I found this over at Tidbits and thought it was of note concerning OSX.3.
FileVault -- Responding to the security needs of corporations and privacy-minded individuals, Panther introduces FileVault, a feature that encrypts the contents of your Home folder using AES-128 (Advanced Encryption Standard) encryption. After FileVault is enabled, you can still use items in your Home folder as you normally would, but they're encrypted and decrypted on the fly as you open and close them. This makes it extremely difficult for someone to access your data, such as if your laptop is lost or stolen.
However, even ignoring the fact that several of the Take Control authors experienced data loss with FileVault while testing beta releases of Panther,
FileVault has a serious architectural limitation in that it creates one large file to house your Home items. For many of us, that file will be humongous (as in many gigabytes), since the Home folder by default contains files such as digital photos, iMovie media files, and the iTunes library. This is a problem for two main reasons.
Even a small amount of data corruption due to a failing hard drive or other problem could render everything in your Home folder inaccessible. Talk about putting all your eggs in one basket...
The smallest change to any file in your Home folder will cause the modification date of the entire FileVault file to change, and backup utilities such as Retrospect will copy the whole thing. (Dantz has listed some known issues with Panther and FileVault on their Web site.)
FileVault isn't a bad idea, but it scares me (and everyone else at TidBITS) silly; I can't imagine entrusting all my data to that single file, much less screwing up my backup strategy to accommodate it. Apple should modify FileVault so you can encrypt only specific folders, thus letting users protect only sensitive data, rather than wasting time and effort on other mostly innocuous files.
For the rest of the story...
TidBits
