Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

is there ANY way in which someone can access the contents of an encripted .dmg file?

E

ebally

macrumors regular
Original poster
Aug 18, 2004
124
0
London, UK
I have decided to use an encripted .dmg file to store all my systems sensitive data.

What I would like to know is there ANY way in which someone can access the contents of an encripted .dmg file? (Keeping in mind that it is using a 'very' secure password).

Any help would again be appreciated.
 
ebally said:
I have decided to use an encripted .dmg file to store all my systems sensitive data.

What I would like to know is there ANY way in which someone can access the contents of an encripted .dmg file? (Keeping in mind that it is using a 'very' secure password).

Any help would again be appreciated.
Click to expand...
Well, if someone gets your very secure password, they could. This brings up a larger point. If you work in an area where others have physical access to your computer, you should not setup your computer to automatically login to your account when you boot up. Neither should you allow friends and coworkers to use your account. Confidentiality of sensitive information is critically important. However, the safety of your data can be even more important. It is amazing the liberties that friends and colleagues take with your files--installing apps, deleting files, and such like.
 
MisterMe said:
Well, if someone gets your very secure password, they could. This brings up a larger point. If you work in an area where others have physical access to your computer, you should not setup your computer to automatically login to your account when you boot up. Neither should you allow friends and coworkers to use your account. Confidentiality of sensitive information is critically important. However, the safety of your data can be even more important. It is amazing the liberties that friends and colleagues take with your files--installing apps, deleting files, and such like.
Click to expand...

Thanks for your reply.

My computer is in an unsecure location, but I do have password login enabled on my computer.

But I was just wondering if someone could actually get around the encripted .dmg and view it's contents WITHOUT the password, if they had physical access to my computer?
 
ebally said:
Thanks for your reply.

My computer is in an unsecure location, but I do have password login enabled on my computer.

But I was just wondering if someone could actually get around the encripted .dmg and view it's contents WITHOUT the password, if they had physical access to my computer?
Click to expand...

At the moment there are no know security problems/holes with encrypted DMGs but this does not mean there are none. I would trust them but remember that ALL computer software can have bugs.
 
Thank you for your help guys. (This is one of the best things about being a Mac owner).

Just one more question. Is there a way to create an encripted .dmg WITHOUT assigning it a file size, so it is only as large as it's contents? (and gets bigger or smaller depending what you put in or take out of it?)
 
You can crack them if you give me the file and a supercomputer for a few days. I normal PC will take years to crack 128bit encryption.
 
ebally said:
Thank you for your help guys. (This is one of the best things about being a Mac owner).

Just one more question. Is there a way to create an encripted .dmg WITHOUT assigning it a file size, so it is only as large as it's contents? (and gets bigger or smaller depending what you put in or take out of it?)
Click to expand...

Create it as an encrypted sparse image and it'll expand to the size necessary to hold what you've put in it.
 
Be aware that there are side-channels that may leak sensitive information, for example:
- temporary files
- backup files generated by editors
- log files
- virtual memory
- Spotlight

Your strategy should include some plan to deal with these, if you really want to be careful.

ebally said:
I have decided to use an encripted .dmg file to store all my systems sensitive data.

What I would like to know is there ANY way in which someone can access the contents of an encripted .dmg file? (Keeping in mind that it is using a 'very' secure password).

Any help would again be appreciated.
Click to expand...
 
howesey said:
You can crack them if you give me the file and a supercomputer for a few days. I normal PC will take years to crack 128bit encryption.
Click to expand...
With current technology, even the fastest (known) supercomputers can't crack 128-bit AES in anything short of a hundred billion years. The sun would go out first.
 
also keep in mind to unmount your disk image if you leave your computer. might sound like common sense, but could be forgotten. if the image is opened already and some one comes to your computer they obviously will have access to the image. just be sure to eject it.
 
portent said:
With current technology, even the fastest (known) supercomputers can't crack 128-bit AES in anything short of a hundred billion years. The sun would go out first.
Click to expand...


yes if they use a strong key, however if they use something like "password" for the their password it will take about 2 seconds....
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back