This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Frequently Asked Questions
[b]What is Knox? Why do I need it?[/b]
Knox lets you easily create, access, and backup encrypted disk images (vaults). The vaults are great for storing large number of files of any size: confidential documents, source code, application data files ([url=http://www.devon-technologies.com/products/devonthink/]DEVONthink[/url] databases, [url=http://nothirst.com/moneywell/]MoneyWell[/url] files, etc).
Knox vaults are compatible with disk images created by Mac OS X Disk Utility application. They can be open on Mac OS X 10.4 or later (Knox requires Mac OS X 10.5 to run).
Knox was originally developed by [url=http://www.karppinen.fi/]Marko Karppinen & Co. LLC[/url] and we are using internally for over 2 years to secure Agile source code and documents.
[b]How is storing files in Knox vaults different from attachments in 1Password?[/b]
Both 1Password and Knox encrypt stored information.
Knox vault appears as a disk on your Mac and any application can directly access the files in the vault while the vault is open. In 1Password, you first need to save the attachment before another application can open it.
Also, unlike 1Password, there is no limit on number of files or the size of the file.
[b]Can I sync Knox vaults using Dropbox or iDisk?[/b]
Unlike 1Password data files, Knox vaults cannot be opened on multiple computers at the same time. You have to make sure that only one Mac is using the Knox vault at a time.
At this moment, there is no safeguard mechanism to prevent you from opening the same vault from multiple computers and we DO NOT RECOMMEND sharing Knox vaults using Dropbox or iDisk. You can still use Dropbox or iDisk for backups.
[b]Is Knox integrated with 1Password?[/b]
At this moment there is no integration between 1Password and Knox. We are looking for various integration options and interested in your feedback.
[b]How do I back up my system with Knox?[/b]
The backup functionality in Knox is intended for backing up Knox vaults. It is not really suitable for backing up your whole system, including your applications and Mac OS X itself. Here at MK&C, we store our documents in separate, per-project Knox vaults. We then schedule backups in Knox for these vaults.
Separately, we use SuperDuper! to create working, bootable mirror copies of our systems. You could easily encrypt such a mirror by making it on a Knox whole-disk vault, but such a copy wouldn’t be bootable. If you can exclude any confidential material from the mirror, you will make a system recovery much easier.
[b]Does Knox compress data?[/b]
No. In Knox vaults, your data takes up as much space as it would elsewhere.
[b]How do I delete a Knox vault?[/b]
Go to Preferences > Vaults, choose the vault(s) you want to delete, then click Move Selected to Trash. By default, the vaults are stored in the Library/Knox under your home folder; you can also manage them manually in Finder.
[b]Do Knox vaults work on Windows?[/b]
No. Knox is Mac-only because it uses Mac OS X’s encrypted disk images to encrypt data. This technology is not available on Windows.
[b]Is Knox compatible with Mac OS X 10.5 Leopard?[/b]
Yes. Time Machine, Leopard’s new backup feature, however, is not a good match for bigger Knox vaults, so we recommend disabling their backup in Time Machine preferences and using Knox’s own backup feature to schedule their backups.
[b]Why would I use Knox rather than Disk Utility?[/b]
It’s all in the user interface. We think creating and managing disk images manually is a chore, and created Knox to help. We also automated backup functionality. Try Knox for 30 days to see if you think it’s worth the price: if not, the vaults you created work just fine with Disk Utility.
[b]How about FileVault?[/b]
FileVault has it’s pluses and minuses. On the plus side, it’s very easy to set up, and encrypts a lot of data: your whole home folder. The downside is that all your files are stored in one big vault file that’s always open. With Knox, you can easily create a bunch of vaults, for each of your projects or clients. You can open and close Knox vaults on demand, so that only the one you’re working with is open at any given time.
[b]Could you add a feature for closing Knox vaults automatically after some time?[/b]
We get requests for this every once in a while, but we recommend just using a password-protected screensaver instead. With automatic unmount, we’d either have to err on the side of data safety (do not unmount if there are open files), or on the side of security (force unmount even if there are open files). We really don’t want to make that call on behalf of our users—with thousands of you out there, we’d surely make the wrong choice from someone’s point of view.
[b]Which settings should I set in the System Preferences to make my Mac secure?[/b]
We run our Macs with the following settings: In the Security preference pane, Require password to wake this computer from sleep or screen saver, Disable automatic login, Use secure virtual memory. In the Desktop & Screen Saver pane, we set up a short time to start the screensaver, and also specify a hot corner to launch it immediately when we leave the computer. In the Sharing preference pane, we disable all services we don’t use and turn on the firewall.
[b]How is the Knox whole-disk vault feature implemented?[/b]
Knox whole-disk vaults, like other Knox vaults, are encrypted disk images. But when reformatting a drive as a whole-disk vault, Knox hides the underlying host volume, so that you only ever see the encrypted vault. This gives you the user experience of an encrypted drive with the superior compatibility of an encrypted disk image.
[b]Should I choose a stretchable or a fixed-size whole disk vault?[/b]
In almost all cases, you should choose the default stretchable type. It’s fast to create and easy to backup, as the encrypted disk image only takes as much space as the content you are encrypting. There are a couple of specific instances where you might want to use the fixed-size option. It creates an image that fills the whole disk with encrypted data (initially, encrypted zeroes). This takes a while (a long while if you have a large disk) but has some potential benefits as well. First of all, a fixed size vault does not reveal the amount of data you have stored on it to those without a password. Second, write speeds to the vault can be more consistent as the system does not need to stretch the vault as you write more data onto it. Finally, since the underlying non-encrypted volume has almost no free space, you can be more confident that someone will not accidentally store files on it.
[b]How do I turn a whole-disk vault back into a regular hard drive or USB stick?[/b]
First, close the vault and disconnect the device. Then quit Knox, and connect the device again. Launch Disk Utility (in Applications/Utilities) and reformat the drive.
[b]How do I uninstall Knox?[/b]
Just drag and drop the Knox application into Trash. There are no other components. By default, the vaults are stored in the Documents/Knox under your home folder—you can delete that folder, too, if the vaults don’t contain any information you want to keep.
Knox lets you easily create, access, and backup encrypted disk images (vaults). The vaults are great for storing large number of files of any size: confidential documents, source code, application data files ([url=http://www.devon-technologies.com/products/devonthink/]DEVONthink[/url] databases, [url=http://nothirst.com/moneywell/]MoneyWell[/url] files, etc).
Knox vaults are compatible with disk images created by Mac OS X Disk Utility application. They can be open on Mac OS X 10.4 or later (Knox requires Mac OS X 10.5 to run).
Knox was originally developed by [url=http://www.karppinen.fi/]Marko Karppinen & Co. LLC[/url] and we are using internally for over 2 years to secure Agile source code and documents.
[b]How is storing files in Knox vaults different from attachments in 1Password?[/b]
Both 1Password and Knox encrypt stored information.
Knox vault appears as a disk on your Mac and any application can directly access the files in the vault while the vault is open. In 1Password, you first need to save the attachment before another application can open it.
Also, unlike 1Password, there is no limit on number of files or the size of the file.
[b]Can I sync Knox vaults using Dropbox or iDisk?[/b]
Unlike 1Password data files, Knox vaults cannot be opened on multiple computers at the same time. You have to make sure that only one Mac is using the Knox vault at a time.
At this moment, there is no safeguard mechanism to prevent you from opening the same vault from multiple computers and we DO NOT RECOMMEND sharing Knox vaults using Dropbox or iDisk. You can still use Dropbox or iDisk for backups.
[b]Is Knox integrated with 1Password?[/b]
At this moment there is no integration between 1Password and Knox. We are looking for various integration options and interested in your feedback.
[b]How do I back up my system with Knox?[/b]
The backup functionality in Knox is intended for backing up Knox vaults. It is not really suitable for backing up your whole system, including your applications and Mac OS X itself. Here at MK&C, we store our documents in separate, per-project Knox vaults. We then schedule backups in Knox for these vaults.
Separately, we use SuperDuper! to create working, bootable mirror copies of our systems. You could easily encrypt such a mirror by making it on a Knox whole-disk vault, but such a copy wouldn’t be bootable. If you can exclude any confidential material from the mirror, you will make a system recovery much easier.
[b]Does Knox compress data?[/b]
No. In Knox vaults, your data takes up as much space as it would elsewhere.
[b]How do I delete a Knox vault?[/b]
Go to Preferences > Vaults, choose the vault(s) you want to delete, then click Move Selected to Trash. By default, the vaults are stored in the Library/Knox under your home folder; you can also manage them manually in Finder.
[b]Do Knox vaults work on Windows?[/b]
No. Knox is Mac-only because it uses Mac OS X’s encrypted disk images to encrypt data. This technology is not available on Windows.
[b]Is Knox compatible with Mac OS X 10.5 Leopard?[/b]
Yes. Time Machine, Leopard’s new backup feature, however, is not a good match for bigger Knox vaults, so we recommend disabling their backup in Time Machine preferences and using Knox’s own backup feature to schedule their backups.
[b]Why would I use Knox rather than Disk Utility?[/b]
It’s all in the user interface. We think creating and managing disk images manually is a chore, and created Knox to help. We also automated backup functionality. Try Knox for 30 days to see if you think it’s worth the price: if not, the vaults you created work just fine with Disk Utility.
[b]How about FileVault?[/b]
FileVault has it’s pluses and minuses. On the plus side, it’s very easy to set up, and encrypts a lot of data: your whole home folder. The downside is that all your files are stored in one big vault file that’s always open. With Knox, you can easily create a bunch of vaults, for each of your projects or clients. You can open and close Knox vaults on demand, so that only the one you’re working with is open at any given time.
[b]Could you add a feature for closing Knox vaults automatically after some time?[/b]
We get requests for this every once in a while, but we recommend just using a password-protected screensaver instead. With automatic unmount, we’d either have to err on the side of data safety (do not unmount if there are open files), or on the side of security (force unmount even if there are open files). We really don’t want to make that call on behalf of our users—with thousands of you out there, we’d surely make the wrong choice from someone’s point of view.
[b]Which settings should I set in the System Preferences to make my Mac secure?[/b]
We run our Macs with the following settings: In the Security preference pane, Require password to wake this computer from sleep or screen saver, Disable automatic login, Use secure virtual memory. In the Desktop & Screen Saver pane, we set up a short time to start the screensaver, and also specify a hot corner to launch it immediately when we leave the computer. In the Sharing preference pane, we disable all services we don’t use and turn on the firewall.
[b]How is the Knox whole-disk vault feature implemented?[/b]
Knox whole-disk vaults, like other Knox vaults, are encrypted disk images. But when reformatting a drive as a whole-disk vault, Knox hides the underlying host volume, so that you only ever see the encrypted vault. This gives you the user experience of an encrypted drive with the superior compatibility of an encrypted disk image.
[b]Should I choose a stretchable or a fixed-size whole disk vault?[/b]
In almost all cases, you should choose the default stretchable type. It’s fast to create and easy to backup, as the encrypted disk image only takes as much space as the content you are encrypting. There are a couple of specific instances where you might want to use the fixed-size option. It creates an image that fills the whole disk with encrypted data (initially, encrypted zeroes). This takes a while (a long while if you have a large disk) but has some potential benefits as well. First of all, a fixed size vault does not reveal the amount of data you have stored on it to those without a password. Second, write speeds to the vault can be more consistent as the system does not need to stretch the vault as you write more data onto it. Finally, since the underlying non-encrypted volume has almost no free space, you can be more confident that someone will not accidentally store files on it.
[b]How do I turn a whole-disk vault back into a regular hard drive or USB stick?[/b]
First, close the vault and disconnect the device. Then quit Knox, and connect the device again. Launch Disk Utility (in Applications/Utilities) and reformat the drive.
[b]How do I uninstall Knox?[/b]
Just drag and drop the Knox application into Trash. There are no other components. By default, the vaults are stored in the Documents/Knox under your home folder—you can delete that folder, too, if the vaults don’t contain any information you want to keep.
Flag
0
This discussion has been closed.