Stewing Over Safe Sleep

I have a white MacBook, purchased in January, with 2 GB of RAM and with 2 GHz Intel Core 2 Duo. When I close the lid, it goes to sleep in about a second. When I look at /var/vm/sleepimage, there is a 2 GB file that was last written when I last closed the computer. I tried this several times, and the modify time for sleepimage is undated each time. If I open the MacBook again within a few seconds, the machine doesn't wake up without both a delay and some further action being required, such as pushing the space bar. It wakes up more quickly if I let it sleep for a couple of minutes. I am guessing that what it does is write to sleepimage after it claims to be asleep.

[My question would be whether the power light starts pulsing as soon as you close the lid, or whether it simply comes on (at a consistent level). If the latter, it's not yet really asleep, even though the display is off. -Joe]

As an addendum to Joe's article on safe sleep:

Even if you have FileVault turned on and/or encrypted safe swap, the entire contents of memory is written to disk _unencrypted_ when you put your Mac into safe sleep mode.

There's been reports around the web of people finding their password in the safe sleep file.

On 31-Jul-2007, at 03:11, barefootguru wrote:
> Even if you have FileVault turned on and/or encrypted safe swap,
> the entire contents of memory is written to disk _unencrypted_ when
> you put your Mac into safe sleep mode.

That's not true. If you have enabled secure VM then when you enable
safe-sleep, the contents of the swapfile that is written _ARE_
encrypted.

$ pmset -g | grep hib
hibernatemode 5
hibernatefile /var/vm/sleepimage

the possible settings are

0 (normal sleep),
1 ('safe sleep' or hibernate INSTEAD f sleep),
3 ('safe sleep' or hibernate after sleep and power loss),
5 Same as 1, but for secure virtual memory users
7 Same as 3, but for secure virtual memory users

Note that laptops default either to mode 3 or 7, depending on the
setting for Secure Virtual memory. I chose 5 for my machines capable
of sleep (all of them, laptops, and desktops) just because the slight
delay in startup is worth the device being physically off when I
sleep it.

On 2007-08-01, at 01:59, Google Kreme wrote:

> If you have enabled secure VM then when you enable
> safe-sleep, the contents of the swapfile that is written _ARE_
> encrypted.
>
> [...]
>
> the possible settings are
>
> 0 (normal sleep),
> 1 ('safe sleep' or hibernate INSTEAD f sleep),
> 3 ('safe sleep' or hibernate after sleep and power loss),
> 5 Same as 1, but for secure virtual memory users
> 7 Same as 3, but for secure virtual memory users
>
> Note that laptops default either to mode 3 or 7

Is that all you're basing your statement on? I've read that man page
too, and while it says 5 & 7 are for secure virtual memory users, it
doesn't state the sleep file will be encrypted.

I tried a number of commands against my own sleep image (strings,
etc.), but they all failed due to lack of memory, so I can't
personally confirm it's unencrypted.

I'm going on reports of other people such as:

> Safe Sleep, like the Windows Hibernate feature, saves whatever is
> in memory to disk when the laptop battery gets too low.
> Unfortunately, the Safe Sleep file is not encrypted, allowing
> others to search for sensitive information using the “strings” or
> other string parsing tool.

<http://anthonyvance.com/2007/01/06/filevault–cryptographic-analysis/>

> The entire contents of the RAM are stored in /private/var/vm/
> sleepimage completely un-encrypted, even if the user explicitly
> configured FileVault or an encrypted swap.

<http://felipe-alfaro.org/blog/2007/07/13/apples-safe-sleep-and-
privacy/>

I was a bit surprised by Joe Kissell's fuming over Safe Sleep. I've used
Windows laptops with Hibernate support for several years now, and have
come to like this feature very much.

(quoting from his article)
> In the first place, consider the problem Safe Sleep is trying to
> solve. Safe Sleep is useful only when all three of the following
> circumstances exist:
>
> * Your computer enters sleep mode with unsaved documents.
(...)

Actually, I rely on Safe Sleep/Hibernate not so much for the unsaved
documents, but to preserve the state of my system. Starting up takes
about 5 minutes, starting all my applications, opening the folders I
need etc. takes a couple more. Safe Sleep allows me to avoid this.

Why use Safe Sleep instead of 'normal' powered sleep?
- I've had a few occasions where jostling the laptop interrupted the
battery connection and I'd lose my work.
- Sometimes the battery didn't have enough capacity to last until I
opened the laptop again. Granted, this was with a 3 year-old laptop and
over the weekend. Still, I didn't like the idea of having a time limit
for reconnecting the machine.

> And finally, I
> don't expect my computer to protect me from my own carelessness: if
> I've neither saved my work nor arranged for enough power to keep my
> laptop's memory alive, I don't assume that the computer will
> somehow magically forgive me.

I'd rather not have to worry about either, and let the computer do what
it's good at: keeping track of stuff.

Call me paranoid, but I've lost work or system state enough times that I
don't rely on Sleep anymore if I have to transport my laptop beyond
walking to the next office.

> But Apple's documentation
> warns you that when you put such a laptop to sleep (by closing the
> lid, for example), you must not move it until the power light has
> begun pulsating.

That's odd. Do they expect us not to move the laptop at all while it's
running, as well?
The Seagate Momentus drive in my system is rated for shocks of up to 250
G while the disk is running, so I'd expect there to be no problems with
closing the lid and e.g. sticking the laptop in your briefcase. Just
don't drop it before it's finished going to Safe Sleep.

In my opinion, Apple is being overcautious here.

I agree that the interface could be improved. Then again, Apple has
learned from the mistakes made in Windows, where Sleep and Safe Sleep
are two separate options and you have to make a choice every time you
want to close the laptop.

Harro de Jong

Howdy -

My main problem is that the safe sleep just does not work very well.

Occasionally when shutting down my 17" 2.33 Ghz Core 2 duo it would
not enter safe sleep and end up re-booting in the carrying bag.

At other times it would refuse or take 3-4 minutes to wake back up
from safe sleep.

Now, with just plain old fashioned sleep, it is all much better.

yours,

Chris Balay
e-mail: chris.balaygawpus.com
aim: chrisbalay
http://www.whiteplume.net

On 2-Aug-2007, at 16:38, Chris Balay wrote:
> My main problem is that the safe sleep just does not work very well.
>
> Occasionally when shutting down my 17" 2.33 Ghz Core 2 duo it would
> not enter safe sleep and end up re-booting in the carrying bag.

I've used it for two years on both my Mac Book and my Mac Pro
(albeit, it rarely gets to sleep) and have never once had it fail. I
think something else might have been an issue with your specific
machine.

On Aug 3, 2007, at 5:53 AM, Google Kreme wrote:

> On 2-Aug-2007, at 16:38, Chris Balay wrote:
>> My main problem is that the safe sleep just does not work very well.
>>
>> Occasionally when shutting down my 17" 2.33 Ghz Core 2 duo it would
>> not enter safe sleep and end up re-booting in the carrying bag.


I've had the same thing as Google Kreme. It's rare, but it happens. I'm
embarrassed to admit that I had not heard of safe sleep and was
wondering why this problem occurred. Now I understand.

---Tim

Folks,

In response to all the feedback on this article, I've posted an
addendum on my personal blog:

http://alt.cc/jk/118

The two additional things I cover there are a more-intelligent script
that can turn Safe Sleep on/off in response to your battery level,
and the issue of whether your RAM cache is ever encrypted (it isn't)
- and what you should do if that worries you.

Joe

I was hoping that someone would ask this, but since no one did, I will:

I created the script referenced in the article just fine, and I know how to run it from cron as "me". But it needs to run with admin privileges.

How do I run the script from cron with admin privileges?

I created the script referenced in the article just fine, and I know how to run it from cron as "me". But it needs to run with admin privileges.

How do I run the script from cron with admin privileges?

Ah yes. The way I did this (and it's not the only way) was to put the cron job in the *system* crontab. (If you happen to be using Cronnix to manage your cron jobs, choose Cronnix > Open System Crontab.)

And BTW, although this may be obvious to anyone who's done shell scripting, you must also make the script executable before cron can use it. There are various ways of doing this, such as:

sudo chmod ug+x your-script-name

Joe

dladuke wrote:

> I created the script referenced in the article just fine, and I know
> how to run it from cron as "me". But it needs to run with admin
> privileges.
>
> How do I run the script from cron with admin privileges?

"sudo crontab -e" and put the appropriate entry in the crontab. This
will add the entry to root's crontab.

--
Paul Schinder
schinderpobox.com

A correction to my correction....

and the issue of whether your RAM cache is ever encrypted (it isn't) - and what you should do if that worries you.

I misunderstood what I was being told. The situation appears to be - if I've finally got all my ducks in a row - that hibernatemode 1 or 3 does result in an encrypted sleepimage file if, and only if, you have Secure VM turned on. On the other hand, modes 5 and 7 were apparently designed to write a *decrypted* sleepimage file for people who had Secure VM turned on, but now that 1 and 3 are (seemingly?) doing the "right" thing, 5 and 7 are no longer necessary and in fact are a bad idea.

Bottom line: Don't ever use 5 or 7. Do use 0, 1, or 3. Do turn on Secure VM. And, if you previously saved an unencrypted sleepimage file, use srm -m to remove it. Sorry for all the confusion! I've also updated my explanation at:

http://alt.cc/jk/118

Joe

Joe -

That script on your blog is just what I was looking for. I share you distain for the lengthy sleep times when Safe Sleep is active, and immediately deactivated it on my last PowerBook (I also did one better: By creating a directory /var/vm/sleepinage/, you prevent UNIX from creating a file to replace it -- so it never could turn itself back on). I have never needed (or wanted) the Safe Sleep feature in the decade (or more?) that I've used PowerBooks (back to the old grayscale PowerBook Duo).

As of Tuesday, I am a MacBook Pro user, and absolutely need to hot-swap batteries (which the PowerBook did so well). The lack of a short-term battery (or capacitor) to let you coast through un-powered battery changes was a real disappointment.

Now, I can have my cake (hot-swap) and eat it too (not suffer routine delays). Thank you for raising the issue, and providing a very workable solution.

- Steve