Apple File System FAQ: How APFS works with older Macs, encryption, external drives, and more
With the release of macos High Sierra and its upgrade for Ssd-based startup volumes to Apple File System (APFS), Macworld readers had many questions about how this new IMAGE: filesystem—more efficient and reliable for Ssds—will interact with older Macs, hard drives, networked filesharing, and more. Here are the answers.
Many questions revolve around a concern that files stored on an APFS-
formatted volume won’t be readable or usable elsewhere. Generally, a filesystem structure only affects the way in which documents are stored on a drive. When the files are retrieved, they’re independent of that format and can handle just as they would in any other case, like downloading a file from a website.
CAN I OPT TO NOT INSTALL APFS?
No. It’s mandatory on SSDS when you upgrade to High Sierra. Fusion drive support (Apple’s hybrid SSD and HDD combo) is coming and, we assume, mandatory with the upgrade that carries it.
IS APFS A REASON TO AVOID UPGRADING TO HIGH SIERRA FOR NOW?
Opinions vary. It’s an entirely new filesystem if you have an SSD startup drive, and I generally recommend most people wait until there’s a “dot” release, in this case 10.13.1 or even 10.13.2, to ensure any glitches found by early adopters are fixed without your living through the experience. (Since some games and software, like Adobe Indesign [ go. macworld.com/adin], aren’t working correctly with High Sierra at the moment, that’s another reason to delay.)
ONCE HIGH SIERRA UPGRADES MY STARTUP VOLUME APFS, CAN I REVERT TO HFS+?
A reader having problems after upgrading to High Sierra wonders if APFS is the problem and, if so, can they revert? You can’t: High Sierra doesn’t have a back-out mechanism. You should make a clone (see next entry) if you want to have the option to revert back to Sierra. This will require wiping the drive, reformatting it, and then restoring the clone.
CAN I USE CLONING SOFTWARE TO BACK UP MY DRIVE?
Yes, but with provisos. Folks who develop cloning software for macos are on the front lines of coping with these changes. Dave Nanian of Shirt Pocket, makers of Superduper, has a beta release out (free to existing owners) that supports APFS volumes, but on his blog he advises general users against
If you clone your drive routinely, make a full clone before you upgrade, because otherwise you won’t be able to revert on an APFS drive to a previous system that uses HFS+.
upgrading yet ( go.macworld.com/shpo). Bombich’s Carbon Copy Cloner ( go. macworld.com/cacc), the other popular drive cloning app, has a release version that supports APFS, but notes (as Shirt Pocket does) that Apple has left some features undocumented, and has a long list of resources to read before upgrading.
If you clone your drive routinely, make a full clone before you upgrade, because otherwise you won’t be able to revert on an APFS drive to a previous system that uses HFS+. It also gives you a clean revert position in case of an upgrade failure.
You should also upgrade your clone target to APFS for reasons of like-to-like compatibility, and if you want to have a bootable High Sierra volume. It’s not mandatory, but it’s a good idea. (See below on converting external drives.)
I would advise people who rely on clones as one leg of their backup process— something I strongly recommend—to delay upgrading to High Sierra until both major clone-software companies express satisfaction with the state of documentation and stability on their blogs.
HOW DO I MOVE DATA FROM AN APFS VOLUME TO A NON‑APFS VOLUME OR AN OLDER MAC?
You’ve got many, many choices:
> Attach an HFS+ (or other supported format) external drive to your Mac, and
copy files to that drive. Eject that drive and move it to the other Mac.
> Turn filesharing on for your High Sierra Mac, and mount it as a volume on the older Mac.
> Use Airdrop. (It sometimes works!)
> Use Dropbox, SFTP, SMB, email, or any other networked file transmission technology to mount a remote volume, sync with a directory, or send a file or files. (APFS drives apparently can’t be shared over the now-outdated Apple Filing Protocol.)
WILL APPLE STOP SUPPORTING HFS+?
Not for many years, because of the tens of millions of systems out there. It would be foolhardy and it’s unnecessary. It will likely provide more and more reasons in future releases for external drives to move to APFS, like requiring APFS drives for Time Machine. But I can’t imagine that HFS+ will be unmountable in macos anytime in the next three years, and it will very likely remain possible for years after that—although Apple could only support read-only HFS+ mounting at that point. Effectively, Apple would want the large majority of Macs in use to be capable of being upgraded to at least Sierra, which can read and write APFS volumes, before it stopped including read/write HFS+ support.
SHOULD I UPGRADE MY EXTERNAL VOLUMES TO APFS?
You can upgrade external drives that use either SSDS or hard drives, but not Fusion drives. However, there are no advantages for hard drives, so I would recommend against it.
If you have an external SSD that is only used for storage, the advantage is likely not high enough to give up compatibility if you ever think you would want to remove that external SSD and use it with a preSierra Mac. See our instructions on using Disk Utility to upgrade an external SSD ( go.macworld.com/xssd).
There’s also some concern with how High Sierra’s initial release handles external drives that have encryption enabled ( go.macworld.com/enen), a
feature that’s separate from Filevault, which only encrypts the startup volume.
Apparently, an unexpected behavior in this first release is that using the Finder-based option to encrypt a mounted physical drive converts HFS+ drives to APFS without warning.
ENCRYPTION ON AN EXTERNAL HFS+ DRIVE IN HIGH SIERRA?
No! Apparently, an unexpected behavior in this first release is that using the Finderbased option to encrypt a mounted physical drive converts HFS+ drives to APFS without warning. (That’s when you select a volume, right-click, and choose Encrypt Drivename.)
CAN I MOUNT AN APFS VOLUME ON A MAC RUNNING AN OLDER VERSION OF macos THAN HIGH SIERRA?
Only Sierra, which can read and write APFS volumes. While Apple says in its APFS FAQ ( go.macworld.com/sfpa), “For example, a USB storage device formatted as APFS can be read by a Mac using High Sierra, but not by a Mac using Sierra or earlier,” this seems incorrect, as we’d heard from other Mac experts that Sierra could. We tested with a Usb-connected SSD drive, and we can read and write to an APFS partition.
One reader asked if Apple might release a compatibility upgrade for pre-sierra OS X and macos releases to allow them to mount APFS externally. My definitive answer is also no (though I don’t know Apple’s mind). APFS is a fundamental reworking of the filesystem, which requires extensive changes to the OS. I can’t see a trivial way to allow this to propagate backward, even if Apple were in the habit of releasing upgrades for older macos releases except for security reasons or Safari updates.
A third-party might be able to use the APFS spec to allow mounting such volumes, but there seems to be little market for what would be an expensive product to develop and support only for an ever-smaller number of users of older macos flavors who also had upgraded boot or external drives in High Sierra or later releases to use APFS.
APPLE SAYS ENCRYPTION IS BUILT INTO APFS. CAN I TURN FILEVAULT OFF?
No. Apple tries to simplify security explanations, and I fear the way it has
marketed APFS may confuse people, since a few readers have already asked this. With HFS+, the long-running previous format, encryption was applied as a layer external to the format. This required more intermediation between the operating system and the underlying files when Filevault was enabled.
With APFS, encryption is an inherent property that can be turned on and negotiated at the filesystem level. That should make it less likely that things could go wrong, and should be more efficient. As a Filevault user, don’t disable the feature, but you shouldn’t notice any differences in everyday use.
ARE MY TIME MACHINE BACKUPS OF AN APFS VOLUME ALSO IN APFS FORMAT?
No. HFS+, APFS, FAT32, and other formats affect how data is laid out in a disk partition. It doesn’t affect information read from a drive. If your Time Machine drive has HFS+ partitions, those will remain in HFS+ format.
Apple says that a feature of APFS allows creating snapshots of an entire file system at a given moment in time, which Time Machine will rely on in High Sierra for mobile backups, which are the interim Time Machine versions stored on your computer when it’s not connected to a Time Machine volume or network with a Time Machine server or Time Capsule on it.
IF I HAVE APFS ON ALL MY IOS DEVICES AND MACS, ARE ICLOUD FILES NOW ENCRYPTED AT A DEVICE LEVEL?
Readers wondered if APFS’S ability to use encryption natively meant that files were stored in a different fashion when synced among devices all connected to icloud. They are not. icloud remains encrypted in transit and among your devices, but Apple holds all the encryption keys for contacts, events, photos, mail, and other data that you can access at icloud.com when you log in.
icloud Keychain remains encrypted end-to-end by devices. The new facialidentification sync system in IOS 11 and High Sierra also syncs via icloud, but is encrypted in a fashion in which Apple doesn’t have a way to decrypt the data in transit.
Device-based storage (data encrypted at rest) can’t per se be end-to-end, because it has to be decrypted and read to be acted upon by the local device, like a Mac. End-to-end encryption is typically between the operating system acting upon data on your device and another operating system on the other end at a destination. ■