View Single Post
Lifeisabeach

 
Lifeisabeach's Avatar
 
Member Since: Sep 30, 2007
Location: Wilmington, NC
Posts: 7,048
Lifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond reputeLifeisabeach has a reputation beyond repute
Mac Specs: iMac i3 (mid-2010) + OS 10.9; TV 3; iPhone 5S; iPad 4

Lifeisabeach is offline
I was toying around the other day with another of MacKeeper's modules. It claims to be able to encrypt and hide files/folders of one's choice. The way it works is you first set a master password for this module in MK. This password is required to hide/unhide anything you add to it. Next, you drag the file/folder into that module in MK. You can OPTIONALLY choose to encrypt it. Otherwise, it will "simply" hide the file/folder. Once done, the file will disappear and can only be unhidden by using MacKeeper and requires the master password you set beforehand.

Now… as I said, encrypting the newly hidden file is optional; unhiding it already requires the master password you set; so it seems pointless to use the encrypt option, which will add yet another password. I'm sure many people may see it that way. The problem is that the way MK "hides" these files is seriously asinine and easily defeated.

Firstly, I found the file by enabling Finder to show hidden files. Where the original file was (a simple jpg image) that I had used in this testing, I found a file whose name was preceded by a period. Adding a period to the front of a name is a quick and dirty method of hiding files in OS X, and OS X does use it extensively, but it's not the only way. Files can simply be "flagged" as hidden.

Secondly… the name of this hidden file initially looked like gobbledygook. In actuality, it was the original name of the original file spelled backwards, with the user name appended and spelled backwards, and "MacKeeper" appended to the name… again backwards. There was no extension, and in fact the original extension (.jpg) was stripped. Adding the extension .jpg didn't work, so clearly this was some other type of file and the contextual menu showed it was a package of some sort. After looking through the package, I thought that the structure looked familiar, so I appended .dmg to the file name and BAM! I had a mountable disk image with my jpg file in it.

So… all MK is doing is putting the original file in a disk image; putting a period in front of the name to "hide" it; and technically keeps the original name but spells it backwards. I should also mention that the original file, once "hidden" by MK, is simply moved to the Trash. Forget to empty the trash, and the file you wanted to hide is still recoverable. Empty the Trash but have access to competent file recovery software? You should be able to recover it. Didn't use the encryption option? The "hidden" file is easily found and recovered. if you do use the encryption option, trying to mount the dmg as I did will result in a prompt for a password. Not MK's master password… the secondary one if you optionally use the encryption option. So it seems they add some degree of value here. Or do they?

Literally, once you take away MK's hokey and easily circumvented system of "hiding" these files, you have a disk image that can be created, with encryption, by a number of other free tools, including what comes with OS X… Disk Utility. I suppose MK's system here is adequate for technical illiterates who don't have a really strong NEED to keep something from prying eyes, and more importantly don't have nosey friends/family who are more technically competent. But for anyone else, relying on this would be foolish.


Please verify and include the exact model/year of your Mac and OS X version number (available from "About This Mac", then "More Info" on the Apple menu).
------
Links: Onyx | EasyFind | Apple Hardware Test | How to test your hard drive | The Safe Mac Adware Removal Guide | Uninstall MacKeeper
------
Lifeisabeach - Mac-Forums Member of the Month June 2009, Feb 2012, and March 2013.
QUOTE Thanks