[OSX-Users] Re: Lion problems
Philip Boulain
prb at ecs.soton.ac.uk
Sun Jul 31 11:55:28 BST 2011
On 31/07/2011 10:45, Hugh Glaser wrote:
> 1) MenuMeters reports that my swap files are encrypted.
> I don't want this, as it was bad enough before when they got big, watching the system occasionally thrash.
> Now it is certainly worse.
> Of course, it may be that MenuMeters is reporting wrongly, and it is something else?
> If not, anyone any idea how to switch it off?
I could have sworn it was via pmset's hibernatemode (looking at past
mails, perhaps it used to be), but apparently not:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/dynamic_pager.8.html
From the look of that you want to open
/Library/Preferences/com.apple.virtualMemory.plist
find "UseEncryptedSwap", and toggle it to off. IIRC OS X has a pretty
GUI editor for plist files that should open by default.
> (Obviously I don't have FileVault switched on, which is what is pissing me off about the swap situation - what is the point of encrypted swap when the rest isn't?)
Because no well-written software will write stored passwords unencrypted
to disk, e.g. Keychain stores them encrypted them with your login
password by default I believe. But to actually use them, at some point
those passwords have to be unencrypted in memory, and if the machine
were to be heavily overloaded or hibernated during that point, that
memory might get written to swap and your password is now in plaintext
on persistant storage. It might be harder to find than a passwords.txt
on your desktop, but it's also harder to get rid of given swapfiles are
system-managed and you'd effectively have to disabled them all and
secure-zero the drive's free space.
Are you sure it's the cause of your performance woes, though? I'd expect
disk speed (and the lack of it) to completely dominate the CPU cost of
encryption, and I haven't found it (under Linux) to be a problem on a
hideously anaemic Celeron. If I'm remembering my cat names correctly,
that manpage is for Snow Leopard (it's the most-recent Apple host), so
it's been on by default on laptops since then.
--
Phil
More information about the Osx-users
mailing list