Sadly, looks like they also didn’t store the files in an area accessible only to the user that created them. That seems like the most logical protection… I’m less worried about encryption if only my user id can access the files…
According to the post linked in the article, it’s under ~/Library/Application Support.
The good news is that ~/Library isn’t world-readable by default. The bad news is that it’s still very easily readable by any process running under the user and by any other user with admin privileges or access to sudo.
Sadly, looks like they also didn’t store the files in an area accessible only to the user that created them. That seems like the most logical protection… I’m less worried about encryption if only my user id can access the files…
According to the post linked in the article, it’s under
~/Library/Application Support
.The good news is that
~/Library
isn’t world-readable by default. The bad news is that it’s still very easily readable by any process running under the user and by any other user with admin privileges or access tosudo
.