[0. Summary - pages 1-24] 1. Why does iOS security have both per-file keys and a file system key instead of encrypting all the files with the file system key? After all, the per-file key is itself encrypted with the file system key so if one steals the file system key, it can decrypt the per-file keys. What does this extra work help with?