Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Spotlight can be a window into the contents of Files encrypted in FileVault' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Spotlight can be a window into the contents of Files encrypted in FileVault
Authored by: avendasora on Nov 27, '07 10:06:04AM
I don't believe that Spotlight keeps your FileVault data encrypted in its index and you are dependent upon the Spotlight Plugin for a given document type to determine what information is stored in the Spotlight index. For example, if Microsoft Word's or Adobe Acrobat's plugins pull in the entire text of a document in for indexing, all that text is in the index. Unencrypted.

See: http://developer.apple.com/documentation/Carbon/Conceptual/MetadataIntro/Concepts/SecurityAndPrivacy.html#//apple_ref/doc/uid/TP40001852-CJBEJBHH

The normal Spotlight interface won't show you results that you don't have permissions to view, but if someone can bypass the Spotlight interface and dig directly into the index... yikes. It makes no point to protect all of your sensitive information with FileVault if the same information is stored in the Spotlight index unencrypted.

The Spotlight index is a shared store that contains all the indexed results from the entire drive, for all users and sits at the root of an indexed drive. For this reason I use encrypted DMGs to store sensitive documents instead of FileVault. The index is encrypted along with the other contents of the image. Only when it is mounted is the index available.

Extra paranoia points for storing your encrypted DMGs in your FileVault home folder. :)



[ Reply to This | # ]