WingNews logo WingNews
top | item 4249544

(no title)

earl | 13 years ago

You can easily exclude folders or disks from spotlight indexing.

System Preferences -> Spotlight -> privacy tab

to overwrite then delete the spotlight indices, disable spotlight then overwrite and delete:

   $ sudo srm --simple -rf /.Spotlight-V100/
There's also whole disk encryption (unfortunately not particularly robust -- I don't understand the reason but something about how the login password is stored seems to make this somewhat weak to eg the government) built in, as well as encrypted disk images and truecrypt.

discuss

order

lloeki|13 years ago

> There's also whole disk encryption (unfortunately not particularly robust -- I don't understand the reason but something about how the login password is stored seems to make this somewhat weak to eg the government)

As far as I understand it, with FileVault 2:

- encryption is full disk AES128 (with optional AES256) with XTS.

- the AES key is apparently [1] stored in the keychain on the recovery partiton, which is itself encrypted with 3DES, and unlocked with the login passwords. The login passwords are not stored anywhere, they are used as the encryption passphrase: decryption failure means that the provided password is wrong.

People have been able to retrieve the AES key with DMA attacks via special Firewire devices on a running system in less than a hour (I guess they could have used the PCIe slot, and maybe Thunderbolt) by dumping and scanning the memory, and this impacts just about any system out there, not just Macs and FileVault, but TrueCrypt also [0].

[1] http://support.apple.com/kb/HT5077

[0] http://www.lostpassword.com/hdd-decryption.htm

alister|13 years ago

I do know how to turn off Spotlight, but thank you.

My broader point is that it is becoming impossible to truly delete a file or maintain separation between different parts of your data unless you are very technical and meticulous.

How many other features are there in OS X like Spotlight or Versions that we need to be aware of?

The OS should be designed so that we don't need to be constantly on guard for these privacy gotchas.

ZoFreX|13 years ago

I would argue that disabling Spotlight indexing for a particular folder isn't that technical, the UI for it is very simple. Of course, realising that you should do this perhaps requires a more technical mind! Overall though the point remains (swap, SSDs, etc), and is quite scary.

earl|13 years ago

I misunderstood. In that case, yes, I totally agree. I'd suggest whole disk encryption but users will hate it, since if they forget their password the data is really gone. For reals.