![]() DS_Store file creation over network connections it was archived and last touched in 2011. Jimmy Wall recommended the freebie CleanMyDrive solution from the Mac App Store as it “cleans up your thumb drives, memory cards and external HDDs from needless service junk generated by Windows or OS X.”Īpple Support explained how to prevent. Trashes folder from a friend’s thumb drive. ![]() DS_Store files from a friend’s USB drive, and removing the. DS_Store files on external volumes, recursively removing. ![]() Then in a 2012 post titled “ Mac droppings,” Dwain Fagerberg suggested solutions such as using the dot_clean command, disabling the creation of. DS_Store files” and “redirects their creation into a special folder.” This OS X to USB drive leakage problem has been around for a long time and was addressed by Brian Dickens on the HostileFork blog in 2009 Asepsis was among the suggested solutions as it “prevents creation of. Once upon a time, Microsoft had a similar problem but eliminated it long ago. For example, Nicholas Ptacek told F-Secure that "Mac users can prevent Spotlight from indexing via: System Preferences, Spotlight, Privacy.” However “while disabling Spotlight indexing will prevent a leak of data to USB drives, the configuration will limit functionality on the Mac itself.” Unfortunately, some of the “fixes” can result in new problems. ![]() There are quite a few solutions, such as turning off Spotlight for external volumes. So for example, if you change the sort order from the default to something else, then Finder will save your preferences for that directory in. DS_Store file is “only created if the Finder application is used to browse to the directory, and you change the state of the directory in a way that isn't represented by the filesystem. Redditer Legolas-the-elf helpfully explained that the. After running strings to reproduce the issue, Redditer fletom found "names, phone numbers, and emails addresses of several of my friends sitting right there, information I am positive I never put anywhere near this USB key.” DS_Store file copied and hidden on a USB. This is where Reddit’s Netsec entered the picture and several users reported they, too, could see a. In the lab, attempts to recreate a Mac copying “bad” files to a USB drive failed. store.db file that really shouldn't be there.” Yet without access to Alice, then it was unknown if this leakage was due to the way she configured her Mac, a third-party app, or malware. store.db - so it isn't at all obvious with standard forensic tools.į-Secure examined the thumb drive and confirmed that there “was data in the. Only a hex editor view revealed the leaked info embedded within. From a conventional view, ".store.db" appeared to be identical to "store.db". And that's when he discovered that a file called ".store.db" contained e-mail addresses, subject lines, and in a few cases, the opening sentence of Alice's messages.Īlarmed that such data/metadata was copied to his USB drive, Bob investigated further and found that the information couldn't be seen using a forensic tool designed specifically for viewing such. (And why so many, what do they do?) Being a reverse engineer, Bob naturally examined the files with a hex editor. And that's typical.īob was curious about the function of the files. Later, Bob inserted the USB drive into his Linux computer and saw Mac files. Alice inserted the USB drive into her Mac, copied the file, and then gave the USB drive back to Bob. Bob gave Alice a file via FAT32 formatted USB drive. Why? Because OS X has been accused of leaking data and metadata that “really shouldn’t be there” as it copies “hidden” files to USB drives.į-Secure’s Sean Sullivan related the following “true story” that involves “unknowns.”īob uses Linux. If you have a Mac, and if BadUSB or the code released at Derb圜on to make BadUSB work didn’t scare you off from using thumb drives, then you might want to start using a free app like CleanMyDrive.
0 Comments
Leave a Reply. |