10.7: Disable Secure Virtual Memory
Sep 21, '11 07:30:00AM
Contributed by: Michelasso
At least in the MacBooks the Secure (encrypted) Virtual Memory is enabled by default. The option to disable it has been removed from the Security & Privacy General preference panel. One may check if it is enabled by running in Terminal the following command:
$ sysctl vm.swapusage
vm.swapusage: total = 64.00M used = 0.00M free = 64.00M (encrypted)
To disable it from Terminal on previous OS X versions one could issue the command
$ sudo defaults write /Library/Preferences/com.apple.virtualMemory UseEncryptedSwap -boolean no
But that doesn't work anymore. It seems that 'UseEncryptedSwap' has been replaced with 'DisableEncryptedSwap.' So to disable the Secure Virtual Memory in Lion, one should issue the command:
$ sudo defaults write /Library/Preferences/com.apple.virtualMemory DisableEncryptedSwap -boolean yes
And then reboot. Checking again the secure virtual memory status one gets:
$ sysctl vm.swapusage
vm.swapusage: total = 64.00M used = 0.00M free = 64.00M
Which means the encryption has gone.
To re-enable it run the command:
$ sudo defaults write /Library/Preferences/com.apple.virtualMemory DisableEncryptedSwap -boolean no
And then reboot.
The advantage should be just a slightly less overhead on the page in & out process. Personally I disabled it because I am having massive page outs just running safari, and I want to test if the situation improves. Maybe disabling the secure memory bypasses some bugs. Still it is here for reference.
[crarko adds: It is just here for reference. I expect 99.9+% of people should leave encrypted VM active. Otherwise things such as your passwords can be found in plain text by searching the swap file(s).]
Comments (7)
Mac OS X Hints
http://hints.macworld.com/article.php?story=20110920052038951