FileVault security hole when used on SSDs

security filevault ssd encryption

Solution 1:

Your making a test user account with a short name different than the eventual user to be migrated is sound.

In practice, you will in time over write more and more of the data, but if you have the time to first establish a file vault key and have the drive completely encrypted before copying any sensitive data, you have a more secure system and can know that the data can be sanitized cryptographically as opposed to being over-written or actually erased.

You'll want to look for these lines in the diskutil cs list output to know it's ready for the start of data migration:

|       Conversion Status:       Complete
|       High Level Queries:      Fully Secure
|       |                        Passphrase Required

Related

KeePass application with synchronization support on a Mac?
Spotlight shortcut not working within an app(s) anymore
Set a custom dock icon for an application instance via Terminal
Mac OSX: strange shaking (jitter) of screen
How can I get OSX to appear as a wifi router without sharing internet
How can I reset the service battery warning?
remote "desktop mouse" with Magic trackpad emulator for iPad or Mac Book
How can I map `Ctrl+Alt+Char` and `Ctrl+Number` in vim on Mac OSX?
How to turn off "Enable WiFi" alert message on iOS?
Leave iPhone on when changing SIM card
Can I browse all the words in single list view in the Mavericks dictionary?
How do change focus from the address bar back to the document after CMD+L?