{"id":47608,"date":"2022-09-26T15:13:59","date_gmt":"2022-09-26T13:13:59","guid":{"rendered":"https:\/\/cyberant.com\/wat-is-het-risico-van-ds_store\/"},"modified":"2023-04-12T16:00:31","modified_gmt":"2023-04-12T14:00:31","slug":"the-risk-of-ds_store","status":"publish","type":"post","link":"https:\/\/cyberant.com\/en\/the-risk-of-ds_store\/","title":{"rendered":"The risk of .DS_Store"},"content":{"rendered":"\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-l8isgxha-b34bb825c662697241e164a67cb76918\">\n#top .av_textblock_section.av-l8isgxha-b34bb825c662697241e164a67cb76918 .avia_textblock{\nfont-size:40px;\n}\n<\/style>\n<section  class='av_textblock_section av-l8isgxha-b34bb825c662697241e164a67cb76918 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h1 class=\"h2 entry-title\">The risk of .DS_Store<\/h1>\n<\/div><\/section>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-av_hr-8ddc7023771561a08c2d1878cbb01bdc\">\n#top .hr.hr-invisible.av-av_hr-8ddc7023771561a08c2d1878cbb01bdc{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-av_hr-8ddc7023771561a08c2d1878cbb01bdc hr-invisible  avia-builder-el-1  el_after_av_textblock  el_before_av_textblock '><span class='hr-inner '><span class=\"hr-inner-style\"><\/span><\/span><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-l8ish9sl-e92fbc58c5c0094106426c03ca7ea312\">\n#top .av_textblock_section.av-l8ish9sl-e92fbc58c5c0094106426c03ca7ea312 .avia_textblock{\nfont-size:16px;\n}\n<\/style>\n<section  class='av_textblock_section av-l8ish9sl-e92fbc58c5c0094106426c03ca7ea312 '   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p id=\"tw-target-text\" class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\">The .DS_Store file is automatically created by MacOS when a user opens a folder with Finder, the default file manager of MacOS. The file contains information about which files are in the folder and contains options such as what icons look like. <\/span><\/p>\n<p class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\">In most cases this isn&#8217;t a big deal, but there are situations where the presence of such files becomes problematic (or an opportunity, depending on whose side you are on). <\/span><\/p>\n<p class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\"><strong>.DS_Store is not up to date<\/strong><br \/>\n<\/span><span lang=\"en\">There are roughly two scenarios where a .DS_Store can cause problems. The first is that the .DS_Store is only updated by Finder. Suppose you create a file &#8220;secret-plan-to-overthrow-the-government.docx&#8221;, and save it to a USB stick. Then you decide to delete the document with a Windows computer. In that case the .DS_Store will not be updated, but if someone looks in the file, they can see that this file was present. The content may not be in the file, but the name of the deleted file is. Someone who finds the USB stick can then decide to see if he can retrieve the file. <\/span><\/p>\n<p class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\"><strong>.DS_Store is located on a web server<\/strong><br \/>\nAnother problem can arise when a folder is uploaded from an Apple computer to a website. Normally a visitor cannot see what is in that folder. If you go to www.example.com\/ you cannot see which files are on that website, you only see the index file. It is a bad idea to save files with sensitive data in the web root without protecting it, but suppose you have a backup of the database in that folder, backup-05-01-2021-awesome-project.sql. There is a good chance that someone will never find that backup because of the long name. That will be a different story when this file is also reported in the .DS_Store. Then it is easy to read and you run the risk of a data breach.<\/span><\/p>\n<p class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\"><strong>Contents of the file<\/strong><br \/>\nThe .DS_Store contains binary data, which means that you cannot read the file with a standard text editor. intelx.io has a <a href=\"https:\/\/intelx.io\/tools?tab=filetool\" target=\"_blank\" rel=\"noopener\">handy online tool<\/a> that can read such files.<\/span><\/p>\n<p class=\"tw-data-text tw-text-large XcVN5d tw-ta\" dir=\"ltr\" data-placeholder=\"Vertaling\"><span lang=\"en\"><strong>What can you do to prevent a data breach<\/strong><br \/>\nThe simplest is of course to delete the .DS_Store file. Are you a software developer using Git? Then it is wise to add the .DS_Store file to your .gitignore file.<\/span><\/p>\n<div class=\"text-center\">\n<div class=\"post-thumbnail\"><picture><source srcset=\"https:\/\/cyberant.com\/wp-content\/webp-express\/webp-images\/doc-root\/wp-content\/uploads\/2021\/02\/data-1590455_1280-1024x691.jpg.webp 1024w, https:\/\/cyberant.com\/wp-content\/webp-express\/webp-images\/doc-root\/wp-content\/uploads\/2021\/02\/data-1590455_1280-300x203.jpg.webp 300w, https:\/\/cyberant.com\/wp-content\/webp-express\/webp-images\/doc-root\/wp-content\/uploads\/2021\/02\/data-1590455_1280-768x518.jpg.webp 768w, https:\/\/cyberant.com\/wp-content\/webp-express\/webp-images\/doc-root\/wp-content\/uploads\/2021\/02\/data-1590455_1280-413x279.jpg.webp 413w, https:\/\/cyberant.com\/wp-content\/webp-express\/webp-images\/doc-root\/wp-content\/uploads\/2021\/02\/data-1590455_1280.jpg.webp 1280w\" type=\"image\/webp\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><img decoding=\"async\" class=\"attachment-large size-large wp-post-image webpexpress-processed\" src=\"https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280-1024x691.jpg\" sizes=\"(max-width: 640px) 100vw, 640px\" srcset=\"https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280-1024x691.jpg 1024w, https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280-300x203.jpg 300w, https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280-768x518.jpg 768w, https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280-413x279.jpg 413w, https:\/\/cyberant.com\/wp-content\/uploads\/2021\/02\/data-1590455_1280.jpg 1280w\" alt=\"Het .DS_store is een inhoudsopgave van je map\" width=\"640\" height=\"432\" \/><\/picture><\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":11,"featured_media":1293,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[195,216],"tags":[196,182,183,190,185,186,193,194,188],"class_list":["post-47608","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hacken","category-knowledge-base","tag-ds-store-en","tag-cyber-security-en","tag-cyberaanval-en","tag-datalekken-en","tag-hacker-en","tag-it-infrastructuur-beschermen-en","tag-penetration-test-en","tag-pentest-en","tag-vulnerability-management-en"],"_links":{"self":[{"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/posts\/47608","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/comments?post=47608"}],"version-history":[{"count":0,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/posts\/47608\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/media\/1293"}],"wp:attachment":[{"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/media?parent=47608"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/categories?post=47608"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberant.com\/en\/wp-json\/wp\/v2\/tags?post=47608"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}