Initially, I am running OSX Mountain Lion on a mid 2010 6,2 MBP.
I wanted to enhance my boot time a little, maybe by disabling some official apple kexts. Has anyone played with that, knowing which ones would be harmless to remove from startup? For instance, I was considering removing "com.apple.kec.corecrypto" because in my case it seems responsible for some many seconds of boot time. I do not have any encryption configured in the SO level, can anyone say if there will be any problem on "removing" that kext from boot?
Well, furthermore, mostly out of curiosity, what does it mean to run the kernel space in FIPS mode? I know it has something to do with security/privacy and all of that, but what is it exactly? I thought that there may be another possibility of improvement (regarding only boot time, of course). I ask this because my console and startup on debug mode always have something saying "Running kernel space in FIPS mode". I stumbled on this kb which says something about the use of the FIPS Cryptographic module. If I have to install other stuff in order to administer it, why do I run the kernel in FIPS mode without doing anything much? Is this the default/only behavior? Please note that I have no knowledge about these topics, and hence I may be completely wrong on my train of thought, but those things got me curious.
Thanks for the attention.
Best Answer
If your corporation needs to comply with certain security standards you may have to use a FIPS 140 validated cryptographic module. If that is the case your company is likely to have an officer set aside to help you with that. (This will depend on the country you're located in.)
Removing any Apple supplied .kext modules will at best cause nothing or broken functionality in applications or at worst render your system unbootable. You certainly will not gain any improved boot times from removing any kext since these are loaded from a cached file anyway.
More info on Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules.
You don't specify how long your system's startup time is, but from my personal experience my MacBook Pro (6,1) takes less than 20s after entering the FileVault password to decrypt my boot partition. (SSD) Also I only reboot when I installed an update forcing me to do so which rarely happens so I personally consider boot times an absolute non-issue.
If your boot times are really way off the charts you cause is much more likely a damaged filesystem or dying hard drive/SSD than a problem with your kext cache.