-
All replies
-
Helpful answers
-
Mar 24, 2013 12:03 PM in response to brian_cby Linc Davis,Unless you've discovered an earth-shakingly important new bug, that isn't possible.
-
Mar 24, 2013 12:10 PM in response to Linc Davisby brian_c,Well, it's been happening for months... it's so unlikely that I was even loathe to post about it. I thought that maybe the disk wasn't properly unmounting (despite it no longer appearing in the Finder sidebar), so I ran 'diskuti list' in Terminal and was able to verify that the disk is not mounted.
I wish I could reproduce the problem, but like I said, it only happens about 10% of the time.
-
Mar 24, 2013 12:53 PM in response to brian_cby Linc Davis,Frankly, I have no idea what to make of your report. I'd have to see it happen to believe it.
-
Mar 27, 2013 6:07 AM in response to Linc Davisby brian_c,Ugh... just happened again. It's so sporadic, I don't know how to pin it down. This is driving me crazy, given how insecure it is.
-
Mar 28, 2013 9:39 AM in response to Linc Davisby brian_c,OK, I was finally able to capture this while recording my screen with QuickTime. Here are two videos showing the issue... one illustrates the disk image asking for password when opening, the other not asking for password:
Let me know what you think.
-
Aug 3, 2013 4:38 AM in response to brian_cby winglet,I was having exactly this same problem!
I keep a small encrypted disk image storing sensitive banking information. I do NOT have the option to store passwords in Keychain checked, and I verified that the password is not being stored in Keychain.
Yet, when I double-clicked the supposedly encrypted sparsebundle disk image, it opened right up and mounted - no password required! Unbelievable, right? So I started to investigate.
I first noticed this behaviour in Mountain Lion, I'm running 10.8.4 on a 2.7 GHz 15" MBPr.
In past versions of OS X I would mount the volume to work on it by double-clicking on the disk image, enter my passowrd, and then Eject the volume either by dragging to the trash or clicking the Eject button on the Sidebar. The next time I would try to access the disk image by double-clicking it, it would again prompt for a password. All good.
What seems to be happening in ML is, using the same workflow, even though the volume is disappearing from Finder, the disk image is not actually being unmounted!
When I go to Disk Utility, the disk image is still mounted, but the volume is grayed out. When I Eject the disk image in Disk Utility, it then reverts to the expected bahaviour, and double-clicking on the disk prompts for a password.
So the workaround seems to be when finished working on the volume, go to Disk Utility and manually Eject the disk image (as opposed to just the volume it mounts) to ensure it has unmounted and is thus again encrypted. The reason for it sometimes requiring a password, sometimes not is probably because after a restart of the computer it would unmount all disks, and then be unable to re-mount it until the password is entered. But in between, unless you were aware of this behaviour anyone with access to the disk image can view its contents.
What a terrible security flaw IMO, as there is no visual indication in Finder that the disk image is still unprotected after you unmount its volume and that icon disappears! I'm surprised this hasn't gotten more attention.
Incidentally brian_c, I tried to look at your linked videos but it returns the message that the videos violated the TOS of the site...?
-
Mar 12, 2014 8:24 PM in response to brian_cby SamNavon,Just weighing in that this happens to me too and I echo the disbelief in such a significant bug and its lack of attention!
-
Sep 16, 2016 7:48 PM in response to SamNavonby mlmason,Bug confirmed:
I am *not* prompted to skip remembering the password in the keychain. There is literally no box to tick under the password confirmation form.
Secondly, in the keychain itself, I can find absolutely no record that the password was even saved to the keychain to begin with. Where did the password go? Is this disk image literally WITHOUT a password at all? Seems like pretty huge encryption bug and a fairly disturbing security flaw at that right here...