What's New in Mac OS X 10.3 Panther
Disclaimer: although I am an Apple Certified Trainer by day, this guide is not endorsed by or affiliated with Apple in any way, nor is it indicative of future Apple Training courses. It is based entirely on my own personal experience and research. Any inaccuracies are my fault. Comments and corrections welcome at firstname.lastname@example.org.
Security: FileVault and the new Security pane
Mac OS X has long had the capability of creating encrypted disk images through the Disk Copy application. Some people have gone so far as to create an encrypted image and twiddle with NetInfo to point their home directory onto it. FileVault is a new feature in Mac OS X 10.3 that achieves this same effect: it allows you to encrypt your home directory, and all its contents, by creating an encrypted disk image and automatically mounting it as your home directory.
Of course your home directory may be quite large -- it stores all your music, pictures, and movies by default -- so the initial encryption can take quite a long time. It takes as much free space as the size of your home directory in order to do the initial encryption, since it's making a complete backup onto the disk image and then securely deleting the original files. Keep this in mind if you have a large home directory.
You need administrative privileges in order to turn on FileVault and do the initial encryption; standard users can not turn it on for themselves without an administrator's help.
FileVault is a per-user feature. Each user's decryption key is their login password at the time FileVault is enabled, and the key is stored in the user's keychain.
Mac OS X now has the concept of a master password (separate from the root user's password, which is still enabled and configured in NetInfo Manager). The master password can apparently unlock other keychains; thus an administrator who knows the master password can gain access to any user's encrypted home directory.
The Security pane of System Preferences is the primary place for setting up FileVault, the master password, and other security-related settings such as requiring a password after waking from sleep or returning from the screensaver. The pane is littered with warnings; if you forget both your password and your master password, there is no way to recover the contents of your home directory.
Before you can turn on FileVault for yourself or any other user, you must set the master password. This is the key to the kingdom; the security of all of your users is only as good as your master password.
Apparently, you can not turn on FileVault (even for yourself) if other users are currently logged in (via fast user switching).
The Accounts pane of System Preferences also has a Security tab for each user where you can configure FileVault for additional users.
Another security feature of Mac OS X 10.3 is Secure Empty Trash, which overwrites the space previously used by the files you are deleting and prevents utilities like Norton UnErase from recovering the contents of the files later.