Tuesday, June 14, 2016

Apple announces Encryption-focused New File System for macOS Sierra


Apple announced one huge change at WWDC 2016: The company is replacing the HFS+ file system on MacOS, iOS, tvOS and WatchOS with a new file system.

The company has introduced its brand new file system called The Apple File System — or APFS for short — for iOS, OS X, tvOS, and WatchOS, making security its centerpiece.

"The Apple File System (APFS) is the next-generation file system designed to scale from an Apple Watch to a Mac Pro. APFS is optimized for Flash/SSD storage, and engineered with encryption as a primary feature," according to an entry in the WWDC 2016 schedule.

Yes, the Apple File System is optimized for Flash and SSD-based storage solutions that are used in iPhones, iPads, MacBooks, AppleTV set-top boxes, and others Apple gadgets.

APFS supports "nearly" all features the HFS+ file system provides while offering improvements over the previous system in the process.

Apple

describes

APFS as a modern file system that includes "

strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals.

"

Here’s what will definitely bother the FBI:

Security and Privacy are fundamental in Apple File System, as APFS supports encryption natively instead of through Apple’s previous full-disk encryption File Vault application.

There are three modes of operation in APFS: No encryption, Single-key encryption, and Multi-key encryption with per-key files and the other key for sensitive metadata.

These modes allow you to apply sufficient encryption depending on your security needs. APFS supports both AES-XTS as well as AES-CBC cipher variants, depending on the actual device.

Multi-key encryption makes it tough to crack even if one has physical access to the storage. Therefore, with APFS, encryption is now a core part of the operating system, which will definitely bother the FBI as well as other government intelligence agencies.

Besides security and privacy features, APFS also includes both Snapshots, Clones, and Fast Directory Sizing.

Snapshots are read-only instances of the file system at any given point in time. If the state of the file system diverges away from the snapshot, the changed blocks are saved as part of the snapshot.

Clones are writable instead of read-only. APFS can create file or directory clones instantly, rather than having to wait for data to be copied. It is an easy way to create document revisions and do versioning of anything you might want to track.

Fast directory sizing is a feature in APFS that has been designed to give MacOS a fast way to query the size of a directory and all its child objects, rather than having to wait while a bunch of stat calls complete.

The Apple File System is available to developers in preview form right now and is expected to be launched in earnest in 2017.

The pre-release APFS can not be used to boot a device and, for now, does not support many Mac staples, including Fusion Drives and Time Machine. It is also uncertain that the data you put on a drive today will be readable by later versions of APFS.

For more information on the Apple File System, you can refer the

preliminary version

of the developer documentation.



from The Hacker News http://ift.tt/21k6iIo

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.