macOS Tahoe Beta Forces Sharing FileVault Key
Wait, what? macOS Tahoe beta 2 automatically enabled FileVault and uploaded a recovery key to iCloud.
I did not have a choice in the matter.
First, they silently enable iCloud Keychain, then they upload your FileVault key to it without asking.
Beta 1 did this too. I turned it off immediately.
I’m not sure what’s going on here. This did not happen to me with either beta 1 or beta 2 (booting from an external drive). That said, I consider it a dark pattern that there’s still no way to opt out of storing your FileVault key in your iCloud account once and for all. I have to keep unchecking that option in the setup assistant, and it’s easy to miss if you’re just trying to get through all the pages as quickly as possible.
When upgrading to macOS 26 Tahoe, the auto enabling of FileVault during Setup Assistant with no way to disable/not enable FileVault breaks personal setup of a device that is used as a personal home server that maybe headless.
[…]
I need to be able to restart the Mac Mini “server” remotely and have it come back up automatically to a full booted state without putting in a password for a local user to get services back up and running.
Previously:
- macOS Tahoe 26 Developer Beta 2
- macOS 15.4.1
- macOS 15.4
- Tricked Into Installing macOS Update
- Apple Denies Evidence of Hiding Browser Choice Setting
- Apple Intelligence Privacy Dark Patterns
- Apple Updates Silently Enable iCloud Keychain
- New FileVault Recovery Keys and GoFetch
- FileVault 2’s Apple ID Backdoor
Update (2025-06-26): Update (2025-06-26): See also: Hacker News.
5 Comments RSS · Twitter · Mastodon
Not your keys, not your encryption.
We're trusting FileVault is secure, but Apple isn't publishing regular independent security audits.
We're trusting security issues are patched immediately from a company that's sit on other security issues for months.
We're trusting they haven't been approached by a "defense contractor" ala the iPod Geiger counter that might compel them to leave in a zero day.
Too much trust.
Now they're exfiltrating the key to Apple's jurisdiction because dumb Boomers have 0 opsec? This is up there with iCloud unencrypted backups. Very little other security matters if your data is one rubber stamp away.
What are the FDE alternatives?
I feel like a user folder on a NAS with encrypted ZFS probably doesn't work well (because their SMB implementation is still so garbage).
@Hammer The only alternatives are probably something like using VeraCrypt or similar, and storing all of your sensitive data on there. Perhaps an external drive that's AFPS encrypted will work too, depending on how much trust you put in that. Since it's no longer possible to put your home folder on a drive like that thanks to Apple locking down macOS, most apps will still save sensitive data in an unencrypted form, so it's not really practical and very limited in what it can accomplish. I think the sad truth is that, if you want your whole system to be encrypted with software that you can place any real trust in, you can't use macOS, because macOS can't be trusted. It's obviously not under the control of the user.
This is also why I won't use recent macOS releases on a server. It can't be trusted to behave in a situation that requires the most reliability. I do still have a home server running macOS 10.13. It doesn't do anything I don't tell it to. And its UI is still pretty good too!
