128 bit AES on File Vault

Similar Messages

• File Vault 256-Bit FINALLY???

  So is file-vault always 256 bit in leopard or is it an option that must be turned on? Also has anyone notice a decrease in performance since increasing from 128-bit to 256-bit?
  Thanks
  -intelpro20

  First let me ask, does File-Vault use 256 bit encryption or 128?

• Read double from file containing 128 Bit formatted C-Floats

  hi all,
  the Problem:
  i need to read double values out of a binary file. the binary was
  created by a program in c and contains 128 bit float values (16 byte).
  in c i can read the floats with the following command:
  fscanf(fin,"%16.7f",&i);
  but in java there is no function that can read this format. for me it
  is not so important that the values are precise like in c. so if
  i could convert or read such a value into a java double this would be
  precise enough. any idea?
  thanx,
  grissi

  You read in the bytes and then create a double from them using binary operations.
  If you search the forums you will find example code which you can modify to your purpose.
  Try using this search string, or some variation.
  C double binary file

• Aes-256 or aes-128 bit

  Hello
  I'm trying to keep the CPU down as much as possible on my ASA-5540. We're running 8.2.5 on it. We have a bout 80 active IPSec tunnels so far, all which are using AES-256 bit for phase1/2, 75 of the tunnels are mostly ezy vpn connections. Currently the CPU during peak usage is averaging around 22%.  We're planning on having over 1000 IPsec connections, mostly will be remote vpn access with about 170 of them ezy vpn and 250 l2l tunnels.
  Is there any noticable CPU performance gain by using AES-128 bit instead of AES-256 on the phase2?
  Thanks,
  John

  Just wondering if someone out there has noticed any performance gains by using AES-128 instead of AES-256. I'm trying standardize on a policy going forward.
  Thanks!

• What is File Vault?

  HI! when i first got my ibook i saw that file vault protected my files and decided i should use it...Now, im not sure how filevault really operates or how it protects me and my files. Im the only user on my laptop and im a student. So... should i even have filevault enabled at all? Basically i just want to know how filevault works and if i need it on or not. Thanks in Advance!
  -Seth

  Be aware that FileVault, even though it runs transparently, does eat up extra CPU cycles, and does slow down your computer to a degree. It is up to the individual to determine if they require that much security.
  From the Help files:
  Mac OS X includes FileVault, which allows you to encrypt the information in your home folder. FileVault creates a separate volume for your home folder and encrypts the contents of it. The data in your home folder is encoded and your information is secure if your computer is lost or stolen. FileVault uses the latest government-approved encryption standard, the Advanced Encryption Standard with 128-bit keys (AES-128).
  When you turn on FileVault, you also set up a master password for the computer that you or an administrator can use if you forget your regular login password.
  WARNING: If you turn on FileVault and then forget both your login password and your master password, you will not be able to log in to your account and your data will be lost forever.
  If the information on your computer is of a sensitive nature, you should consider using FileVault. For example, if you carry all your company's financial data on your PowerBook, losing your PowerBook could allow someone else access to sensitive data that might hurt your business. If you are logged out of your account when your PowerBook is lost, and FileVault is turned on, your information is safe.
  Since you home folder is encrypted, some tasks that normally access your home folder may be prevented, for example: backup utilities may see your home folder as one folder that's always changing, and this could slow down your backup. Also, if you're not logged in to your computer, other users will not have access to shared folders in your home folder

• File Vault - Hard Drive Crash

  All,
  My HD crashed, and "Disk Utility" was unable to repair it. Apple store geniuses told me to get a 3rd party restore utility, like Data Rescue II. Did so, and recovered my data. But my whole home directory is one large (36 GB) file, which is my file vault.
  I have "harvested" that all I can off of the bad drive to a good mac HD. I think my next step is to format and reinstall 10.3.9 on to the broken machine. But before I do that, I'd like advice about recovering the File Vault.
  How do I open that File Vault to get back to all my important data? I of course still have my password for the vault. Thanks for suggestions.
  I'm using 10.3.9.
  G5 Dual 1.8 GHz   Mac OS X (10.3.9)  

  Thanks Niel,
  Does anyone know if a partially-corrupted sparseimage can be opened, or must it be 100% in-tact?
  I used Data Rescue II to pull data off the drive. Looks like much of it was recovered successfully, but my sparesimage filevault file is strange. I believe it to be multiple gigs in size based on the digital photos and movies I have in my home directory. The recovered sparseimage is only 22 MB. Data Rescue says it is 36 GB on the scan. 36 GB sounds a bit high, and 22 MB is a bit low. I am re-running with a through scan, and perhaps that can recover the sparseimage in full.
  I attempted both Niel's suggestion, and also another suggestion to use Terminal and the unix utility "hdiutil". Niel's method locked the good mac as it tried to open the sparseimage, and the hdiutil simply failed after repeated attempts.
  I wish I did not use FileVault to store all of my pictures and videos. It would be more appropriate for storage of only my accounting and personal information. Even better - wish I would have backed up much more frequently.
  G5 Dual 1.8 GHz Mac OS X (10.3.9)

• 128 bit encryption requirement not working

  Using S1 6.0 sp5 on solaris 8, connecting to WAS 4.5 application servers.
  The require 128 bit encryption setting is in obj.conf with an error page to serve if lower than 128 bit encryption is used.
  This works fine for all plain text html requests, however, when a request goes to the websphere application the encryption requirement is ignored.
  Has anyone seen anything of this nature before?

  I'm not using SiteMinder or weblogic, my suggestion was based on your problem description. If you can show us your obj.conf file, we can check and try to find out a solution. You are right, AuthTrans will come before PathCheck but this should still allow PathCheck stage functions to be processed when the request processing goes through the pathcheck stage....I don't know how SiteMinder implements the SAF though.
  Thanks
  Manish

• WEP 40/128-bit Hex and leopard

  just got brand new macbook and installed leopard. as i tried to connect to the wifi the only password i could input was just a WEP password not a WEP 40/128-bit Hex that i know i have to input. i got around it by going through the assistant but every time i put my mac to sleep i have to go through the assistant to re-connect. very frustrating.

  I have been playing around with this issue for a couple of weeks now and tried solutions from other related threads but nothing has worked. Here's my status as of a few days ago on a different post:
  http://discussions.apple.com/message.jspa?messageID=5770365#5770365
  * keychain 1.0 update
  * taking control of the system keychain and manually changing passwords
  * looking for a ktext file to delete it (none found)
  * getting VM Fusion 1.1 (but I'm not on an Intel chip so that won't work)
  * Setting up a "new location" for wireless access
  Today I tried these two solutions:
  http://discussions.apple.com/thread.jspa?messageID=5801108#5801108
  * Raising the priority level of wireless and deactivating ethernet and firewire
  http://discussions.apple.com/message.jspa?messageID=5798767#5798767
  * rebooting in safe mode and then rebooting regularly again afterwards
  My wireless network only supports WEP, and while I can connect, I have to connect using the Diagnostic Tool every time, because saved settings do not work. Any other ideas?

• 320 & 128 bit rate in iPhone.

  I haven't found an option that lets you choose the bit rate you want to convert your music to in my iPhone. All my music is 320 bit rate or lossless... So it's going to take a chunk of space. I'm converting the music I want on my iPhone to a 128 bit rate and throwing that in a playlist to sync to my phone... which I really don't want to do because now I have the same albums twice and it's makes my library messy. Any quick fix or solutions?

  I can't speak for iPods cause I never bought one. I've always been the kind of person who rather have one device (Moto Razr V3i w/ iTunes) then two devices (reg. phone and an iPod). My phone would covert the music to 128 bit rate to optimize space. It would make sense that apple would give us an option to convert the size of our music files to optimize space as well. This making duplicate albums in two different bit rates is a hassle! Unless you've gone into Edit > Preferences > Advanced > Importing... the music you rip on your computer is going to be a defult ACC 128 bit rate format. Which there is nothing wrong with. If you share music with friends and they don't have iTunes there's going to be an issue. So I changed my encoder to MP3 and also adjusted the audio quality. You tend to lose lower frequencies when music is ripped at a low bit rate.

• New iPad asks for WiFi password. There is none. My WiFi uses WEP 128 bit encryption, but there is no "password" to enter.

  Brand new to the iPad. It's asking for a password to the WiFi network in my home. There is no "password" as such associated with this WiFi network. It uses WEP 128 bit encryption where each byte is a hexadecimal number and is called a "key" Typing this lengthy thing in gives me no results. The iPad keeps on asking for a password. I have three computers and a DVD hooked to the network which has been working for a decade, so that's not the issue.
  Basically I'm stuck not being able to get onto the WiFi system.

  iOS 6 Wifi Problems/Fixes
  Fix For iOS 6 WiFi Problems?
  http://tabletcrunch.com/2012/09/27/fix-ios-6-wifi-problems/
  Did iOS 6 Screw Your Wi-Fi? Here’s How to Fix It
  http://gizmodo.com/5944761/does-ios-6-have-a-wi+fi-bug
  How To Fix Wi-Fi Connectivity Issue After Upgrading To iOS 6
  http://www.iphonehacks.com/2012/09/fix-wi-fi-connectivity-issue-after-upgrading- to-ios-6.html
  iOS 6 iPad 3 wi-fi "connection fix" for netgear router
  http://www.youtube.com/watch?v=XsWS4ha-dn0
  Apple's iOS 6 Wi-Fi problems
  http://www.zdnet.com/apples-ios-6-wi-fi-problems-linger-on-7000004799/
  ~~~~~~~~~~~~~~~~~~~~~~~
  Look at iOS Troubleshooting Wi-Fi networks and connections  http://support.apple.com/kb/TS1398
  iPad: Issues connecting to Wi-Fi networks  http://support.apple.com/kb/ts3304
  WiFi Connecting/Troubleshooting
  http://www.apple.com/support/ipad/wifi/
  How to Fix: My iPad Won't Connect to WiFi
  http://ipad.about.com/od/iPad_Troubleshooting/ss/How-To-Fix-My-Ipad-Wont-Connect -To-Wi-Fi.htm
  iOS: Connecting to the Internet
  http://support.apple.com/kb/HT1695
  iOS: Recommended settings for Wi-Fi routers and access points  http://support.apple.com/kb/HT4199
  Additional things to try.
  Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
  Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
  Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
  Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
  How to Quickly Fix iPad 3 Wi-Fi Reception Problems
  http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
  If none of the above suggestions work, look at this link.
  iPad Wi-Fi Problems: Comprehensive List of Fixes
  http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
  Fix iPad Wifi Connection and Signal Issues  http://www.youtube.com/watch?v=uwWtIG5jUxE
  Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
  Unable to Connect After iOS Update - saw this solution on another post.
  https://discussions.apple.com/thread/4010130
  Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
  ~~~~~~~~~~~~~~~
  If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
   Cheers, Tom

• File Vault and Firewall?

  I have a new macbook pro. Should I turn on File Vault and Firewall?

  The purpose of FileVault is to protect your files from being read by someone who has physical access to the computer. If you need or want that protection, you should enable it.
  The application firewall blocks incoming network traffic, regardless of origin, on a per-application basis. Typically, it would be configured to allow only applications digitally signed by Apple to listen on the network. It does not block outgoing traffic, nor can it distinguish between different sources of incoming traffic. It is not, as some people seem to believe, a malware filter.
  So for example, suppose you enable file sharing, and allow access by guests to certain folders. You want people on your local network to be able to access those files without having to enter a password. When configured as stated above, the firewall will allow that. Your router will prevent outsiders from accessing the files, whether the application firewall is on or not. But if your computer is portable and you connect it to an untrusted network such as a public hotspot, the firewall will still allow access to anyone, which is not what you want.
  Now suppose you unknowingly install a trojan that steals your data and uploads it to a remote server. The firewall, no matter how it's configured, will not block that outgoing traffic. It does nothing to protect you from that threat.
  Another scenario: Your web browser is compromised by a trojan. The trojan redirects all your web traffic to a bogus server. The firewall does nothing to protect you from this threat.
  A final scenario: You're running a public web server. Your router forwards TCP connection requests on port 80 to your Mac, and the connections are accepted by the built-in web server, which is signed by Apple. The application firewall, still configured as above, allows this to happen. Now you download a different trojan, one that tries to hijack port 80 and replace the built-in web server. The good news here is that the firewall does protect you; it blocks incoming connections to the trojan and alerts you. The bad news is that you've been rooted. The attacker who can do all this can just as easily disable the firewall, in which case it doesn't protect you after all.
  It might make a bit of sense to use the firewall if you're running trusted services on an unprivileged port; that is, a port numbered higher than 1023. Those ports can be bound by a process with no special privileges.
  Here is a more realistic scenario in which you should enable the firewall. Your portable Mac has several sharing services enabled. You want those services to be available to others on a home or office network. When you're on those networks, the firewall should be off. When you move to an untrusted network, you can either turn off all the services, or enable the firewall to block them. Blocking is easier: one configuration change instead of several.

• Download to support 128 bit encryption

  since trying to download 4.0 version I cannot open firefox at all and need 128 bit encryption that was available prior to 4.0

  Current Firefox releases can't even go below 128 bit, SSL2 that supported this have been removed quite a few releases now (Firefox 8 dropped support for SSL2).
  *https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/8
  128 bit is the minimum that you can use with Firefox and you can only go higher (e.g. 168 or 256).<br />
  128 bit shouldn't be used these days and servers that only support 128 bit should update their software.
  Firefox supports AES-256 since 2002, so that is already more than 10 years.
  * https://www.fortify.net/sslcheck.html

• File vault won't enable

  I inadvertantly turn off file vault in Security & Privacy preferences. I want to turn it back on. I clicked on the Turn On FileVault and got a message to restart. I did that multiple times, an endless loop. What to do?

  Thank you Thomas, that hit the nail right on the head and your solution serves wonderfully - even more-so as one can have multiple secured file systems if required, although only the one will server me fine.
  Kappy, this is my situation: I have used Macs for eons and upgraded bit by bit from one machine to another over the years. I currently use a MBP 17" for my main work and travel machine, at home I have an iMac 24" with bootcamp and a Mini on the Home Theater. Both the MBP and iMac run Parallels and have the mandatory Office basics on them. The iMac is the version with the Nvidea 9000 something or other card and in Bootcamp, running XP, it can handle pretty much any PC game that can be thrown at it. This is required with youngsters in one's house - and, well, can't say I don't enjoy a romp around some of these virtual worlds meself.
  I synchronize these two using Synchronize X Pro.
  At work I need to handle documents that need to be secured. However I have all my photos and audio library on both these machines as well as a NAS at home. I have tons of personal and family files. I do not want to simply encrypt my home directory, it would take an age and is counter-productive. But I DO want a location where I can store documents securely. The "sparseimage" file that Disk Utility allows me to create fits the bill perfectly. By NOT storing the password in the keychain, anyone attempting to mount the sparseimage file - even assuming they knew what it was - would be stymied by my cunningly complex and confusing password. And this assumes that they get by my equally complex login password or gain access to my HD using some sneaky side-entry.
  So in the horrendous event I lose my MBP, I can feel fairly comfortable that my work files are safe.
  Thanks for your help.
  Lawrence

• SSL 128 bits on OAS 4.0.8.1 for LINUX ?

  We used to use the solaris version. To reduce cost, we are moving to Linux. Before, when you needed 128 bits security, you had to order a special patch from tech support.
  The linux version we received is the export version and it is NOT 128 bits SSL.
  Does 128 bits SSL exist ?
  Also, LINUX support from oracle seems REALLY BAD. I'm wondering if we're doing a nice move here... ?
  Thanks
  null

  After I fixed some of the things I broke while searching for the wrksf failure, the PL/SQL Cartridge now works for me too. And, after failing to get the DB Browser to work by loading it into the SCOTT schema, I got it to work by loading it into SYS. (SCOTT can't see the DBA_* views so loading the DB Browser into the database failed.) I haven't tried any Java Servlets yet, but that's next on my list.
  If you want to try my wrksf workaround, rather than using Christoph's, here's how you can do it.
  1. Backup liborb.so in the $ORACLE_HOME/orb/4.0/lib directory, just in case something goes wrong.
  2. Using a hex editor, such as emacs hexl-find-file or ghex, to edit liborb.so, find the string "/proc/stat".
  3. Change the directory, "/proc" to something like "/pfoo" and write the shared library file back to liborb.so. You now have the required modified liborb.so.
  4. Make the /pfoo directory and cp /proc/stat /pfoo.
  5. Edit /pfoo/stat and duplicate the first line, which should be the cpu line. This will let the metrics parser handle it. Make sure that /pfoo/stat has read access.
  Of course, the values that the metrics code gets are now bogus, but that does not seem to be a fatal problem.
  Hopefully somebody from Oracle is reading this and the real fix will be in the mail soon.

• SSL - 128 bit encryption instead of 40 bit?

  Hi,
  I setup my Tomcat 4.0.3 server to use SSL as directed in a book on servlets that I bought from sun press. Everything works fine, the server starts with SSL support and you can access it with https:, download the cert, etc. I downloaded jsse 1.0.2 jar files and put them into my /jre/lib/ext/ dir as directed and created the keystore for the key with:
  keytool -genkey -alias tomcat -keyalg RSA -validity 730
  also directed by the book.
  My problem is that the keys generated are using 40 bit encryption instead of strong 128. I want to make the site as secure as possible and I'm wondering how to do that. I followed the directions exactly, downloaded the version of jsse for us/canada and yet my certs still say that they were encrypted with 40 bit not 128 bit encryption.
  Mike

  My problem is that the keys generated are using 40 bit
  encryption instead of 128. What client do you use to connect to Tomcat?
  If the client does not support 128 bit keys for RC4, the browser
  and SSL 3.0 may negotiate a weaker session encryption key,
  in your case 40 bit.
  I don't use Tomcat, but with my web server you can configure
  the SSL protocol versions it accepts, and the ciphers it accepts;
  ie I can switch off everything other than RC4-128. -- Can the same
  thing be done in Tomcat, and how can it be done?