

Using Spotlight from the OS X Commandline - eloisius
http://0xfe.blogspot.com/2006/03/using-spotlight-from-os-x-commandline.html

======
alister
I am very fond of the Mac, but the developers of Spotlight and the recent
Versions feature of OS X Lion have not given proper thought to users' security
and privacy.

Spotlight peeks inside files to create an index, and Version-supported apps
maintain a changelog of file diffs. These OS X features save data in hidden
locations, separate from the file.

This means that:

(a) it is very difficult to delete a file and be certain it's really gone,

(b) you can't have a public area, a private area, and a highly confidential
area on the same system; it's all commingled to the same level of privacy,

(c) you can't make a backup of the non-confidential files without risk of
getting the confidential files too,

(d) pieces of an encrypted file (if you use TrueCrypt for example) might get
saved unencrypted in Spotlight's and Version's hidden locations,

I could go on, but you get the idea. It breaks down the notion of a file
having a distinct level of security or privacy, and doesn't replace it with a
better notion.

We _already_ had the following problems:

(1) deleting a file doesn't really remove it on any major OS, including OS X,
unless you use a special shredding program, and these days even shredding may
be ineffective on solid-state drives because of wear-leveling and caching,

(2) the swap space can contain pieces of a file,

(3) temporary files created by editors, word processors, and other apps might
retain parts of file.

Now Spotlight and Versions make the problem even worse for Mac users who care
strongly about privacy and security.

We're getting to the point--or probably well past the point--where you have to
maintain at least 2 or 3 separate systems: one for public work, another for
personal or private work, and a third for highly confidential work.

~~~
earl
You can easily exclude folders or disks from spotlight indexing.

System Preferences -> Spotlight -> privacy tab

to overwrite then delete the spotlight indices, disable spotlight then
overwrite and delete:

    
    
       $ sudo srm --simple -rf /.Spotlight-V100/
    

There's also whole disk encryption (unfortunately not particularly robust -- I
don't understand the reason but something about how the login password is
stored seems to make this somewhat weak to eg the government) built in, as
well as encrypted disk images and truecrypt.

~~~
alister
I do know how to turn off Spotlight, but thank you.

My broader point is that it is becoming impossible to truly delete a file or
maintain separation between different parts of your data unless you are _very
technical and meticulous_.

How many other features are there in OS X like Spotlight or Versions that we
need to be aware of?

The OS should be designed so that we don't need to be constantly on guard for
these privacy gotchas.

~~~
ZoFreX
I would argue that disabling Spotlight indexing for a particular folder isn't
that technical, the UI for it is very simple. Of course, realising that you
should do this perhaps requires a more technical mind! Overall though the
point remains (swap, SSDs, etc), and is quite scary.

------
_pdeschen
It's nice to have access to such UI components from the command line.

One of my favorite is pbpaste/pbcopy.

What's yours?

~~~
bpierre
`open` is very convenient to… open things (see `man open`).

Tip: `open .` opens the current directory in the Finder.

~~~
jasomill
Another tip:

    
    
        open vnc://[user@]host[:port]
    

connects as _user_ to _host_ on _port_ with Screen Sharing, and, more
generally, "open URL" works for any URL scheme registered with Launch
Services, including, but not limited to, the obvious ones.

------
sgt
Seems like

alias locate='mdfind'

is in order (on my system).

~~~
jasomill
mdfind is basically orthogonal to locate (doesn't match individual files
inside packages; handles wildcards differently), but it does produce
find(1)-compatible output, which is nice:

<http://jasomill.at/mdfind-dired.el>

------
kghose
On my mac command+space switches the input mapping. Just sayin'

~~~
eloisius
I'm interested in accessing this programmatically, of course. I've been
thinking a lot about "Memex" lately, and the Spotlight index could be a very
good engine for that.

