The latest version of Apple’s operating system for desktop and laptop computers, Mac OS X 10.10 “Yosemite,” encourages users to turn on its FileVault disk encryption as the company hardens its pro-security stance. The decision to encourage encryption, so that users must opt-out – rather than opting in as has been the case since FileVault was introduced in 2003 – shows the company refusing to back down to pressure from the US government to restrict the availability of cryptographic tools to the public. On Thursday, the FBI’s director, James Comey, decried the company’s decision to offer similar tools on mobile devices running iOS 8.
“With Apple’s new operating system, the information stored on many iPhones and other Apple devices will be encrypted by default,” Comey told the Brookings Institute in Washington DC. “Shortly after Apple’s announcement, Google announced plans to follow suit with its Android operating system. This means the companies themselves won’t be able to unlock phones, laptops, and tablets to reveal photos, documents, email, and recordings stored within.”
Comey continued: “At the outset, Apple says something reasonable – that it’s not that big a deal … Apple argues, for example, that its users can back up and store much of their data in ‘the cloud’ and that the FBI can still access that data with lawful authority. But uploading to the cloud doesn’t include all the stored data on a bad guy’s phone, which has the potential to create a black hole for law enforcement.”
But despite Comey’s pleas, the company shipped Yosemite with the FileVault option intact. The install process for the new operating system asks users if they would “like to use FileVault to encrypt the disk” on their Macs. Ticked by default are two boxes, “Turn on FileVault disk encryption” and “Allow my iCloud account to unlock my disk.”
READ MORE :
- Gadgets have their place in education, but they’re no substitute for knowledge
- Top 8 Games Like Pokémon for iOS and Android
- Google paid Apple $1bn to be default iOS search engine
- Electronic waste: we must design gadgets that don’t poison the planet
- Selling art online and reaching new markets: 5 tips for artists
That means that unless the user actively declines the offer, their hard drives will be encrypted. Unlike a standard password-protected computer, which leaves the contents of a hard drive accessible to anyone with the patience to remove the drive, FileVault encrypts the entire contents of a device at the disk level, rendering it impossible for anyone without the login password to access the data on the computer.
While the FBI has condemned Apple’s new commitment to security, civil liberties organizations have welcomed the decision. “We applaud tech leaders like Apple and Google that are unwilling to weaken security for everyone to allow the government yet another tool in its already vast surveillance arsenal,” said the American Civil Liberties Union’s Laura Murphy following Comey’s speech. “We hope that others in the tech industry follow their lead and realize that customers put a high value on privacy, security, and free speech.”
Users on older versions of Mac OS X can still enable FileVault but must dig into the operating system’s settings to do so; the feature is buried under the Security & Privacy option in the system preferences. Windows users have long had access to a similar tool, also not enabled by default, called BitLocker, which can be turned on using Windows Explorer. It is unknown whether Microsoft will make BitLocker use opt-out in its forthcoming Windows 10 release, except next year and presently in developer testing Work Reveal.
