I avoided File Vault in Lion because it reportedly didn't work well in my situation: two internal drives (SSD and HDD), with my Home directory on the secondary HDD drive. If I remember right, it wouldn't decrypt the secondary drive until after logging in, which is a problem when your user account is on that drive.

Any change there? I'm a little averse to experiments that might make the machine unbootable. But I'd really like to encrypt my drives for peace of mind.

Hmm. I've had problems with launchd items that are supposed to run at (before?) login, but maybe with this utility I'll have better luck. (In related news, pigs fly!)

I don't use BootCamp, so that's one complication I don't have to deal with. ;)

Maybe this weekend I'll feel brave enough to try it. Thanks!

I got an error: "MediaKit reports block size error, usually caused by not being a multiple of 512."

anyone knows what is the problem and how I can fix it.

You can use the command line to do lots of stuff with encrypted CoreStorage volumes that you can't do with Disk Utility, such as see the progress of drive encryption operations and modify/add/delete partitions on an encrypted volume. The relevant commands begin with "diskutil cs" or "diskutil coreStorage" (without the quotes, of course). See this page for a nice rundown of what's currently possible: http://blog.fosketts.net/2011/08/05/undocumented-corestorage-commands/

I recently began encrypting the boot drive and external drives on my system and have some observations to offer regarding the encryption of the non-boot volumes:

1. Besides disk activity LEDs (if any), you can also use the

   diskutil cs list

   command to list all the Core Storage volumes and encryption progress. In the Logical Volume section there will "Size (Total)" and "Size (Converted)" fields. The "Size (Converted)" field will show a byte-count during the encryption process. The output of the command is static so to see progress you must re-issue the command to see that the byte-count is actually incrementing.
2. Once I started the encryption process for a given volume, if I then issued the

   diskutil cs list

   command I would not see a complete record tree for that volume. By complete record tree I mean a record with Logical Volume Group entry, a Physical Volume entry, a Logical Volume Family entry, and a Logical Volume entry. What I did see was an entry with a status of "Offline" and no way to see any progress. After restarting the system, if I then issued the

   diskutil cs list

   command I would see appropriate activity (the "Size (Converted)" field showing an increasing byte-count)
3. It is safe to restart the system even while volume(s) are being encrypted. After the system restarts, the encryption process for each volume being encrypted will pick-up where it left off.
4. After the system restarts and once you've logged-in, the Finder will query you for the password for the volume you started to encrypt in the previous session. You'll want to have the password handy either on a piece of paper or, in my case, via a secure note stored in 1Password. You'll want to store the password in the Keychain if you want to avoid having to enter the password for all your encrypted volumes at mount-time.

Item #3 is worth singling-out: In researching FileVault and whole volume encryption I found references to one user's experience where an encryption process was somehow corrupted across a system restart. The experience did not account for why/how the corruption took place but until I verified the actual behavior myself, it was implied that restarting the system after initiating the encryption process was not advisable. In my case the encryption processes have survived multiple system restarts since I restarted the system after initiating the encryption process for each of (so far) two volumes.

Encryption is slow—I'm seeing about 60-65GB/hr. on late 2012 Mac mini Server (2.3GHz Core i7)—but you do have unfettered access to the volume(s) while they are being encrypted.