Third-party file encryption / encrypted images with Time Machine

My understanding is that FileVault's shortcomings are such:

- Documented vulnerabilities
- Requires that user be logged off to backup with Time Machine

I have a few things on my notebook that I would like to be kept safe in the event of a loss or theft. I used to use AxCrypt on Windows for this, but there are no OSX builds for it, so what I'm wondering is this:

- If I create an encrypted image and use it like a TrueCrypt/Cryptainer partition, will Time Machine back the image up as it changes over time like any other file?
- Is there any reason I shouldn't do that over some other way of keeping things safe?

Thanks in advance.

 

you can use trucrypt. but for time machine to actually work you will need to log off your user. TM has rather crappy support for file encryption and encrypted images

 

Wait a second. I thought that TM required a logoff only for people using FileVault; are .img files that are created within OSX and encrypted backed up like any other file?

 

most encryption software keeps the .iso active for on the fly encryption/decryption ... it is rare for TM to backup en encryption image when the user is logged on. FV is not the only one needing a user logoff and it is annoying

 

Well, I guess that limits my choices to either something third-party a la Cryptainer/TrueCrypt, or -- more easily -- using OSX's built-in capability to create an encrypted image.

In the event that the encrypted image is neither open nor mounted when a backup routine runs via Time Machine, it still wouldn't be backed up?

 

Doesnt seem to be, for some reason OSX keeps an encryption container open and TM just bypasses it as if it is an open, read only file.

lets just say im finding TM a PITA for network backups

 

Have not tested it, but looking at TM backups, it appears that the .sparseimage is appearing in the backups. Assuming the contents would be there (if I had anything in it yet); will have to test that.

 

this is good, let me know how it goes ... and what you are backing up to as well. if it works for you I may concider giving it another go