dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
942
share rss forum feed


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to Thinkdiff

Re: [OS X] Keychain disappointment

said by Thinkdiff:

As long as the L2TP tunnel is passing mdns (broadcast) packets, I don't see why it wouldn't work over your VPN.

I don't know what that means . Will have to look it up

said by Thinkdiff:

BTW, VPN over WiFi (w/ WPA2) isn't really necessary when you're already on your own local network. It may even cause problems if the VPN's private space is the same as your local network's space.

Yes, I get an address in the same address space over VPN (Local and remote) 10.0.1.XX. I have not observed any issues, it just works. Possibly because it's a Mac OSX server providing the VPN, DNS, and routing?

said by Thinkdiff:

Do you run your ethernet connected computers through the VPN, too?

No. I ASSUME that data is restricted to the copper wire. At least I think so. However, when I am at my GF's, and ethernet connected, I do run through my VPN. She has all sorts of stuff connected including WinDoze machines, I treat that network like any other hostile network.

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


Shady Bimmer
Premium
join:2001-12-03
Northport, NY
kudos:1
Reviews:
·Verizon FiOS
reply to TamaraB
said by TamaraB:

Yes, I use WPA2 Personal on WiFi. With Mac address /restrictions/filtering.

I use MAC address filtering too, but realize that it really does not offer anything in the way of security (it is trivial to spoof a hardware address, and it is trivial to identify an authorized hardware address)
said by TamaraB:

No. After reading up on encrypted Mac filesystems, I was a bit apprehensive about going that route. I understand recovery becomes an issue with encrypted filesystems, as does disk access times. All my Macs are tricked-out with SSDs for speed, and I didn't want to take a speed hit.

I'm not sure where recovery becomes an issue, though it depends entirely upon your backup solution. You noted you use Time Machine (as do I), which backs up the unencrypted data. You have the option to additionally encrypt your backups, but the data that is backed up is itself the unencrypted contents.

With respect to performance, you may want to do some testing. Not necessarily running benchmarks, but actually trying it out to see if it makes a noticeable difference. Modern intel processors include acceleration for the types of encryption used most commonly which helps tremendously. I personally don't notice any difference on my mid-2010 MBP.

Getting back to the original topic, Apple's direction with integration of keychains with iCloud is a good thing, even if only to encourage more users to embrace password managers. This is beyond basic browser password caching and is more secure.

Users of 1Password will likely not find any benefit with the Apple solution, especially with the recently released update. However for those that do not use any password manager this is a big step forward.


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to Thinkdiff
said by Thinkdiff:

FileVault 2 is incredibly fast. If you have a recent Mac (i5 or better from the Westmere line or later, e.g. after 2010)

All my Macs are Late 2012 i7s with the faster CPU. FileVault can be turned on at any time right?

Shady Bimmer
Premium
join:2001-12-03
Northport, NY
kudos:1
Yes it can be enabled or disabled at any time.

As a best practice always ensure you have a good backup (or two). It will take some time to encrypt the drive, but with an SSD this will be much faster than spinning rust.