by CPU, it will affect the performance because the CPU has to encrypt and decrypt data. If your Mac has an SSD, you may not notice the difference. But if your Mac has a traditional hard drive, the difference is quite obvious.

How to enable FileVault?

FileVault needs you to manually turn it on to create your own password for it.

Step 1: Click on the Apple logo at the top menu bar.

Step 2: Go to System Preferences and choose Security & Privacy.

Step 3: Click on FileVault tab.

Step 4: Click the little lock icon at the lower left corner to make changes.

Step 5: Enter the administrator password (the login password).

Step 6: Click on “Turn On FileVault…”

 If you have multiple users set up to use this Mac, a window will come up asking you to enable other users to type in their login password to be able to unlock the disk.

Make sure you remember the password or store the recovery key in a safe place. Once the password is forgotten as well as the recovery key is lost, the saved data on the startup disk is unrecoverable because it can’t be decrypted.

What is T2 security chip and how does it protect your data?

T2 security chip is Apple’s second-generation custom silicon for newer Mac desktops and laptops. It first rolled out with iMac Pro 2017 and then started to be equipped on MacBook Air, MacBook Pro, Mac mini and Mac Pro. It takes over some tasks that used to be processed by CPU and it works like an independent processor. Its main features include:

  • The T2 chip forbids the Mac from booting up through an untrusted source. That is to say, booting from an external drive or network is not allowed on T2-equipped Macs now. Moreover, the chip will review the startup process all the time and stop it whenever it finds unauthorized interference.
  • The T2 chip uses real-time encryption that guarantees all data is encrypted the same time when it is written to the startup disk. In this way, the data will be stay unreadable even when the T2 chip suddenly stops working, is attacked or removed.
  • Because many hackers break into the Mac system to spy on people through the built-in microphone and HD camera, the upgraded T2 chip also has enhanced the capability to hardware disconnect the microphone and camera when the lip is closed. In addition, the biometric information (Touch ID and voice to invoke Siri) will be encrypted by T2 chip as well.

T2 security chip is a hardware chip soldered on the logic board. You don’t have to enable the capabilities because they are enabled within the T2 chip. Even though the T2 chip is secure enough, Apple still recommends users to turn on FileVault to add more security.

Challenges Apple security features bring to data recovery

 The more secure the data is, the harder it will be to get back when it is lost.

First, as mentioned above, if you have a hard time remembering the password and lose the recovery key for the FileVault, your startup disk will completely lock you out. Even if you take the Mac to Apple store or use data recovery service, files can’t be decrypted.

Second, target disk mode doesn’t work anymore. Before, you can connect two compatible Macs and boot one Mac into target disk mode by pressing down Command + T keys during booting up. Then the SSD in it will be regarded as an external hard drive attached to the other Mac. You will be able to transfer files in that way. However, since each T2 chip generates a random serial key to encrypt data on SSD, the other Mac’s T2 chip won’t be able to decrypt the data decrypted by another T2 chip. As a result, saving data from an unbootable mac computer through target disk mode can’t be achieved.

Third, many data recovery software don’t support scanning the decrypted disks. They are unable to detect the encryption on the disk and won’t provide password input to decrypt the data either. Therefore, when choosing a data recovery program for T2-equipped and/or FileVault-enabled Mac, you should be aware if the program can restore files from encrypted disks.

iBoysoft Mac Data Recovery is one of the programs we know that can scan encrypted startup disk and restore data from it. Check its capabilities and get a free copy.

Conclusion

As high-end personal computers, Macs provide excellent data security. With using those features, do a little homework to see how good they are and how they can affect you. It is not a bad idea to know more about your machine.

Share198Tweet124Pin45Share

Related Posts

iOS Emulator

Best iOS Emulator to Run iOS Apps on Windows & Android

January 2, 2021
iPad Pro or MacBook, Which is Better?

iPad Pro or MacBook, Which is Better?

December 21, 2020
Remove DRM from Apple Music Songs

How Can You Remove DRM from Apple Music Songs?

December 8, 2020
Criteria to Choose a Good Mac DVD Ripper

Criteria to Choose a Good Mac DVD Ripper

November 21, 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Trending Stories

How Technology Improves Ergonomics

How Technology Improves Ergonomics

January 28, 2021
How You Can Be A Great Old School RuneScape Player

How You Can Be A Great Old School RuneScape Player

January 28, 2021
VPN is Important for Business

Why VPN is Important for Business

January 27, 2021
FAU-G

FAU-G Game Download Now Available on FAU-G Play Store

January 27, 2021
Disable Command Prompt

How to Disable Command Prompt on Windows 10 PC?

January 26, 2021

Categories

  • Apple
  • Business
  • Computers
  • Digital Marketing
  • Education
  • Entertainment
  • Gadgets
  • Gaming
  • Health
  • How To
  • Internet
  • Lifestyle
  • Review
  • Smartphone
  • Tech
ForTech

ForTech Blog devoted to technology and business news, the latest in Gadgets including Laptop, Software, and Gaming. Features, Reviews and website Recommendations.

  • Write for us
  • Contact
  • Privacy Policy
  • About Us
  • TechPocket

ForTech © Copyright 2020, All Rights Reserved

No Result
View All Result
  • Home
  • Computers
  • Gaming
  • Internet
  • Business
  • Tech
  • How To
  • Gadgets
  • Lifestyle
  • Smartphone

ForTech © Copyright 2020, All Rights Reserved