HomeQJ.NETAppleHide Your “Compromising” Files On Your Shared Mac in OS X

Hide Your “Compromising” Files On Your Shared Mac in OS X

June 29, 2006

MacUsers

We all have them – files on our shared Mac that is, frankly, nobody’s business. Maybe it’s sensitive financial data, or some proprietary information. Perhaps it’s your new novel or screenplay. Or…’fess up, you downloaded some (*ahem*) “erotic” materials…no big deal, right? That is, until a friend, co-worker, boss or significant other runs across it…

“That’s what ‘permissions’ are for,” you’re saying. Sometimes. The problem is, when your user is compromised and someone else is on your computer – or you just loaned your MacBook to a co-worker to view her webmail – “permissions” would have to lock you out of the folder in order to work properly.

Here are some tips to help keep your private files private:

  • Create a New User for the purpose of hiding your private files. This will put a new password in place and a new home directory hierarchy for data storage. Hide the User, and no-one’s the wiser…and enabling Fast User Switching allows one to go back and forth as you like. You can also make a “Guest Account” for other users and flip over to that before handing over your Mac.
  • Create “Dot” Folders. Files that start with a dot (“.”) are hidden by default in Unix-based OS X.  There are many ways for someone to discover these, of course, but they would have to go to some lengths to find them. The procedure: in Terminal, create a folder with a name that starts with a dot (like .MySecretStuff). In the finder, select Go>Go to Folder…enter ~/.MySecretStuff, and voilá! Put your secret files in the folder, close the window, and your secrets are safe. CAVEAT: The Finder remembers your last entry in the “Go To Folder…” window, so when you’re finished, you’ll need to open it again and tell it to go to your home folder by entering “~ Return” (without the quotes).
  • Encrypt Your Disk Images: This hides your files from Spotlight searches and prying eyes, and encrypts the data on-disk in such a way that “data recovery monkeys” cannot recover it. Just make sure you have good back-ups. If you’re running Panther or later, you can create an alias to reference inside disk images. Put your secret data in an encrypted disk image, make an alias outside of it, then start the associated application with the alias. You’ll get the password first.
  • Package Files. Put your sensitive data inside a large file package like iDVD.  Make sure its in a Contents folder, then stuff your DMG inside the Resourced folder. Make sure you set the locked flag on the folder/DMG afterwards so updates error out upon removal. When it comes to the Documents folder, you can create an RTFD with false data using TextEdit, then save it in your Documents folder with an innocuous name like “kung-pao chicken recipe,” then close it. Open its package, then drop in the files you want to hide. Make sure you lock the file so its not accidentally deleted.
  • Use Remote File Share. The best place to hide sensitive data is not on your own computer, but some other place to which only you have access. (Don’t use iDisk – too risky.) If you have access to another machine and connect over AFP as “Guest,” you can access everyone’s Public folder. If you are Authenticated, you have the full home.  Drop in your files; the data is no longer on your machine, and no-one will have access to it unless you forget and leave Sharing on. A variation of this is to stash it on your iPod using “Disk Mode.”

If all else fails, remember that humans tend to see what they expect to see. Sometimes the best hiding place is right out in the open, in plain sight. Particularly in most work places, people tend to “zone out” and go on auto-pilot. They log on to your computer, see the usual mundane titles in the Document folders, ignore them and move on. Put your sensitive files inside several nested folders, like AAPL2006Q2/Raw_Data/SecretStash.dmg. Throw in a few dummy Excel and CSV files into the root folder, and most busybodies won’t give it a second glance. While it’s fun to be less obvious by being less obvious, however, don’t get careless. Drop your folder in the System/Library somewhere. Spotlight doesn’t index items in the System folder.

Via Mac Geekery

MacUsers

We all have them – files on our shared Mac that is, frankly, nobody’s business. Maybe it’s sensitive financial data, or some proprietary information. Perhaps it’s your new novel or screenplay. Or…’fess up, you downloaded some (*ahem*) “erotic” materials…no big deal, right? That is, until a friend, co-worker, boss or significant other runs across it…

“That’s what ‘permissions’ are for,” you’re saying. Sometimes. The problem is, when your user is compromised and someone else is on your computer – or you just loaned your MacBook to a co-worker to view her webmail – “permissions” would have to lock you out of the folder in order to work properly.

Here are some tips to help keep your private files private:

  • Create a New User for the purpose of hiding your private files. This will put a new password in place and a new home directory hierarchy for data storage. Hide the User, and no-one’s the wiser…and enabling Fast User Switching allows one to go back and forth as you like. You can also make a “Guest Account” for other users and flip over to that before handing over your Mac.
  • Create “Dot” Folders. Files that start with a dot (“.”) are hidden by default in Unix-based OS X.  There are many ways for someone to discover these, of course, but they would have to go to some lengths to find them. The procedure: in Terminal, create a folder with a name that starts with a dot (like .MySecretStuff). In the finder, select Go>Go to Folder…enter ~/.MySecretStuff, and voilá! Put your secret files in the folder, close the window, and your secrets are safe. CAVEAT: The Finder remembers your last entry in the “Go To Folder…” window, so when you’re finished, you’ll need to open it again and tell it to go to your home folder by entering “~ Return” (without the quotes).
  • Encrypt Your Disk Images: This hides your files from Spotlight searches and prying eyes, and encrypts the data on-disk in such a way that “data recovery monkeys” cannot recover it. Just make sure you have good back-ups. If you’re running Panther or later, you can create an alias to reference inside disk images. Put your secret data in an encrypted disk image, make an alias outside of it, then start the associated application with the alias. You’ll get the password first.
  • Package Files. Put your sensitive data inside a large file package like iDVD.  Make sure its in a Contents folder, then stuff your DMG inside the Resourced folder. Make sure you set the locked flag on the folder/DMG afterwards so updates error out upon removal. When it comes to the Documents folder, you can create an RTFD with false data using TextEdit, then save it in your Documents folder with an innocuous name like “kung-pao chicken recipe,” then close it. Open its package, then drop in the files you want to hide. Make sure you lock the file so its not accidentally deleted.
  • Use Remote File Share. The best place to hide sensitive data is not on your own computer, but some other place to which only you have access. (Don’t use iDisk – too risky.) If you have access to another machine and connect over AFP as “Guest,” you can access everyone’s Public folder. If you are Authenticated, you have the full home.  Drop in your files; the data is no longer on your machine, and no-one will have access to it unless you forget and leave Sharing on. A variation of this is to stash it on your iPod using “Disk Mode.”

If all else fails, remember that humans tend to see what they expect to see. Sometimes the best hiding place is right out in the open, in plain sight. Particularly in most work places, people tend to “zone out” and go on auto-pilot. They log on to your computer, see the usual mundane titles in the Document folders, ignore them and move on. Put your sensitive files inside several nested folders, like AAPL2006Q2/Raw_Data/SecretStash.dmg. Throw in a few dummy Excel and CSV files into the root folder, and most busybodies won’t give it a second glance. While it’s fun to be less obvious by being less obvious, however, don’t get careless. Drop your folder in the System/Library somewhere. Spotlight doesn’t index items in the System folder.

Via Mac Geekery

Related Posts

About The Author

qjadmin

Add a Comment

Your email address will not be published. Required fields are marked *