Q: Unencrypting a dmg folder: does this create a security issue
Once you unencrypt the files to view or edit them, does this create a security risk? Once they are again encrypted, do the unencrypted files remain on disk blocks where someone could recover them? I ask because I worry if someone stole my USB flash drive that they could recover files which had been un-encrypted.
My assumption is that when you re-encrypt the folder, it doesn't securely overwrite the blocks where the unencrypted folder was located.
Example:
1. Encrypt "myfolder" (it's name changes from myfolder to myfolder.dmg; essentially creating a new file and leaving the unencrypted folder there)
2. use srm -v to securely delete the unencrypted version of myfolder
3. when you need to use the files in myfolder.dmg, un-encrypt myfolder.dmg (assume this creates a new folder "myfolder" and removes the .dmg folder).
4. re-encrypt myfolder when done (assume this creates a new file called myfolder.dmg, but leaves the unencrypted myfolder there).
5. Need to srm -v myfolder (the unencrypted version)
iMac (Retina 5K, 27-inch, Late 2014), OS X El Capitan (10.11.2)
Posted on Jan 7, 2016 11:04 AM