Connect with us

Technology

Why Does Apple Keep History Of Every File Downloaded In OS X?

Published

on

View Apple OS History

Have you ever wanted to look at what you have downloaded years ago on an OS X computer? No? Well Apple is keeping this information for you anyways. The blog  idownloadblog has uncovered the way to unveil all the download details.

“It’s essentially an SQL command that you run via Terminal. It goes into the database and extracts the full contents of your download history logs as found in the LSQuarantineEvent. It doesn’t matter where, or how you downloaded these files, in most cases the download should be logged.”

The only downloads that are not found here are  Mac App Store apps. Pretty much everything else can be found with the commands below.  Using secure browsing methods do not stop the OS from capturing the files. Private browsing in Safari  and incognito mode in Google Chrome do not stop the log from tracking downloads.

“Step 1: Open Terminal

Step 2: Copy and paste the following command into your Terminal window:

sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* ‘select LSQuarantineDataURLString from LSQuarantineEvent’

Step 3: Press Return on your keyboard and a full list of all of the files logged within LSQuarantineEvent will be printed to the Terminal screen. You can then copy and paste the entire Terminal window, or individual file locations.”

Users that would like to download the history and save it to a file can run the following command in terminal. This will output the all history to a .txt file in the downloads folder.

sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* ‘select LSQuarantineDataURLString from LSQuarantineEvent’ > ~/Downloads/downloadhistory.txt\

Mac OS X users can also clear out the history by running this command in terminal. It is important to note that this will not stop the process, but it will clear the results saved in the OS. Both of these SQL commands were posted by Reddit user Swested.

sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* ‘delete from LSQuarantineEvent’

A major question on the minds of OS X users is why this information is kept? Can it be accessed by Apple or other programs? This file can be cleared, but stopping the recording process has unknown effects on the overall security.

This same security is becoming a factor for Apple users who have previously been “safe” from malware. The most recent Java exploits also effect many older versions of Java for the Mac. This type of problem with Java has caused Apple to previously remove the Java plugin from all OS X browsers. OS X might be based on the more secure Unix OS, but 3rd party software and plugins are often found to be vulnerable.

Check download history on OS X with Terminal

Check download history on OS X with Terminal
Description: How to extract download history from the OS X Terminal.

Environmentalist. Consumer Tech Journalist. Science Explorer. And, a dreamer. I've been contributing informative news content since 2010. Follow me on all socials!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Mozilla Will Roll Out A Feature That Would Alert Users If They Passwords Were Compromised

The new feature is expected to rolled out with Firefox 70.

Published

on

Photo: Mozilla Website

In the age where the majority of human life is centered around the internet, passwords are one of the most important things to secure, especially that data breaches and system infiltrations seem to become a commonplace. In order to protect user passwords, Firefox is launching a feature that would alert the user who saves their passwords in the browser whenever those passwords have been compromised in a breach.

Last year, teach giant, Mozilla Firefox have collaborated with Hunt to develop a built-in password monitoring feature that would alert users if their passwords were part of a publicly disclosed breach. Furthermore, the Monitor tool from Firefox would send users notifications to users whenever the saved data in their system has the potential to be compromised aside from running a scan retroactively.

“It can be hard to keep track of when your information has been stolen, so we’re going to help by launching Firefox Monitor, a free service that notifies people when they’ve been part of a data breach. After testing this summer, the results and positive attention gave us the confidence we needed to know this was a feature we wanted to give to all of our users,” reads a blog post from Mozilla.

Now, Mozilla Firefox is said to be in the works to integrate the feature to Lockwise password manager, a system that protects and encrypts users passwords. They are working on launching the new feature along with the new version of the browser, the Firefox 70.

The feature works with cross-referencing data with the popular data breach database, Have I Been Pwned. The integration will scan and detect all saved login credentials in both Locwise password manager as well as Mozilla Firefox browser and cross-referencing those entries to a massive database of data leaks reported by Have I Been Pwned, while simultaneously and continuously alerting users if a match has been made.

“Visit monitor.firefox.com and type in your email address. Through our partnership with Troy Hunt’s “Have I Been Pwned,” your email address will be scanned against a database that serves as a library of data breaches. We’ll let you know if your email address and/or personal info was involved in a publicly known past data breach. Once you know where your email address was compromised you should change your password and any other place where you’ve used that password,” explains Mozilla on how the Monitor works.

According to Mozilla, Firefox Monitor has already had 635,000 people have signed up for alerts, and they are expanding with Lockwise to increase this number and help people secure their passwords.

The notifications and alerts will be curated in the Firefox Monitor Dashboard. Through the breach dashboard, users will receive a quick summary of updates for all registered email accounts and passwords. They will be able to easily identify which emails and passwords are being monitored, how many known data breaches may have exposed their information, and specifically if any passwords have been leaked across those breaches.

“Being part of a data breach is not fun, but keeping track of and knowing where your private information may have been made public is one of the first steps in taking control of your online privacy,” Mozilla penned in a blog post.

However, for Locwise users, the monitoring will not work retroactively. That means that users have to manually check if their passwords were part of an older breach.

Nonetheless, the new feature has been updated to include more detailed stats will also be displayed on the extent of the impact on your account, including the number of email addresses affected, amount of breaches they are involved with, and the number of passwords exposed in the breaches.

For those who are wondering how Mozilla will be handling the submitted emails to their monitoring system, they said that they would do their best to protect the emails submitted for scanning.

“If you’re wondering about how we’re handling your email address, rest assured we will protect your email address when it’s scanned. We talked about the technical details on how that works when we first launched the experiment. This is all in keeping with our principles at Mozilla, where we’re always looking for features that will protect people’s privacy and give them greater control when they’re online.”

Firefox 70 is expected to be out in October.

Continue Reading

Technology

Study Finds Google And Facebook Trackers In Porn Sites

Google and Facebook are watching you watching porn.

Published

on

Photo: Gonçalo Nobre | Flickr | CC BY 2.0

The success of online advertising relies on the ability of advertisers to track the online behavior of their target market. And to do this; they have to clip in several trackers all around the internet to ping back a response that gauges a target customer’s online presence. However, a recent study suggests that these trackers are also present in porn sites that allow massive advertising platforms like Facebook, Google, and Oracle to track people’s pornographic behavior.

The study entitled “Tracking sex: The implications of widespread sexual data leakage and tracking on porn websites” suggests that a massive number of porn sites available on the internet contain ad pixels that can be traced back to the three mentioned above companies. Researchers from Microsoft, Carnegie Mellon, and the University of Pennsylvania scanned 22,484 porn sites, and they found out that these sites are platforms for Facebook, Google, and Oracles to track people’s porn-viewing.

“Our analysis of 22,484 pornography websites indicated that 93% leak user data to a third party. Tracking on these sites are highly concentrated by a handful of major companies, which we identify. We successfully extracted privacy policies for 3,856 sites, 17% of the total. The policies were written such that one might need a two-year college education to understand them. Our content analysis of the sample’s domains indicated 44.97% of them expose or suggest a specific gender/sexual identity or interest likely to be linked to the user,” the study’s abstract stated.

The study reveals that out of the more than 22 thousand porn sites examined by the researches, 16,638 sites had Google trackers, 5,396 had Oracle trackers, and 2,248 Facebook trackers. Researchers warned that this information leak should be extremely worrying for many users: “The fact that the mechanism for adult site tracking is so similar to, say, online retail should be a huge red flag.”

“These porn sites need to think more about the data that they hold and how it’s just as sensitive as something like health information. Protecting this data is crucial to the safety of its visitors. And what we’ve seen suggests that these websites and platforms might not have thought all of this through like they should have,” said Elena Maris, a postdoctoral researcher at Microsoft and the study’s lead author.

According to the researchers, people generally think that the websites they visit are owned by one single entity. However, they are not aware that most of the sites on the internet have third parties installing their hidden codes. Such “third-party” code can allow companies to monitor the actions of users without their knowledge or consent and build detailed profiles of their habits and interests. Such profiles are often used for targeted advertising, for example, by showing ads for dog food to dog owners.

And advertising is where platforms like Facebook and Google earns much of its revenue. “Many websites and apps have revenue-sharing agreements with third-party advertising networks and gain direct monetary benefit from including third-party code,” the study suggests.

However, in a statement, a Google spokesperson denied that they allow their advertisers to run ads in sexually explicit websites and porn sites. “We don’t allow Google Ads on websites with adult content, and we prohibit personalized advertising and advertising profiles based on a user’s sexual interests or related activities online. Additionally, tags for our ad services are never allowed to transmit personally identifiable information to Google.”

Similarly, Facebook also echoed the same statement saying that the company’s ad Community Guidelines does not allow running Facebook trackers on adult websites and pornographic hubs. Facebook’s pixel tracker is, however, can easily be installed on any website, but Facebook claims not to track data collected from pornography websites.

Nonetheless, the researchers said that the results of their study suggest that there are indeed tracking codes in the porn sites they have scanned. Moreover, they said that their results have opened to different implications. Most of these implications revolve around the risk of tracking pornographic behavior as well as to the process of giving out consent to being tracked.

“We identify three core implications of the quantitative results: 1) the unique/elevated risks of porn data leakage versus other types of data, 2) the particular risks/impact for vulnerable populations, and 3) the complications of providing consent for porn site users and the need for affirmative consent in these online sexual interactions,” they concluded.

Continue Reading

Technology

FaceApp And The Double Standards Against Tech Startups — An Opinion

FaceApp is crucified for doing the exact same thing as other photo-sharing platforms like Facebook and Instagram.

Published

on

Photo: charlene mcbride | Flickr | CC BY 2.0

There’s much speculating about how the popular photo-manipulation app, FaceApp, would use the data it collected from users who used the platform to take a sneak-peek of how they would look like in the future.

Following the success of the small-time Russian app on social media platforms like Facebook, Instagram, and Twitter; many have raised concerns regarding how the app could potentially be a privacy and security risk for users. After the news broke out, major news outlets shared their opinions of how the app has gained access to a dataset of photos from millions of people and how the app can use the materials without the owner’s concern — which is clearly stated in the app’s terms and conditions.

By submitting your photo to the app, you “grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.”

The issue of FaceApp being blown out of proportions highlights the fact that people don’t really care about their online security and privacy. Many of the app’s users responded with a blunt “I don’t care” to the news that FaceApp could potentially compromise their data.

Double standards vs. FaceApp

However, one of the most untalked elements of the issue is how it highlights the double standard that people impose on small-time developers and tech startups, as compared to tech superpowers like Facebook, Google, and Youtube.

In the get-go, it is clear that there is a potential security risk involving FaceApp and the fact that it is connected to a Russian company. However, these risks are also present in models of massive tech companies, especially social media and photo-sharing platforms like Facebook and Instagram.

Facebook and Instagram, as platforms where users freely “upload” and share photos (and other data) of themselves, process millions of terabytes of data every day. These two platforms have access to a much more significant database of photos that can be compromised at any time.

If you come to think of it, the risk in sharing your photo on Facebook and Instagram is much damning than when you use FaceApp. But we have not heard the media calling out Facebook and warning people not to upload their photos on Instagram.

The risk is the same.

The difference between Facebook and FaceApp is that Facebook (and Google) has a history of selling your data to third parties. Last year, Facebook faced the US government for allegedly selling US citizens’ data to Cambridge Analytica, a British PR firm accused of helping the Russians and Donald Trump influence public opinion through fake news, and a series of anti-Hillary campaigns.

Another argument used against FaceApp is that it asks a series of permission, including access to a user’s camera roll. They stipulate that once given this access; the app would have the capability to gain unauthorized access to all the photos saved on the user’s device.

In a statement, FaceApp clarifies that the permission was necessary for them to gain access to the photo selected by their users. FaceApp added that the app “performs most of the photo processing in the cloud, upload a photo selected by a user for editing, and never transfer any other images from the phone to the cloud.”

While this is indeed a sketchy practice, it is also worthy to note that Facebook and Instagram also ask for this permission. Meaning, they too have access to the plethora of photos (embarrassing or not) saved in a user’s phone. And again, we don’t hear media and experts telling us not to upload pictures on Facebook and Instagram, nor are they stopping us from giving that permission to those social media giants.

This is a reality for small-time developers and tech start-ups. Often, when they release innovation, people quickly become too skeptical and raise concerns about their new product.

But this does not go to show that we should stop criticizing technology. At all cost, we should. The only problem with the reality right now is that we burden budding technology with so many things to prove while we let established tech companies get away with the exact same thing.

The bottom line is that if we are going to tell people to be vigilant of FaceApp, we should not single the app out. Instead, we should tell people to be watchful of the risks that come with all technology — including those that are produced by large tech companies.

Continue Reading

Trending