Rixstep
 About | ACP | Buy | Industry Watch | Learning Curve | Search | Testimonials
Home » Learning Curve

Dog of Son of Bride of .DS_Store

Back by popular request.


Buy It

Try It

RTP (Rixstep) — It's loved. It's hated. It's never going away.

.DS_Store

Thank goodness there are none on this system. For now. Not a one.



Starting as root from root.



Off we go.



Finally.



But they'll be back. Knock on wood.

The Legacy

They have to be one of the most curious things about Apple's adaptation of NeXTSTEP. Word has it that Steve Jobs unveiled NeXT's File Viewer for a select group - and got booed.

Here's a screenshot of File Viewer running inside the Workspace, back when the Workspace was visible.



Aside from the shelves, that looks pretty familiar, doesn't it?

Anyway, as the story continues, interim CEO Steve P Jobs knew he had to come back with something with a more acceptable name. No matter it almost looked and worked the same: it needed a different name.

Oh - it also needed spatiality. Spatiality was a cool thing, especially for System 7, where reasonably everything fit in a single folder. Then you could arrange your big icons any way you wanted - in a circle, a rectangle, like a checkerboard, star-shaped.

Best of all was that the OS vendor could use it to place some things way the F out there - like '/.HFS+ Private Directory Data\r'.



And the best way to do this was to invent .DS_Store.

We first wrote about it here. In 2003.

They're written with the dot ('.') in the beginning of the name so they won't intrude and scare. Any file beginning with a dot is invisible in Unix. .DS_Store files are stored for folders and in folders, on a per-folder basis, one file per folder. The idea is good enough; it's the implementation that screws up. Fortunately you don't have to be a computer genius to understand why; you only have to think about it for a moment. Follow along for the ride.'

Arno Gourdol came out of the woodwork in 2006 and admitted he'd known of the programming flaw.



'Those files should only be created if the user actually makes adjustments to the view settings or sets a manual location for icons in a folder. That's unfortunately not what happens, and visiting a folder pretty much guarantees a .DS_Store file will get created.'

'Cro Magnon' at the Ars forums had a few choice words to say.

'The villain who came up with these damn things has now been unmasked - or has unmasked himself. Now users know who to blame for those extra files that turn up in emailed archives and make them look a tit in front of their friends on *nix or Windows machines.'

And here's the kicker: this saw the light of day in December 2006. As of this month, that's twelve years ago.

By 2006 we had extended attributes. Apple reserved two special cases of extended attributes: for legacy resource fork data and for Finder info. Have they been so busy in Cupertino for the past twelve years that they couldn't eradicate the pestilence of .DS_Store - or, at the very least, correct the programming error?

You don't save settings if those settings are the defaults. No one does. Save complete idiots.

Apple Macintosh OS X .DS_Store Directory Listing Disclosure Vulnerability

But .DS_Store wasn't only a cosmetic adventure. Already in May 2003 the file was known to be a potential security vulnerability. That's when this classic exchange took up again. From earlier:

From: Apple
Date: Sat, 25 Mar 2003
To: Rixstep
Subject: Re: Internet-Enabled

Why do your users care about .DS_Store files? They're invisible.

John Geleynse

Then:

From: Rixstep
Date: Mon, 26 May 2003 06:40:03 +0000
To: Apple
Subject: .DS_Store Security Vulnerabilities

http://www.securityfocus.com/bid/3324/info/

You knew this when you wrote to us, didn't you, John?

What did you write, John?

'Why do your users care about .DS_Store files? They're invisible.'

From: Apple
Date: Mon, 27 May 2003 19:50:04 +0000
To: Rixstep
Subject: Re: .DS_Store Security Vulnerabilities

My comments about users and .DS_Store files related to the overall user experience of an installation, period. I was not thinking about security related issues at all.

√ Apple introduced a defaults command to keep .DS_Store out of networks.

defaults write com.apple.desktopservices DSDontWriteNetworkStores -bool YES

√ '.DS_Store' turns up about a million hits at Google today. It's very popular.

https://www.google.com/search?q=.DS_Store

√ It's got its own Wikipedia page.

https://en.wikipedia.org/wiki/.DS_Store

√ This section is very interesting:

https://en.wikipedia.org/wiki/.DS_Store#Problems

√ There's even a utility to stop the critters being written to disk. And yet no one at Apple does anything about it, and users continue to put up with it.

Put Back?

Perturbed that Microsoft of all competitors had a superior 'recycle bin' system, Apple came out with the same sort of thing in 2009. And it totally sucked.

0110  00 41 00 72 00 6e 00 6f  00 20 00 4c 00 69 00 76  |.A.r.n.o. .L.i.v|
0120  00 65 00 73 00 21 00 21  00 31 00 21 70 74 62 4c  |.e.s.!.!.1.!ptbL|
0130  75 73 74 72 00 00 00 18  00 55 00 73 00 65 00 72  |ustr.....U.s.e.r|
0140  00 73 00 2f 00 6d 00 61  00 63 00 75 00 73 00 65  |.s./.m.a.c.u.s.e|
0150  00 72 00 2f 00 44 00 6f  00 63 00 75 00 6d 00 65  |.r./.D.o.c.u.m.e|
0160  00 6e 00 74 00 73 00 2f  00 00 00 0e 00 41 00 72  |.n.t.s./.....A.r|
0170  00 6e 00 6f 00 20 00 4c  00 69 00 76 00 65 00 73  |.n.o. .L.i.v.e.s|
0180  00 21 00 21 00 31 00 21  70 74 62 4e 75 73 74 72  |.!.!.1.!ptbNustr|
0190  00 00 00 0e 00 41 00 72  00 6e 00 6f 00 20 00 4c  |.....A.r.n.o. .L|
01a0  00 69 00 76 00 65 00 73  00 21 00 21 00 31 00 21  |.i.v.e.s.!.!.1.!|

A file moved to the Windows Recycle Bin is stored with a unique identifier, and the identifier goes into a sort of 'dictionary' along with the original path, making it child's play to restore.

Apple's genial solution was to plaster the data in the .DS_Store for ~/.Trash.

√ Then there was clickbait like this, coming over ten years after the brouhaha began.

The article, last updated 22 February 2018, purports to show you 'How to remove .DS_Store files', but does nothing of the sort.

√ Just like this one.



√ Someone at Ask Different asked if removing .DS_Store could cause a convex singularity implosion in a galaxy far, far away.

√ Someone working with Git had a conniption fit some six years ago over .DS_Store. You'd think with all the annoyance they've caused, those engineers at Apple...

√ They've even been found on Windows.

'My operating system is Windows 7 64-bit and to the best of my knowledge I never accessed an Apple computer nor was accessed by one.'

People start freaking out like it's HIV. Or something. (Is it HIV?)

'... but that's not the only way you can get them. You may have gotten it in an archive (ie: a Zip file perhaps) you picked up someplace, which was originally created on a Mac. I run into these all the time in archives we get from our graphic designers.'

/* ... */

'That's where they come from, but if you don't know how it got there and you swear nothing has ever been done to put it there, then we can't tell you where you picked it up, and we probably can't convince you it's harmless. If you are really worried it's an infection or something, then format and reinstall Windows.'


Reinstalling Windows is suddenly a penicillin.

Those files should only be created if the user actually makes adjustments to the view settings or sets a manual location for icons in a folder. That's unfortunately not what happens, and visiting a folder pretty much guarantees a .DS_Store file will get created.
 - Arno Goudrol
Man, that's a lot of .DS_Store files.
 - Mark Miyashita

See Also
.DS_Insecure
.DS_Store
.DS_Store Redux
Apple! Put Back 'Put Back'!
Arno Lives!!1!
Bride of .DS_Store
Desktop Services Store
Of Assholes Gadflies Graybeards & Trolls
The Persistence of .DS_Store
Zeroes Are Nice

About Rixstep

Stockholm/London-based Rixstep are a constellation of programmers and support staff from Radsoft Laboratories who tired of Windows vulnerabilities, Linux driver issues, and cursing x86 hardware all day long. Rixstep have many years of experience behind their efforts, with teaching and consulting credentials from the likes of British Aerospace, General Electric, Lockheed Martin, Lloyds TSB, SAAB Defence Systems, British Broadcasting Corporation, Barclays Bank, IBM, Microsoft, and Sony/Ericsson.

Rixstep and Radsoft products are or have been in use by Sweden's Royal Mail, Sony/Ericsson, the US Department of Defense, the offices of the US Supreme Court, the Government of Western Australia, the German Federal Police, Verizon Wireless, Los Alamos National Laboratory, Microsoft Corporation, the New York Times, Apple Inc, Oxford University, and hundreds of research institutes around the globe. See here.

All Material and Software © Rixstep All Rights Reserved.

CONTACT INFO:
John Cattelin
Media Contact
contact@rixstep.com

About | ACP | Buy | Industry Watch | Learning Curve | Search | Testimonials
Copyright © Rixstep. All rights reserved.