The feds’ll hate this: Apple’s new APFS file system ‘engineered with encryption as a primary feature’

“Apple is deepening support for encryption in its [Macs] and [iOS] devices with the introduction of Apple File System (APFS), a new file system that will replace the existing HFS+ file system from next year,” Graeme Burton reports for V3.

“APFS has been ‘engineered with encryption as a primary feature,’ according to Apple, adding extra encryption features into the file system that will make it easier for users to encrypt files,” Burton reports. “However, it may also reignite disputes with law enforcement and security agencies over backdoors for encrypted communications and devices.”

Burton report, “‘On OS X, full disk encryption has been available since OS X 10.7 Lion. On iOS, a version of data protection that encrypts each file individually with its own key has been available since iOS 4. APFS combines both of these features into a unified model that encrypts file system metadata,’ explained the [APFS] guide. ‘APFS supports encryption natively. You can choose one of the following encryption models for each volume in a container: no encryption, single-key encryption, or multi-key encryption with per-file keys for file data, and a separate key for sensitive metadata. APFS encryption uses AES-XTS or AES-CBC, depending on the hardware. Multi-key encryption ensures the integrity of user data even when its physical security is compromised.'”

Read more in the full article here.

MacDailyNews Take: Good.

As we wrote last October:

Too many people do not realize how lucky we are that Tim Cook is CEO of Apple Inc. No matter what else Cook does, as long as he holds his ground on this issue [strong encryption], he’s one of the greatest CEOs in history. We need and are lucky to have a man with a strong backbone to stand up to this constant pressure from misguided government spies who’re hell bent on running roughshod over the U.S. Constitution and U.S. citizens’ rights.

Furthermore, the friends and family members of all terrorism victims should be incensed that the U.S. federal government would seek to abuse such tragic deaths in a despicable ploy to sway a confused portion of the public to support the trampling of their own rights (as the gov’t tried after San Bernadino).

Just because they’re “in the government” doesn’t make them smarter. Oftentimes, the inverse is true. For example, the feds were all over the last Islamic terrorist to hit the U.S. (Orlando) and they still fecklessly blew it.

The best minds are not in government. If any were, business would steal them away. — Ronald Reagan

Those who wrongheadedly agree with shortsighted and/or disingenuous government hacks need to realize that they are working to deliver EXACTLY WHAT THE TERRORISTS SEEK TO ACHIEVE WITH THEIR MURDEROUS RAMPAGES: LOSS OF FREEDOM.

Encryption is either on or off. There is no such thing as a backdoor that’s only for “the good guys.”

Don’t be blind. Don’t be stupid. Don’t be weak.

Is life so dear or peace so sweet as to be purchased at the price of chains and slavery? Forbid it, Almighty God! I know not what course others may take, but as for me, give me liberty, or give me death! – Patrick Henry, March 23, 1775

Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. – Benjamin Franklin

Visit the Apple-backed today.

Buh-bye HFS+, hello APFS (Apple File System) for macOS! – June 14, 2016
Apple can do better than Sun’s ZFS – October 26, 2009
Apple discontinues ZFS project, turns attention to own next-gen file system – October 24, 2009
Apple’s Mac OS X Snow Leopard Server’s ZFS goes MIA – June 9, 2009


  1. If you are a business it would be to your benefit to enable a master password on all company assets. If you value your data that is. Then you would be the arbitrator to the federal government for access to that data.

    Apple provides the tools, while it’s up to us to use them correctly.

  2. On the surface, I love the idea of system-wide encryption. But when you get down to it, system-wide encryption requires that the whole drive be encrypted upon shutdown and decrypted upon startup, which is a lot of wear and tear on the drive. I realize that modern Solid State Drives can write 60 gigabytes a day for five years, but what if your Solid State Drive is bigger than 60 gigabytes? How many times larger is your Macs Solid State Drive? Take that number and divide 5 years by it.

    1. system-wide encryption requires that the whole drive be encrypted upon shutdown and decrypted upon startup
      That’s not how encryption works.

      Solid State Drives can write 60 gigabytes a day for five years, but what if your Solid State Drive is bigger than 60 gigabytes?
      That’s not how SSDs work.

      How many times larger is your Macs Solid State Drive? Take that number and divide 5 years by it.
      That’s not even how math works.

      What is wrong with you?

  3. I really hope system-wide encryption will only be an option. I’d prefer to have my Solid State Drive last a lot longer than a year. Personally, I’d prefer to be able to choose what gets encrypted. If it’s just your documents, contacts, email and calendar, that’s not so bad. But encrypting the whole drive would wear out the drive too fast.

    1. “You can choose one of the following encryption models for each volume in a container: no encryption, single-key encryption, or multi-key encryption with per-file keys for file data…”

      It appears to me that the trick is to ensure that your HDD/SSD data is properly subdivided into volumes representing your encryption preferences. You might not choose to encrypt your applications and such, but place strong encryption on personal data – emails, contacts, etc.

    2. I echo the above comment… I don’t think you understand how encryption works. Also modern MLC drives have ~60 GB built in as overhead for that very purpose… And most modern PCIe based flash modules don’t suffer from that problem.

    3. Err, no. Encryption/decryption would take place at the sector level. In any case, an application, unless it’s updated, doesn’t change. Load the app into memory where it’s decrypted. There’s no need to re-encrypt it once you’ve finished with it—just make sure that it’s not stored in a decrypted state for any longer than absolutely necessary. Any write overhead is absolutely minimal. Data is only decrypted or encrypted when it has to be, and then only the data actually being used whether that be an application or the data it uses.

      Currently. FileVault takes some time to encrypt the drive when first invoked. Thereafter, you simply don’t see it happening even from a cold start. The ideas of encrypting the entire drive when you start up, and decrypting it when you shut it down or put the computer to sleep is farcical — it just doesn’t work like that.

      Your SSD is quite safe and will, to all intents and purposes, experience no more wear and tear than an unencrypted drive will.


  4. There were warning signs with the San Bernardino shooters, whose neighbors reportedly didn’t want to call the cops for fear of being thought racist. And there were warning signs with Mateen, who apparently had been on security officials’ radar screen for some time but not enough to do anything about it. Classmates of Nidal Hassan said he regularly spouted Islamist propaganda months before he shot up Fort Hood, but the military was too politically correct to do anything and afterward tried for some time to pretend that his deliberate, jihadist attack was merely “workplace violence.”

    To prevent this sort of event in the future, we need to do several things.

    First, interrupt the flow of radicalizing propaganda at the source: ISIL and various other jihadist outfits need to be neutralized or destroyed. These organizations pursue a deliberate strategy of radicalizing Muslims in Western countries to turn them into terrorists, and they operate networks of sympathizers throughout the USA. We used to cozy up to the Saudis, but thanks to hydraulic fracturing we don’t really need their oil anymore, so they need to be told to put a stop to this sort of support or else. We likely could have nipped ISIL in the bud a few years ago at minimal cost — or kept it from sprouting in the first place by maintaining a presence in Iraq — but it needs to be brought down now.

    We also need to be clear about what it is we’re fighting. We’re not fighting Islam as such. Many good Muslims are horrified by this violence. But we are fighting the jihadist strain of Islam, and unfortunately quite a few Muslims view that strain as legitimate.

    We can’t allow ourselves to be blinded to this reality, unless we want to see jihadist attacks like this — which have, sadly, become normal in the past few years — continue and increase. — Glenn Reynolds, USA Today, June 13, 2016

    The problem: Incompetent Democrats like Obama and Clinton who can’t even identify the crux of the issue (RADICAL ISLAMIC TERRORISTS) because they’re brain-damaged by Political Correctness.

    1. Trump has already won. It’s all over but the shouting.

      The Florida terrorist attack last weekend revealed multiple failures of Obama administration counterterrorism policies that critics say are hamstrung by liberal “political correctness.”

      The FBI gave up investigating Mateen after two interrogations. Mateen told agents he had made pro-terrorist comments because he felt he was a victim of religious discrimination from coworkers because he was Muslim.

      “He admitted making the statements that his coworkers reported, but explained that he did it in anger because he thought his coworkers were discriminating against him and teasing him because he was Muslim. After ten months of investigation, we closed the preliminary investigation,” Comey said in Washington.

      Former FBI Agent John Guandolo said the FBI mistakenly closed its investigation because it had no idea how to respond to jihadist threats because the bureau does not teach agents about Islamist doctrine, such as Sharia law, that is used as a guide for terrorist operations and activities.

      “This investigation was closed because FBI leadership has systematically refused to look at and teach Sharia to its agents because it is getting its advice on Islam from Muslims who are hostile to us and our system of government,” Guandolo said.

      Comey said the FBI would examine whether it should have handled the case differently. “So far, the honest answer is, I don’t think so,” he said.

      Guandolo said the FBI director was wrong.

      “Fifty Americans are dead, the FBI had the killer in their sights and let him go, and the FBI director is okay with this,” he said. “Not knowing something that is a requirement of your profession—like an FBI director not understanding that Sharia is the key to understanding the entire global war—is unprofessional.”

      President Obama on Sunday made no reference to Islamic terrorism in his statement and instead suggested it was a hate crime directed against gays. The nightclub was frequented mainly by homosexuals.

      In addition to missing the early danger posed by Mateen, the administration also failed to issue any public warning about possible Islamic State terrorist attacks during the Muslim observance of Ramadan that began earlier this month.

      The Washington Free Beacon first reported June 3 that an Islamic State spokesman advocated in May for attacks by ISIS supporters to be carried out in the United States and Europe.

      Retired Army Lt. Col. Joseph Myers, a former Defense Intelligence Agency analyst and counterterrorism expert, said U.S. intelligence and law enforcement agencies are operating under rules of engagement that prevent the preemption of terror attacks.

      “The fact that as a matter of Obama administration policy they have purged any references to Islam, Islamic doctrines and tenets of war and jihad from the professional terrorism lexicon leaves the FBI, DHS, DoJ, and DoD from being intellectually and physically ready to act and operate to preempt these kinds of events in the homeland,” Myers said.

      The purging of Islamic concepts has left American leaders and law enforcement agents confused about terrorists’ motives.

      “Individual acts of jihad are a legitimate tenet of Islamic war doctrines that do not require specific sanction or outside terrorist group approval,” he said, noting that “leaderless jihad” is an established tenet for both al Qaeda and ISIS.

      Myers said the Orlando attack was a “catastrophic failure” for the FBI and showed its policies, procedures, and resources are inadequate to the mission of homeland security.

      “This has to change now or a new organization, mandated to defeat this domestic threat, must be organized and fielded,” he said.

      Presumptive Republican nominee Donald Trump blamed politically correct policies for the failure to prevent the latest attack. He repeated his call to temporarily bar Muslims coming from areas of the world that have been linked to terrorism against the United Stats.

      Trump said during a speech in New Hampshire that “the current politically correct response cripples our ability to talk and to think and act clearly.”

      “We’re importing radical Islamic terrorism into the West through a failed immigration system and through an intelligence community held back by our president,” Trump said. “Even our own FBI director has admitted that we cannot effectively check the backgrounds of people we’re letting into America.”

      The Obama administration has hamstrung intelligence and security agencies, the New York businessman said.

      “They have put political correctness above common sense, above your safety, and above all else. I refuse to be politically correct,” Trump said.

      Former Secretary of State Hillary Clinton, the expected Democratic nominee, initially declined to link radical Islam to the Orlando attack. Later she acknowledged in broadcast interviews that jihadists were religiously motivated but she sought to play down that aspect of the threat.

  5. Take your crap elsewhere. There are many websites that cater to what you like discuss. Those places are loaded with people you can sit in a circle and yank with. Try it. You will like it.

    Antagonism is your entire purpose. Garden variety troll thinking he can hide his trolling behind his topic. In simpler terms: You’re an obnoxious cockroach. I’d sorry with some D-Con if you were close enough.

      1. Nobody said they didn’t have a right to their opinions. It’s just that they’re an ass for spewing them out here when it has nothing to do with the article or with Apple. There are numerous other forums for their crap.

  6. Since the FileVault fiasco a few years back, I refuse to consider anything more than single-file encryption on the Mac. I’m far more worried about my NOT being able to access my data than anyone nefarious being able to access it. And I really wish that weren’t so.

  7. More kabuki theater by Apple. iOS will be just as hackable and crackable as it has always been. Only now deluded idiots will gloat how safe they are, like good little isheep.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.