Quick Look to Reveal Encrypted Information

Written by getautomati

Quick Look is a gateway feature available for all mac Users. These feature help users access the files without opening the dedicated application. But, the primary matter of concern is this long old application could reveal encrypted information to unauthorized users. For the speedy access, Quick Look stores all the information of media files and application and caches data. Thus, macOS users can access the information without actually opening the mentioned application in question. In that way, the users do not need to rely on the app, to access the data stored in that app. Quick Look can provide the information from it’s stored information.

An Insight Into Quick Look

This matter was first raised about eight years ago. The problem was addressed as the Quick Look’s way of handling the file, in other way file mechanism system. Apple’s unique feature stores all the cached information in an unencrypted format in an unsecured drive. So all the information stored securely under an encrypted format, are vulnerable to unauthorized users.

“This means that all photos that you have previewed using space (or QuickLook cached them independently) are stored in that directory as a miniature and its path,” Sources said.

To back up the statement, the researcher runs a small test. To keep a documented proof, he stored two separate images in two different encrypted location. He encrypted both images using two different encryption tool. He used VeraCrypt to encrypt one image, and macOS Encrypted HFS to encrypt the other image. Then he tried to find them using some technique. Surprisingly, the researcher was able to find the images stored on the encrypted drive. Not only that he also found out the path of the images by simply using a command. Which means, it turns out to be a granted access to the small version of the original files.

Does It Have Any Cons?

It is also true that Quick look’s misfortune does not expose the entire information of the given file. However, whatever information is accessible to some cybercriminals can be useful to them.

Again, it will not take much of time to come up with a patch for the issue. Apple could also transfer Quick Look information and thumbnail or flush the stored data when the amount is unmounted. As a matter of fact, users can manually delete the cache data to prevent the data threat as long as an official fix is not revealed, hope you got the ideas about Quick Look, if you are looking to recover your data from the mac device then you can visit this mac data recovery services to recover your data easily.

About the author


Leave a Comment