The T2 chip was designed for FileVault, and it comes at no cost to that and in Apple silicon Macs. Here’s how it works, and why everyone should enable it.
Secure Enclave
Originally the ‘security enclave’, and subject of a series of patents, it was introduced in the iPhone 5s in 2013, then the T2 in 2017, and blossomed in M-series Macs from 2020.
Is there a Secure Exclave Processor in M4 chips, a sister to the Secure Enclaves in Macs with T1, T2 or Apple silicon chips? What are they, and what do they do?
How FileVault and APFS Encrypted are enabled and managed differently, and details of how they work internally. Concentrates on T2 and Apple silicon Macs, but also covers older Intel models.
First securing the Home folder in an encrypted sparse disk image, then to whole-volume encryption using CoreStorage, now using T2 and Apple silicon chips.
Sonoma 14.4 added support for exclaves and conclaves, which are used in Sequoia’s virtual machines. What is an exclave, and what does it add?
Differences between file-based keychains including the login keychain, and Data Protection keychain. How the Passwords app in Sequoia caters for the latter.
T1 and T2 chips in Intel Macs, integral in M-series chips, used in Sequoia’s virtual machines at last, and an essential feature in Private Cloud Compute.
Two watersheds that could occur in macOS 15: that it only supports Macs with Apple chips including an Arm processor, and that it opens access to older versions of macOS on Apple silicon.
How will quantum cryptography and the ease with which it should break current methods of encryption, affect the security of data on my Mac?
The Eclectic Light Company 