Your new post is loading...
A bug in macOS can expose the contents of a user's files -- including document text and photo thumbnails -- even if the drive is encrypted.
Security researcher Wojciech Regula found that the "Quick Look" feature in macOS, which takes a snapshot of a file's contents and the full file path without the user having to open each file, stores that snapshot data in an unprotected location on the computer's hard drive.
Regula, a security specialist, wrote up details about the macOS data leak issue earlier this month.
"It means that all photos that you have previewed ... are stored in that directory as a miniature and its path," Regula wrote. They stay there even if you delete the files, he said.
Patrick Wardle, chief research officer at Digita Security, built on Regula's work in his own blog post, published Monday, noting that the bug is triggered every time a user opens a folder.
The bug exposes even encrypted volumes to potential snooping.
"If we unmount the encrypted volume, the thumbnails of the file are ... still stored in the user's temporary directory, and thus can be extracted," said Wardle.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Encryption
A bug in macOS can expose the contents of a user's files -- including document text and photo thumbnails -- even if the drive is encrypted.
Security researcher Wojciech Regula found that the "Quick Look" feature in macOS, which takes a snapshot of a file's contents and the full file path without the user having to open each file, stores that snapshot data in an unprotected location on the computer's hard drive.
Regula, a security specialist, wrote up details about the macOS data leak issue earlier this month.
"It means that all photos that you have previewed ... are stored in that directory as a miniature and its path," Regula wrote. They stay there even if you delete the files, he said.
Patrick Wardle, chief research officer at Digita Security, built on Regula's work in his own blog post, published Monday, noting that the bug is triggered every time a user opens a folder.
The bug exposes even encrypted volumes to potential snooping.
"If we unmount the encrypted volume, the thumbnails of the file are ... still stored in the user's temporary directory, and thus can be extracted," said Wardle.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Encryption