Fix This Mac Security Flaw by Removing the Quick Look Cache
A nasty new report circulating today is a great reminder that the Quick Look feature on your Mac – useful as it is for previewing files with the spacebar – stores information about the contents of encrypted USB drives connected to your system. …
In other words, plug in a drive that you previously encrypted with macOS or a third-party encryption utility, open its contents on your Mac with Quick Look – for example, some clandestine photos of your spyware activity – and your Mac. will create a cache of what you have opened. It stores the cache on your (presumably) non-encrypted hard drive, and access to its content, names and designs files you searched for, is not too difficult .
If you are very interested in privacy and prefer not to let your Mac reveal the secret content of your encrypted USB keys, you have several ways to deal with this problem:
- Don’t let people touch your Mac. To view the Quick Look cache, someone must have physical access to your system, as well as a way to bypass your security, authenticate to your computer, and pry a little. The easiest way to prevent this is to use strong passwords, lock the system with Touch ID (if applicable), and keep your Mac in sight.
- Encrypt your Mac. If you are using FileVault, this whole problem is no longer a problem. Quick Look will still store cache files on your system, but your system files will encrypt themselves. That way, even if someone swipes over your laptop and tries to figure out all the secrets you used to browse, they won’t get far if they can’t log in like you. And if they can, then no amount of encryption in the world will stop them from doing or seeing what they want (obviously).
- Remove the Quick Look cache. For some extra peace of mind, you can simply delete your system’s Quick Look cache regularly. Open Terminal, enter it and hit return:
qlmanage -r cache