I try to avoid using sleep/resume when I'm away from home, because it partially defeats the purpose having full-disk encryption on my laptop. A thief who steals it when it's powered off has no access to my files. On the other hand, a thief who steals it when it's asleep might be able to get around the login once it wakes up.
So yes, it sucks to wait 30-40 seconds for a reboot.
Wouldn't the ideal solution then be to modify the OS to purge the disk encryption keys from memory on sleep? If you're concerned about unencrypted file contents in memory, purge the page/buffer cache while you're at it.
Then ask the user to re-enter the key on resume and get back to business...am I missing some obvious problem here?
I guess depending on one's level of paranoia, there might be sensitive non-file data sitting in memory...you could then quit the applications you're concerned about, and have the kernel wipe any unallocated memory before sleeping (I think by default it doesn't wipe pages until they're reallocated to something else, on Linux at least).
Obviously with flushing caches and quitting applications and so forth you're trading off some of the benefit of keeping the system alive, but presumably it still beats a cold boot every time you come back to your laptop.
sudo pmset -a destroyfvkeyonstandby 1 hibernatemode 25
From the pmset man page:
destroyfvkeyonstandby - Destroy File Vault Key when going to
standby mode. By default File vault keys are retained even when
system goes to standby. If the keys are destroyed, user will be
prompted to enter the password while coming out of standby
mode.(value: 1 - Destroy, 0 - Retain)
and
hibernatemode = 25 (binary 0001 1001) is only settable via pmset. The
system will store a copy of memory to persistent storage (the disk), and
will remove power to memory. The system will restore from disk image. If
you want "hibernation" - slower sleeps, slower wakes, and better battery
life, you should use this setting.
So, under Lion, turn on FileVault, run that command and always sleep your Mac (close the clamshell, Apple Menu > Sleep, or Option-Command-Eject) when you want to be secure.
If your computer crashes under resume after having done so, something's amiss. Remember that you'll need to auth twice on wake-from-sleep if you are logged in – once to unlock the volume, and again to unlock your user's session.
Which operating system? On OS X Lion, you can make the system hibernate when the lid is closed, writing encrypted memory to disk. Slower wakeup times than suspend, but quicker than a full startup.
Since my SSD-equipped, btrfs using laptop (Thinkpad X60s running Debian testing, kernel 3.2.15) boots from power on to graphical login in 27 seconds (13.5s of which is the time taken to get through the BIOS boot sequence) I suspect it's something specific to the parent poster's system.
I have btrfs (with lzo compression) on a rotating disk, and the boot feels a little slower (one or two minutes total?) for reasons I haven't really examined. I'll have to check if something messed with ureadahead.
But 20 seconds is even easier. When I switched to an SSD in my laptop I saw boot times from drop almost one minute to just about 15 seconds. I no longer dread having to reboot after system updates.
If 5 million people save 1 minute every day for 200 days a year. Then you have saved 1 minute every day per person, not 5 000 000 * 1 * 200 minutes in total per year.
Yeah but you don't have to just sit there and twiddle your thumbs while your machine boots. You can just do something else. I'm sure we waste far more time during the day doing other things. We don't necessarily obsess over those types of time inefficiencies. If you wanted to save time you could brush your teeth in the shower etc.
So yes, it sucks to wait 30-40 seconds for a reboot.