Jump to content

FileVault 2

FileVault FileVault 2

  • Please log in to reply
258 replies to this topic

#241
Slice

Slice

    InsanelyMac V.I.P.

  • Local Moderators
  • 6,495 posts
  • Gender:Male
  • Location:Moscow

If we enter password in Clover GUI then we can send this password to boot.efi, or not?



#242
smolderas

smolderas

    InsanelyMac Sage

  • Members
  • PipPipPipPipPip
  • 360 posts
  • Gender:Male

If we enter password in Clover GUI then we can send this password to boot.efi, or not?

You could, but please don't. It is not the task of the bootloader.

One should try to fix the main problem, instead creating ways around it.



#243
Jief_Machak

Jief_Machak

    InsanelyMac Protégé

  • Coders
  • 75 posts
  • Gender:Male

I'm not sure to see that as "not the task of a bootloader". Can be seen as : the partition is password protected, so the bootloader ask for the password to boot it.

But I understand your point. Now almost all the work is done and Apple pre-boot works, it makes sense to continue that way.

Too bad for me, it works except for PS2 keyboard. I take my hackintosh laptop on a long trip in 3 weeks and I wanted to protect it. I probably won't have time to understand the ps2 keyboard driver and improve it because I don't master the efi environment.

Hey, I'm not complaining : I have MacOS, thanks to Colver. So thanks to everyone who made it !

 

PS : if it's simpler to make Clover ask for password and pass it to boot.efi, than fixing the ps2 keyboard, I'm still up for it (better than nothing) ! :-)



#244
smolderas

smolderas

    InsanelyMac Sage

  • Members
  • PipPipPipPipPip
  • 360 posts
  • Gender:Male

I'm not sure to see that as "not the task of a bootloader". Can be seen as : the partition is password protected, so the bootloader ask for the password to boot it.

But I understand your point. Now almost all the work is done and Apple pre-boot works, it makes sense to continue that way.

Too bad for me, it works except for PS2 keyboard. I take my hackintosh laptop on a long trip in 3 weeks and I wanted to protect it. I probably won't have time to understand the ps2 keyboard driver and improve it because I don't master the efi environment.

Hey, I'm not complaining : I have MacOS, thanks to Colver. So thanks to everyone who made it !

 

PS : if it's simpler to make Clover ask for password and pass it to boot.efi, than fixing the ps2 keyboard, I'm still up for it (better than nothing) ! :-)

If you (really) want to protect your data, you could still enable FileVault 1 (as in encrypt only the home folder). There were posts about it, need to search a bit.



#245
Slice

Slice

    InsanelyMac V.I.P.

  • Local Moderators
  • 6,495 posts
  • Gender:Male
  • Location:Moscow

You could, but please don't. It is not the task of the bootloader.

One should try to fix the main problem, instead creating ways around it.

Because you are not using Clover?



#246
Jief_Machak

Jief_Machak

    InsanelyMac Protégé

  • Coders
  • 75 posts
  • Gender:Male

I know. I'm already with FileVault1. I would have preferred FileVault2.



#247
Download-Fritz

Download-Fritz

    ygolohcysp desreveR

  • Developers
  • 778 posts
  • Gender:Not Telling

Because you are not using Clover?

 

Or because he actually appreciates good design lol



#248
Slice

Slice

    InsanelyMac V.I.P.

  • Local Moderators
  • 6,495 posts
  • Gender:Male
  • Location:Moscow

I prefer bugless solutions.



#249
Download-Fritz

Download-Fritz

    ygolohcysp desreveR

  • Developers
  • 778 posts
  • Gender:Not Telling
Yes, converting text to keycodes will be way less buggy when done in Bloatver as opposed to the PS2 kb driver... In reality we just fear we won't get this amazing implementation as non-Clover users rofl

Slice, I like competetive teasing in a humorous way, but doing that with a potentially horrible workaround which is a spit away from a somewhat proper solution is humorous on a whole different level.

#250
Jief_Machak

Jief_Machak

    InsanelyMac Protégé

  • Coders
  • 75 posts
  • Gender:Male

Just because you see things in a way, doesn't mean that it's "horrible workaround which is a spit away from a somewhat proper solution". At least, it's worth thinking about it. Even if it's for to conclude that you're right.

Explain your reasons instead of just saying that the others are wrong. I still don't get why Clover asking for a password is such an horrible thing. A bootloader that need a password to boot a partition : why is it bad design ?



#251
vit9696

vit9696

    InsanelyMac Geek

  • Developers
  • 249 posts
  • Gender:Male
Jief_Machak, I stated the reasons here: #240, if they are unclear or if it is unclear that clover is written and maintained terribly in terms of security, then you chose the wrong profession (no offence intended).

#252
Download-Fritz

Download-Fritz

    ygolohcysp desreveR

  • Developers
  • 778 posts
  • Gender:Not Telling

Just because you see things in a way, doesn't mean that it's "horrible workaround which is a spit away from a somewhat proper solution". At least, it's worth thinking about it. Even if it's for to conclude that you're right.

Explain your reasons instead of just saying that the others are wrong. I still don't get why Clover asking for a password is such an horrible thing. A bootloader that need a password to boot a partition : why is it bad design ?

 

Let me get that right... you don't see what is wrong with either modding the AppleKeyMapDb protocol, introducing a listener to a proprietary event or even using a repeating event as a "multi-thread pause" fake to even determine when boot.efi is ready for input, and then either modding AppleKeyMapDb again to provide a new key on every stroke or introduce another event to feed the right data in the right intervals, is worse than just doing the conversion and feeding where it is supposed to be, in the PS2 kb driver? And you think "you don't use Clover" is a good argument for implementing such a crutch of a workaround in contrast to doing it proper, across the entire UEFI environment? Please explain how any of that is subjective... for me, this is not debatable, as that 'workaround' is not even less work than the proper solution.



#253
Jief_Machak

Jief_Machak

    InsanelyMac Protégé

  • Coders
  • 75 posts
  • Gender:Male

@vit9696 : You know my profession ? Interesting the way some people need to attack other when they may disagree.

 

Security problems in Clover could be a reason, I agree.

 

@Download-Fritz : I never said "you don't use Clover". I agree that feeding the pre-boot boot.efi seems not right. My question was : is it possible to entirely skip Apple pre-boot, doing what pre-boot does, except for the GUI part. In other words : would it possible to boot an encrypted partition if no Recovery partition exists ?

 

The question might stupid, I know. That doesn't mean I am, neither I need to change profession. Please everyone, stay nice and calm. It is just question. Question to people who know more than me on that subject. I'm not criticizing your work, or Clover.



#254
mille1j

mille1j

    InsanelyMac Protégé

  • Members
  • Pip
  • 3 posts
lots of discussion here, which is good, but i want to circle back to some basic stuff-namely have people been able to get FV2 to work in High Sierra? i have it working fine in Sierra, but have been reluctant to upgrade to HS because of concerns about FV2
lots of discussion here, which is good, but i want to circle back to some basic stuff-namely have people been able to get FV2 to work in High Sierra? i have it working fine in Sierra, but have been reluctant to upgrade to HS because of concerns about FV2

#255
smolderas

smolderas

    InsanelyMac Sage

  • Members
  • PipPipPipPipPip
  • 360 posts
  • Gender:Male

lots of discussion here, which is good, but i want to circle back to some basic stuff-namely have people been able to get FV2 to work in High Sierra? i have it working fine in Sierra, but have been reluctant to upgrade to HS because of concerns about FV2
lots of discussion here, which is good, but i want to circle back to some basic stuff-namely have people been able to get FV2 to work in High Sierra? i have it working fine in Sierra, but have been reluctant to upgrade to HS because of concerns about FV2

Yes, I'm using FileVault 2 on my High Sierra installation on a SSD with apfs formatting.



#256
mille1j

mille1j

    InsanelyMac Protégé

  • Members
  • Pip
  • 3 posts
any changes required with HS or just add one of the keyboard drivers as discussed here long ago

#257
Download-Fritz

Download-Fritz

    ygolohcysp desreveR

  • Developers
  • 778 posts
  • Gender:Not Telling

I never said "you don't use Clover".

 

Slice did and you replied to my answer to Slice.

 

My question was : is it possible to entirely skip Apple pre-boot, doing what pre-boot does, except for the GUI part. In other words : would it possible to boot an encrypted partition if no Recovery partition exists ?

 

Not by chainloading boot.efi, no.



#258
Jief_Machak

Jief_Machak

    InsanelyMac Protégé

  • Coders
  • 75 posts
  • Gender:Male

 

 

Slice did and you replied to my answer to Slice.

 

Please, don't be like that. My answer was for smolderas about FileVault 1 and 2.



#259
smolderas

smolderas

    InsanelyMac Sage

  • Members
  • PipPipPipPipPip
  • 360 posts
  • Gender:Male

any changes required with HS or just add one of the keyboard drivers as discussed here long ago

No changes, just needed apfs.efi, but it is a requirement if you format your drive with apfs...







Also tagged with one or more of these keywords: FileVault, FileVault 2

  Topic Stats Last Post Info

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

© 2017 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy