So you got a Mac computer from work. If you’re like many Apple-product users, you use iMessage to communicate with others. You probably won’t be able to resist the temptations of logging in to iMessage from your work Mac. It’s just so convenient! Besides, what should you be worried about, iMessage is “secure”, right?
Maybe – but let’s make sure you fully understand what happens when you log in to iMessage on a Mac. Many people are not fully aware of how iMessage works. If you’re like many people, you wouldn’t want others to read your private iMessage conversations (and see attachments, including photos, others may have sent you or you may have sent others). You probably want to keep your private conversations private.
So, let me show you why you shouldn’t login to (personal) iMessage on your work computer. What you’re about to learn might surprise you 😀
iMessage automatically (out of the box) saves your conversations in a SQLite database file and all attachments in ~/Library/Messages (“~” means your “home” folder).
What this means is you don’t need to check “Save history when conversations are closed” (see screenshot below) option in iMessage Preferences in order for iMessage to begin saving your conversations.
Checking this box only means that conversations that you have closed will also be archived.
Things you need to know about the archive:
- It’s NOT encrypted
- It contains all messages/conversations
- It contains all attachments (photos, …)
- It’s remains on the computer even after you’ve logged out of iMessage (including remote logout).
I don’t see the “Library” folder…
That’s completely normal. It’s because the Library folder is hidden by default in your Mac. To access it, open Finder, type CMD + G and enter “~/Library”.
From there, you can open the “Messages” folder.
(Alternatively, you can type ~/Library/Messages in the dialog box to get directly to the “Messages“ folder.)
How to view the database file
Once you’ve navigated into ~/Library/Messages, you will see few files:
Attachments: you can just open this folder directly and view the attachments (e.g. photos) directly.
How others can (possibly) read your private conversations
Once someone has obtained the iMessage data files inside your ~/Library/Messages directory, they will be able to read your conversations (and see all attachments) using the techniques in the previous section or simply by replacing placing the iMessage data files into any Mac’s ~/Library/Messages (then restarting the Mac).
Now that we’ve established that your iMessage data is stored in your Mac in an unsecured fashion, let me walk you through situations that will allow your organization’s IT department to obtain the iMessage data files inside your ~/Library/Messages.
If your work Mac computer is set up to backs up its (user) data into a server, your IT department already has a copy of the iMessage data files in your ~/Library/Messages.
Typically, your organization maintains an Administrator user on your Mac. This Administrator user will be able to view all files in the system. Any files, including your ~/Library/Messages. In many cases, this doesn’t require physical access to your mac. In other words, this can be done remotely.
Solid State Drive (SSD)
The only method of SSD data wiping/sanitization approved by the United States Department of Defense (US DoD) and the National Security Agency (NSA) is to physically destroy the SSD drive through smelting or shredding.
This means that unless you’ve destroyed the physical drive, it’s possible to recover your data even after you’ve “wiped” the Mac.
Remote Management Software
Many IT departments install a piece of software that makes it easier for them to perform administrative tasks, such as deliver updates, install software, deliver security patches, and many more. Sometimes, the software also allows them to monitor activities on your work computer, which include the reading of your iMessage conversations.
Now, you might ask, why would my IT department be interested in reading through my iMessage conversations? Why would anyone be interested in them?
Either way, if you want to keep your iMessage conversations private, you should NOT login to (personal) iMessage on your work computer.
Never miss new posts
Get the latest tech innovation news from Ryan delivered straight to your inbox!