For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily.
If you are just looking for a quick solution, you can:
a) Not apply the update (as recommended by PGP)
b) Decypt your volumes, apply the update, then re-encrypt
Users of PGP’s Whole Disk Encryption for Macs got a nasty surprise when they upgraded to the latest OS X update once they discovered their systems were no longer able to reboot.
It seems that Apple and the Symantec-owned PGP suffered a near-fatal failure to communicate that 10.6.5 ships with a new EFI booter that was incompatible with the encryption software’s boot guard. As a result, the update rendered Macs using WDE as little more than expensive paperweights.
“PGP you DO HAVE A FREAKING DEVELOPERS LICENCE FOR APPLE RIGHT???” one outraged user vented here. “YOU CANNOT TEST SYSTEM RELEASES IN ADVANCE???”
It’s caused a massive backlash from the user-base with people hurling insults left, right and center. For the non-tech savvy user it’s pretty worrying when their system can’t even boot up and in most cases they probably have absolutely no idea what to do.
It seems like a lack of communication between PGP devs and Apple with regards to the new boot loader.
Test versions of the update have been available to developers for a while now, but it’s not clear if they included the new EFI booter. If not, the fault could lie with Apple. The world will probably never know.
Fortunately, a fix was provided Thursday morning that’s relatively painless. It involves booting off the PGP recovery CD and then logging in to OS X. An automatic self-repair process that’s part of the Mac bootup sequence will straighten out things from there. A variation on that theme is to put the bricked machine in target mode and boot from another Mac running PGP.
WDE users who have yet to install the update may safely do so by decrypting their systems before running the update, PGP said.
A fix was provided yesterday morning by PGP, the details are here:
Source: The Register