is there ANY way in which someone can access the contents of an encripted .dmg file?

Discussion in 'macOS' started by ebally, Jan 20, 2006.

  1. ebally macrumors regular

    Joined:
    Aug 18, 2004
    Location:
    London, UK
    #1
    I have decided to use an encripted .dmg file to store all my systems sensitive data.

    What I would like to know is there ANY way in which someone can access the contents of an encripted .dmg file? (Keeping in mind that it is using a 'very' secure password).

    Any help would again be appreciated.
     
  2. MisterMe macrumors G4

    MisterMe

    Joined:
    Jul 17, 2002
    Location:
    USA
    #2
    Well, if someone gets your very secure password, they could. This brings up a larger point. If you work in an area where others have physical access to your computer, you should not setup your computer to automatically login to your account when you boot up. Neither should you allow friends and coworkers to use your account. Confidentiality of sensitive information is critically important. However, the safety of your data can be even more important. It is amazing the liberties that friends and colleagues take with your files--installing apps, deleting files, and such like.
     
  3. ebally thread starter macrumors regular

    Joined:
    Aug 18, 2004
    Location:
    London, UK
    #3
    Thanks for your reply.

    My computer is in an unsecure location, but I do have password login enabled on my computer.

    But I was just wondering if someone could actually get around the encripted .dmg and view it's contents WITHOUT the password, if they had physical access to my computer?
     
  4. robbieduncan Moderator emeritus

    robbieduncan

    Joined:
    Jul 24, 2002
    Location:
    London
    #4
    At the moment there are no know security problems/holes with encrypted DMGs but this does not mean there are none. I would trust them but remember that ALL computer software can have bugs.
     
  5. ebally thread starter macrumors regular

    Joined:
    Aug 18, 2004
    Location:
    London, UK
    #5
    Thank you for your help guys. (This is one of the best things about being a Mac owner).

    Just one more question. Is there a way to create an encripted .dmg WITHOUT assigning it a file size, so it is only as large as it's contents? (and gets bigger or smaller depending what you put in or take out of it?)
     
  6. howesey macrumors 6502a

    Joined:
    Dec 3, 2005
    #6
    You can crack them if you give me the file and a supercomputer for a few days. I normal PC will take years to crack 128bit encryption.
     
  7. mduser63 macrumors 68040

    mduser63

    Joined:
    Nov 9, 2004
    Location:
    Salt Lake City, UT
    #7
    Create it as an encrypted sparse image and it'll expand to the size necessary to hold what you've put in it.
     
  8. superbovine macrumors 68030

    superbovine

    Joined:
    Nov 7, 2003
    #8
  9. superwoman macrumors regular

    Joined:
    Apr 25, 2005
    Location:
    Monterey,CA
    #9
    Be aware that there are side-channels that may leak sensitive information, for example:
    - temporary files
    - backup files generated by editors
    - log files
    - virtual memory
    - Spotlight

    Your strategy should include some plan to deal with these, if you really want to be careful.

     
  10. portent macrumors 6502a

    Joined:
    Feb 17, 2004
    #10
    With current technology, even the fastest (known) supercomputers can't crack 128-bit AES in anything short of a hundred billion years. The sun would go out first.
     
  11. PlaceofDis macrumors Core

    Joined:
    Jan 6, 2004
    #11
    also keep in mind to unmount your disk image if you leave your computer. might sound like common sense, but could be forgotten. if the image is opened already and some one comes to your computer they obviously will have access to the image. just be sure to eject it.
     
  12. superbovine macrumors 68030

    superbovine

    Joined:
    Nov 7, 2003
    #12

    yes if they use a strong key, however if they use something like "password" for the their password it will take about 2 seconds....
     

Share This Page