T 3.109 Inappropriate handling of FileVault encryption

Under Mac OS X, the user directories can be encrypted using the "FileVault" program. This encryption uses the AES-128 algorithm. Users may only access the FileVault-encrypted data after entering the correct password. The password should be sufficiently secure.

Passwords may be forgotten or unavailable in case of absence of a person.

In such case, the master FileVault password can be used to read such data. The locally defined master FileVault password makes it possible to encrypt all user folders of the corresponding IT system or to reset the corresponding password. If the master FileVault password is stored at an unsecured location, unauthorised persons may access the encrypted information.

If both the user password and the master FileVault password get lost, e.g. due to fire or theft, access to the FileVault-encrypted data will not be possible any more. The master FileVault password is protected by a weaker algorithm (RSA-1024); correspondingly, it is exposed to a higher risk as compared to the user passwords.

FileVault is not able to encrypt the whole hard disk. Correspondingly, an attacker having physical access to the hard disk or a user account may also access sensitive configuration data and/or folders. This includes, for example:

• log files in /Library/Logs and /var/log,
• cache and temporary files in /Library/Caches and /tmp,
• system-wide settings in /Library/Preferences,
• own source code in /Developer, or
• any additional programs stored out of the user folder.

Unauthorised persons may also gain access to the information when users are authorised to log in at the client without authentication ("Automatic login"). In such case, the information protected by FileVault will be automatically decrypted without query for a password when starting the computer.

Another problem may be created by the program "Time Machine". "Time Machine" is used for data backup under Mac OS X and may create copies of whole hard disks, individual directories, or FileVault-encrypted user folders. However, the information is always stored unencrypted on the data backup medium; the type of medium is irrelevant. Care must be taken that the backup media are stored at a location that prevents access of unauthorised persons.

It must also be taken into account that data backup using "Time Machine" can only be performed with activated FileVault after the user logged out of the system. If the client is locked out under Mac OS X or if it is in sleep mode, data backup cannot be performed.

Examples:

• A company generally uses FileVault for encryption of user folders. As the staff members assume that the data are sufficiently protected by FileVault, they ask the responsible administrator to enable automatic login so that they save time. The administrator also erroneously believes that the information will still be protected by FileVault. When activating the automatic login, the FileVault-protected user folder will be decrypted and unauthorised persons may access the information.
• A company uses FileVault for encryption and "Time Machine" for data backup. The staff members do not switch off the computers during the lunch break, but only switch them to sleep mode. After several days of work in the system without switching off in between, a hardware malfunction occurs, resulting in data loss. As the computers have never been switched off, FileVault did not allow backup by "Time Machine". Correspondingly, the work done during the days since the last backup was lost.
• A Mac OS X client uses FileVault for encryption of user folders to achieve an appropriate level of protection. Subsequent data backup is stored on a remote server using "Time Machine". The copied information can be accessed by all persons having access rights for the corresponding directory, because the information was stored unencrypted by "Time Machine". Another problem arises if the data medium is lost, because the information is stored unencrypted on the data medium.