macOS stores a copy of everything one prints forever

Поділитися
Вставка
  • Опубліковано 30 жов 2024

КОМЕНТАРІ • 199

  • @edrumsense
    @edrumsense 2 роки тому +318

    Just one random comment. Make sure to print the paper backups with laser printers not ink printers, even if you are going to laminate it, humidity will build up inside the plastic and mess with your backups.

    • @sunknudsen
      @sunknudsen  2 роки тому +104

      Great feedback! Laser for sure… and one can also print on acid-free paper.

    • @NoahElRhandour
      @NoahElRhandour 2 роки тому +42

      @@sunknudsen love youtubers that take their time to read trough comments👍

    • @dennisstreif520
      @dennisstreif520 Рік тому

      @@sparklesparklesparkle6318 yeah no, your back will get whipped and torn if your interrogated by fbi, i advise you to print your backupbackupbackup on contact lenses so if in need you can view it from there

    • @dennisstreif520
      @dennisstreif520 Рік тому +3

      @@sparklesparklesparkle6318 Pitty you that u only got Bluetooth over there, since i got vaccinated i now have 5G + i can sh*t QR codes which scan as the backup codes. Just get an upgrade man, it´s worth it!

  • @lizardspock4746
    @lizardspock4746 2 роки тому +53

    All you have to do is run the following from terminal to have it flush these files every day. You can also set them to "no" so that they are never saved, or a different timeout value. "cupsctl PreserveJobFiles=86400 PreserveJobHistory=86400". IMO this is a much better solution than what's described in the video. Also, running "cancel -a -x" will purge the currently saved print jobs.

    • @motherfucker42069
      @motherfucker42069 Рік тому +10

      hang on, so this entire hysteric is about CUPS logging jobs as it does by default??? holy shit lmao mac os users were a mistake

    • @kirkyorg7654
      @kirkyorg7654 Рік тому

      just like the no button on their phones that actually does not stop the phone from collecting all your searches, websites visits, etc. and sends it to Apple even when turned off !!!?? this company cannot be trusted they are as anti consumer as it gets

    • @umop3plsdn
      @umop3plsdn Рік тому

      @@motherfucker42069 exactly it’s a feature for quotas

    • @VFR1200F
      @VFR1200F 6 місяців тому

      Thank you for that solution, much better.

  • @stevejohnson1321
    @stevejohnson1321 2 роки тому +39

    So do most commercial copier-printers. If you make copies at staples etc., a copy is kept, usually on a SATA drive.

  • @WizardTim
    @WizardTim 2 роки тому +54

    Don't forget about that file thumbnail, depending on the OS it may be kept forever or until disk space is needed. Also plenty of PDF viewers will also keep a pre-rendered 'temp' cache of files and embedded images/fonts you've opened or even just navigated to a folder containing it. Some modern PDF viewers and OSes will even upload hashes of files to 'the cloud' or even in some cases the entire file even without you explicitly requesting it often without ever telling you it happened, this happens on cloud connected services like photo viewers with feature recognition as well as virus scanners.

    • @outrowed
      @outrowed 2 роки тому +3

      That's why you use a browser like Firefox or Chrome as a PDF viewer, not some shady off-site PDF viewer you got from some advertisements.

    • @deidyomega
      @deidyomega Рік тому +2

      @@outrowed even the built in mac os pdf viewer stores a cache, but i guess we can call them shady too lol

  • @kingi7607
    @kingi7607 2 роки тому +46

    macOS user: Why is my device storage full for no reason?
    Apple: How many files have you printed?

    • @DiegoArmistead
      @DiegoArmistead 2 роки тому +1

      haha

    • @deidyomega
      @deidyomega Рік тому

      it only stores the last 500 by default. Which isn't that much space.

  • @kFY514
    @kFY514 2 роки тому +65

    Like others pointed out, this is likely _not_ exactly forever, it is most likely flushed once in a while. But if you're concerned about it being a security problem, I'd consider trying to mount a ramdisk/tmpfs as `/var/spool/cups`. And maybe some other directories in `/var` as well.

    • @davehugstrees
      @davehugstrees Рік тому +6

      How often is once in a while? I just checked mine and I have files going back a year to when I got the MacBook.

    • @max_208
      @max_208 Рік тому +8

      According to documentation I found it keeps the last 500 prints

    • @thecon_quererarbitraryname6286
      @thecon_quererarbitraryname6286 Рік тому +1

      Or use an OS that's superior on any level like Mint, Ubuntu or Arch... If you're paranoid you can also use tails ...

  • @NebulaHatesWatchdog
    @NebulaHatesWatchdog 2 роки тому +22

    This is just a standard feature of cups. It’s something that happens on linux or any Unix machine that uses cups. Though cups is by apple it’s made for unix in general not macos. I have a print server running cups that I use to wifi enable a few old printers and I’m able to see prints going back years through the web panel.

    • @_framedlife
      @_framedlife Рік тому +1

      Looks like it purges them on arch Linux so it's a config thing in macos

    • @davidmartensson273
      @davidmartensson273 Рік тому

      @@_framedlife Or Arch linux have a job to purge the folder and cups does not by default have that.

  • @MatthewStidham
    @MatthewStidham 2 роки тому +48

    Looks like a general feature of CUPS, which also stores on Linux unless if you specifically tell it not to.

    • @rob.granger
      @rob.granger 2 роки тому +1

      On linux they eventually get cleared out in linux maintenance. But I only managed a bunch of linux servers for years.

    • @tacokoneko
      @tacokoneko 2 роки тому +11

      I use Arch Linux for many years and have not reinstalled. I immediately checked /var/spool/cups on my computer and very interestingly, there are no actually saved images or encoded images of the printed documents, but there _are_ a huge number of metadata files that each contain the _filename_ of the document that was printed, the date it was printed, and the name of the printer used, for every document I've ever printed. For my case this doesn't make a difference because the original documents that I printed are all still stored in standard documents folders elsewhere, but I just thought the difference in behavior is interesting

    • @MattGreek
      @MattGreek 2 роки тому +4

      @@tacokoneko I wonder why that info would be needed. Why does the OS think that that’s something that should be recorded for the short term, let alone the long term? Pretty crazy.

    • @lennyvlaminov9480
      @lennyvlaminov9480 Рік тому

      Great video/content, thx

    • @GabrielM01
      @GabrielM01 Рік тому

      @@MattGreek the OS doesnt think anything, CUPS does and cups is a made by apple

  • @5dful
    @5dful 2 місяці тому

    This saved me. I was able to recover a file I printed but then closed the tab and couldn't get access to again.
    I think that if your concern is privacy, just formatting the OS and then selling your device should do the trick, so this is not a concern but rather a life-saver.

  • @aelaan12
    @aelaan12 2 роки тому +5

    Thanks for posting this, I was unaware. I have made our security forum at work also aware since we have a large deployment of MacOS.

  • @ajfromca
    @ajfromca 2 роки тому +6

    As a MDM administrator this does not directly impact me, at least not yet. However, this is something I absolutely plan on looking in to remediating. This was a very good and incredibly informative video.

  • @richardbennett4365
    @richardbennett4365 2 роки тому +12

    An article was written about this very same point in March 2007, 15 years ago, in Mac OS X Hints. It is nothing new about macOS or Apple or CUPS.

  • @richardbennett4365
    @richardbennett4365 2 роки тому +54

    I think he's mistaken about the timeframe, or it is the case that my macOS Monterey computer is not holding the files of everything I've ever printed. It looks like there some automatic cups server flushing out files older than 60 days. I have certainly printed out files in the winter, spring, and summer of 2022, and these files are not present in /var/spool/cups as of 03 November 2022.

    • @cynodont7391
      @cynodont7391 2 роки тому +14

      On Linux, I see that the /var/spool/cups directory is cleared when I restart the cups service and, as far as I can tell, this is not done by some Linux specific scripts but by cups itself.
      If that works the same on Mac then you should not have any files older than your last reboot. Check your 'uptime'.
      I also noticed that the default value Yes for PreserveJobHistory is documented as «the job history is preserved until the MaxJobs limit is reached». MaxJobs is 500 by default but it could be smaller in your configuration.
      Anyways, «PreserveJobHistory No» should only be needed if you care a lot about the security of your printed files. If your goal is to save disk space because you almost never reboot then a better alternative is probably to use more reasonable settings such as set «PreserveJobHistory 86400» or «MaxJobs 5» . That way, you will keep the ability to restart your old jobs for a while (e.g. after a pager jam or if you decide that you need more copies)

    • @richardbennett4365
      @richardbennett4365 2 роки тому +1

      @@cynodont7391, nice, thoughtful, clear comment. Thanks.

    • @waytospergtherebro
      @waytospergtherebro 2 роки тому

      He's completely full of shit and desperate for internet attention.

    • @toadlguy
      @toadlguy Рік тому

      @@richardbennett4365 Clear, but not correct on MacOS. Rebooting does not clear files.

    • @richardbennett4365
      @richardbennett4365 Рік тому

      @@toadlguy, okay.

  • @crowlsyong
    @crowlsyong 2 роки тому +2

    wow this is wild. Thanks for the heads up. Have a great day!

  • @pipeliner8969
    @pipeliner8969 2 роки тому +7

    great to see you making videos on UA-cam again!

  • @Bruna.cianam
    @Bruna.cianam 2 роки тому +14

    GREAT THANK YOU. I found a old ETH paper wallet with $920.90 on it.

    • @sunknudsen
      @sunknudsen  2 роки тому +5

      No way haha… lost printed paper backup?

    • @HappySlappyFace
      @HappySlappyFace 2 роки тому +11

      This is probably the only person that benefited from this weird default value

    • @seantiz
      @seantiz 2 роки тому +2

      No he didn’t.

    • @joshroolf1966
      @joshroolf1966 Рік тому

      I want to believe!!!🤞🤞🤞🙊🙈🙉💛🧡💚💚💚
      Come on super psychic human network of mutually beneficial serendipitous awesomeness..:::💎⚡

    • @Bruna.cianam
      @Bruna.cianam Рік тому

      @@sunknudsen i bought some eth a long time ago (like 90€) and forgot about it. With your trick I found the old paper wallet.

  • @freesoftwaretalk
    @freesoftwaretalk 2 роки тому +7

    A little workaround could be to use a small RAM-drive and make that the storage folder... I'm talking from the Linux side here (ah, en please note that in the Linux systems I tested, cups didn't do this crappy behavior... so while the technology is linux based, the settings are completely those of Apple)

  • @borisyeltsin6606
    @borisyeltsin6606 Рік тому +4

    I remember being DEVASTATED that my mac had the cups cache disabled out of the box around ~2016 when I desperately needed to reprint a page for a several hunted dollar rebate that expired after I backed out of the page... Of course the company told me that was their policy and couldn't do anything about it 😂
    This is actually a feature some people want, but if you're on linux you need to have the foresight to know about how CUPS work and manually switch it on. This is unfortunately something I learned the hard way, although the potential for chaos is much much worse leaving it on by default

  • @tortysoft
    @tortysoft 2 роки тому +3

    It's not just printed files - I found a 1.5 Gb error log there too. !
    I'm using an M1 machine with Ventura. The date now is Nov 6 2022, the date on one file is Feb 2021 - older than my machine ! So, files were copied over when I upgraded.

  • @mats852
    @mats852 2 роки тому +12

    I can confirm that I have files as old as my computer in there. This is pretty bad. Thanks for sharing!

    • @sunknudsen
      @sunknudsen  2 роки тому +3

      Thanks for sharing and pleasure!

    • @grkxkosta3396
      @grkxkosta3396 7 місяців тому

      Can i view files in there. I need to retrieve the last thing I printed.

  • @boelwerkr
    @boelwerkr Рік тому

    Nearly all USB and many of the network printer have a parallel port emulation. But the problem with that is that you have to know the printer specific commands to switch from Text-print to graphical print and then have to know the supported image formats. It's easier with network printers. They always have a cups compatible net interface that can be addressed directly. All you need is the cups client libs.
    And I've tried printing binary backups many years ago by designing a custom font that could be scanned in easily. But it never worked reliably, and the scanning was always the problem. That was 25 years ago and I only had an "hand-scanner" you have to drag over the paper. I gave up on it when i switched from my Atari ST to an IBM-PC and Linux.

  • @MinghuiChen
    @MinghuiChen 2 роки тому +8

    Hi Sun, welcome back! Do you think we should update to iOS16 for privacy and security standpoint? Can you create a content for that?

    • @sunknudsen
      @sunknudsen  2 роки тому +10

      Will likely publish about iOS16 and macOS Ventura… that said, haven’t upgraded yet (except macOS on one lab computer as seen in episode).

  • @rrspille
    @rrspille 2 роки тому +2

    That's normal for cups and not a mac issue. I have enabled the cups interface (cupsctl WebInterface=yes) and can see all of my jobs and printers (localhost:631/jobs)

  • @surrealchemist
    @surrealchemist Рік тому +3

    I have seen this kind of thing in our office via a network printer. Sensitive files with private information just left laying around on a drive that is on the network because people were printing.

  • @martinlutherkingjr.5582
    @martinlutherkingjr.5582 4 дні тому +1

    What printer do you recommend where the printer doesn’t have a chance of storing information about what is printed at or close to a data forensic level. I’m not talking about the computer storing it, I’m talking about the printer potentially secretly or inadvertently storing data of what was printed.

  • @ayushsinghkatiyar3130
    @ayushsinghkatiyar3130 2 роки тому +1

    Will have to check for windows too and this made me think why they cache it .Btw thanks for the informative video

  • @MRMsysdotnet
    @MRMsysdotnet 2 роки тому +11

    I’m at a loss as to why this is a big deal in the era of modern OSes which use full disk encryption (FDE) by default. One would simply assume that all kinds of cached bits of sensitive material are going to end up all over the place with normal activity, however this doesn’t in any way mean that it is somehow at risk of unauthorized access due to the access controls and encryption. In fact, when one deletes those cache files on an SSD, the actual underlying physical structure of the data is in NO WAY altered, and without the default use of FDE would be easily readable by a third party, however it just isn’t so these days because of that encryption layer. Much ado about absolutely nothing.

    • @svampebob007
      @svampebob007 2 роки тому +2

      that's exactly what I was thinking, is that some kind of 5 minute craft "life hack" video or a security researcher providing a professional service like "I made a script that clears your spool folder? Am I going to tell him about emails or are you?
      As a security researcher you shouldn't really be recommending macs for your clients, as an IT consultant you should recommend what ever the client can afford, rich lawyers can afford macs so that's going to work super well for the 99% of people that don't know that there's other folders other then "My desktop, My documents, Pictures... "computer stuff""
      The 0.1% that knows how to use a computer should not be working with those files, rather they should be part of the IT staff.
      If you really didn't wanted that info to be stored on a machine that shouldn't have that document for more then the job, then you should have the client connect to a machine that is authorized to print and view such documents, that way you can control when ever the client can or can not view the information, if anybody got hold of their machine you could revoke that privilege, better yet you should set it up so that the client HAS to get permission every single time they want to interact with the data, that way you can keep track of how the data is being used.... basically don't hire a "police IT" department because they always lose critical information like that.
      This video could have been summed up in a 3 minutes notepad.exe video with some emo music back in 2009
      "Hi
      Today I'm going to show
      [scrools down]
      You how to...."
      Please like, share and subscribe to randomkid007"

    • @davehugstrees
      @davehugstrees Рік тому

      Because we keep running out memory on our hard drives due to mysterious "System" files that can't be deleted. By your logic we should never delete our cache or our browser history. Let's just fill up our hard drives with useless data.

    • @MRMsysdotnet
      @MRMsysdotnet Рік тому

      @Dave if this is occurring in your setup then that is a separate issue, my comment was only in relation to the supposed security risks the video brought up (which are not real under a modern OS)

    • @davehugstrees
      @davehugstrees Рік тому +3

      @@MRMsysdotnet The main security risk is that people are unaware their computer is storing everything they have printed. Very concerning if you share your computer or run third-party apps that are not entirely trustworthy. Full disclosure needs to be given to the user that their files are surreptitiously stored in a location they aren't aware of, so they can take further precautions if necessary.

    • @boltinabottle6307
      @boltinabottle6307 Рік тому

      @@davehugstrees In my experience, it's almost always Outlook bloat that fills up Macs in a corporate/work setting. Outlook for MacOS doesn't let you specify a maximum local storage (it can be done, but it's not a simple setting like in the Windows version). You can use daisy disk utility to get detailed information about what's eating up your storage on mac. You wouldn't know it was Outlook without this a 3rd party program. I've seen Outlook use 180GB of a 256GB drive.

  • @silent6597
    @silent6597 Рік тому +1

    about your question: CUPS itself needs to first write to disk in order to work with the task as far as I know. But! you're asking for macos which is able to spin up a ram disk without installing extra packages. afaik cups can use another folder, maybe you could spin up a ram disk via script every boot, use this as spool location and destroy the ram disk automaticly by shutdown.
    I guess your argument is the forensical traces left on the harddrive even when "deleted". getting those from ram should be more hard if ever possible.

    • @sunknudsen
      @sunknudsen  Рік тому

      Great feedback… have to look into RAM disks.

    • @sunknudsen
      @sunknudsen  Рік тому

      If ever you put together a reliable RAM disk implementation on macOS, please submit PR on github.com/sunknudsen/privacy-guides.

  • @cbedry
    @cbedry Рік тому

    Im curious if this is also true for scanning from a printer. would a copy of what you scanned be saved in this directory as well? Or would it be a different directory and different job history setting?

  • @billeterk
    @billeterk 2 роки тому +5

    Funny this used to not be the case. I’ve manually turned it on (my preference on my laptops) at least twice in earlier OS X versions!

  • @grahamf695
    @grahamf695 2 роки тому +3

    Interesting video, thanks. I’m surprised that you are using command line instead of Finder, which is so much more user friendly. Are these files viewable in Finder?

    • @sunknudsen
      @sunknudsen  2 роки тому +3

      Pleasure… directory is not accessible through Finder given it requires root privileges.

    • @grahamf695
      @grahamf695 2 роки тому +1

      @@sunknudsen that’s helpful, thanks.

  • @dguy-xk4fc
    @dguy-xk4fc Рік тому

    Hey Sun, Thank you for the video. I was trying to recover a file on my mac that i do see in the completed Print Jobs list. I tried the method you showed on ventura 13.5.1 but not get it to the desktop. My 2 questions: did they patch this in the new version? Does it maybe not work of the original file was deleted? Would be great to recover this file..!

  • @mavlnt
    @mavlnt Рік тому

    just checked my macbook, my social security number was in a large majority of them so this was actually helpful LOL

  • @Don_XII
    @Don_XII 2 роки тому +1

    what is your daily driver m1 or still using mid 2015 macbook pro?

    • @sunknudsen
      @sunknudsen  2 роки тому +3

      I switched to a M1 MacBook Air a while back… amazing computer except for limited ports and single external display connectivity.

  • @jadhavanchi
    @jadhavanchi Рік тому +1

    Most printers nowadays do not print unless you are connected to the Internet. Which means there is good possibility that anything printed is routed via the company servers and recorded for future analysis. How could one securely print something with the confidence that the print data does not leak outside the computer and the printer? for e.g. it could be someone's crypto wallet private keys.

  • @kreuner11
    @kreuner11 2 роки тому +3

    Does this affect CUPS printing on Linux

  • @sophiegadoury
    @sophiegadoury 2 роки тому +2

    Superbacked 😮🎉

  • @SneedusFeedus
    @SneedusFeedus Рік тому

    PreserveJobHistory in the cupsd conf file is not present in Big Sur

  • @excessiveanalysis2982
    @excessiveanalysis2982 Рік тому

    [ Re-comment as my first one got deleted after I linked wikipedia lol ]
    Most laser printers will apply ‘tiny’ (Usually around 0.1 millimeters, however the size can vary widely from manufacturer to manufacturer) yellow dots to the paper while printing.
    These are usually called Machine Identification Codes or Printer Steganography
    By ‘reading’ the encoded data (Which can be a pain as the specifications are not public, requiring us to basically ‘reverse engineer’ the encoding system) you can find information like the printer model and printer manufacturer.
    Now, I would link wikipedia, however youtube apparently doesn’t like it when we add links.

  • @Life4YourGames
    @Life4YourGames Рік тому

    Might be possible to mount this directory as a RAM disk mount. That way it will be volatile and clean itself upon reboot.
    But that also sounds overkill if you can just turn off the history.
    Btw. files that need to be printed absolutely need to be cached. Many drivers do this using RAM but Cups might be coded to use this FS cache to preserve memory or sth. along those lines.

  • @mbaysek
    @mbaysek Рік тому

    I am a system developer and was fascinated with your video. MacOS does rely on subsystems like CUPS, the Common Unix Printing System. I believe I have a solution which guarantees your temporary file will never be written to the flash media. You seemed concerned that the hardware of flash media may not be secure even for temporary files. My solution ensures the data never gets written to the flash. Maybe you already solved this problem, but if not, please contact me and we can meet to discuss.

  • @benf101
    @benf101 Рік тому

    On a somewhat related note, I've always wondered why printer companies were so eager to get me to "recycle" my old toner cartridges by sending it back to them. It has always made me suspicious of them storing data in those things. Maybe I'm paranoid but it never made sense to me.

  • @VamosViverFora
    @VamosViverFora Рік тому

    Windows 11 as well. It has a keylogger as well.

  • @richiebtcrich7846
    @richiebtcrich7846 2 роки тому +2

    Nice Find ! I wonder if Apple knows this is the default ?

  • @redwaller1
    @redwaller1 2 роки тому +4

    This evidently applies to Linux too.

  • @staticyrro
    @staticyrro 2 роки тому +2

    According to cupsd.conf(5) the default value of PreserveJobFiles is 86400, which causes job files to be preserved for 24 hours. Not forever.

    • @sunknudsen
      @sunknudsen  2 роки тому

      Thanks for sharing… have you checked on your Mac is that default is actually used?

    • @lizardspock4746
      @lizardspock4746 2 роки тому +1

      On my machine the files in the cups folder go all the way back to the day I got the computer which was 11/7/2021 (16" Macbook Pro 2021). So at this point it has not purged for over a year. I have not changed any settings related to this.

    • @staticyrro
      @staticyrro 2 роки тому

      @@lizardspock4746 Assuming you're up to date I would report this to Apple !

    • @aypfvn
      @aypfvn Рік тому

      @@staticyrro The saved copies in /var/spool/cups seem to be controlled by PreserveJobHistory (defaults to Yes, up to 500 jobs), not PreserveJobFiles.

    • @staticyrro
      @staticyrro Рік тому

      @@aypfvn PreserveJobHistory controls the preservation of control files (job metadata). Preservation of the actual job data is controlled by PreserveJobFiles.

  • @grkxkosta3396
    @grkxkosta3396 7 місяців тому

    This will get lost but worth a shot. How do I retrieve the files I've printed? The last thing I printed is needed. I tried to copy to desktop but it showed file not found. I used the print history to get the file name. Is there a way to view all the contents inside the file?

  • @josueyuman7990
    @josueyuman7990 2 роки тому +3

    Hello Sun, I use Linux, does this apply to Linux using cups, and if it does, this commands apply to Linux as well?

    • @sunknudsen
      @sunknudsen  2 роки тому +1

      Not sure about Linux… my gut feeling is Linux would clear cache once printing jobs complete. Does path exist on your system?

    • @NoahElRhandour
      @NoahElRhandour 2 роки тому +1

      @Josué Yuman if possible mention me in your answere to Sun im curious!!!

  • @ooglek
    @ooglek Рік тому

    Strangely on 13.3.1 (a) I checked /var/spool/cups, and while I have found the c* files, there are NOT any d* files, and the c* files are all about 2-5KB in size, and just contain metadata, not the actual file.
    Now, I haven't printed recently, so maybe it sticks around there for a few hours/days, but not forever.
    The c* files do seem to though, I have one going back to Jan 19, 2022. How long have you waited to see if the d* files disappear?

  • @justgivemethetruth
    @justgivemethetruth 2 роки тому +1

    For regular users /var/spool/cups does not have read permissions.
    Is that a new bug or something? I print a lot and I have nothing in there. Try rebooting your machine and seeing if it does not get cleared out.

    • @sunknudsen
      @sunknudsen  2 роки тому

      I believe /var/spool/cups requires root privileges by design which is great for security. Tried rebooting computer and files are still there. Could others corroborate this?

  • @samuelgunter
    @samuelgunter 2 роки тому +5

    I wonder why it's on by default, that just wastes storage space. I can't think of a good reason for this to even be enabled , though there definitely are reasons

    • @erikskywalker5331
      @erikskywalker5331 2 роки тому

      Government agencies like backdoor options to destroy people's lives.

  • @JamieWardHD
    @JamieWardHD Рік тому

    Where is this folder located? I know you showed the path, but I don't know how to get there. Can it be seen in finder?

  • @MyurrDurr
    @MyurrDurr Рік тому

    Would this also apply to Linux? Since that also uses CUPS for printing

  • @crystalh4522
    @crystalh4522 6 місяців тому

    How do I open the windows to see the var/spool/cups? I'm confused as to how to view this.

  • @charlesthompson3959
    @charlesthompson3959 7 місяців тому

    an update for macOS Sonoma?

  • @motokohondamusic
    @motokohondamusic Рік тому

    So in another words, I can recover some printed jobs I didn't save as an PDF on my computer ? I need to recover some older printed jobs (from a month ago), how can I find those files ?

  • @randomfurrymanintheinternet

    imagine if he puts a rickroll link on the qr code and someone scans it lmao

  • @nat119
    @nat119 2 роки тому +1

    Hey Sun, can this be applied on Catalina also?

    • @sunknudsen
      @sunknudsen  2 роки тому +1

      Good question… if you see a bunch of files in “/var/spool/cups”, likely yes.

    • @euden_yt
      @euden_yt 2 роки тому

      I tried but the folders are very hidden 'sudo cd' does nothing. You have to first display hidden files, then authorize that you can open the folder, which requires entering your password/touchID. Once inside the folder there's files without extension, those that begin with 'd0-' are the files you have printed, copy them then guess which format they were originally. Only the lasts prints are there, no idea what triggers the suppression.
      Honestly, can it be called security issue?

  • @albertcamus6249
    @albertcamus6249 2 роки тому +1

    Is there any way to undo the changes made in the terminal?, in case there are problems in the future. Thanks and best regards Sun!

    • @sunknudsen
      @sunknudsen  2 роки тому +3

      Good question… yes… I will add steps to remove patch to guide when a have spare time. Stay tuned!

    • @sunknudsen
      @sunknudsen  2 роки тому +1

      Done 👉 sunknudsen.com/privacy-guides/how-to-disable-cups-pinter-job-history-on-macos#want-things-back-the-way-they-were-before-following-this-guide-no-problem

    • @albertcamus6249
      @albertcamus6249 2 роки тому

      @@sunknudsen Thanks!!

  • @maxstuffnet
    @maxstuffnet 2 роки тому

    You create create a ramdisk with rclone and then create a symlink

  • @VolkerHett
    @VolkerHett 2 роки тому

    CUPS originated at Apple and Apple Inc is still the maintainer. On my Macs the spool directory is empty besides some printer information and PPS files for the old Dell 1760 Laser I once had.

  • @Ziggurat1
    @Ziggurat1 Рік тому

    Cups actually is an apple application, then we on Linux get to use it as well, not the other way around

  • @silent6597
    @silent6597 Рік тому

    nice video though, but as a linux and more or less administrator. But i feel the urge to get some basic context to it. Storing cache while printing and beyond documented default behavior of cups but netherless good that someone speaks about it as macOS does not inform about infinite storaging. this kind of script - more/less just the values stored in the cupsd.conf are delivered to every device we deploy, just to make sure that no prints stay on the device.

  • @farreach84
    @farreach84 Рік тому

    Interesting🤔 I own photo studio and I daily print at least one image per day and wonder if the files cumulatively ate up disk space

  • @galaxybrainnews9772
    @galaxybrainnews9772 Рік тому

    relocate cups to a ram drive?

  • @swizzler
    @swizzler 2 роки тому

    I'm confused at what i'd be paying for with this superbacked thing. at first I was excited that it was finally high-density backup storage, as I had been looking for a format that could store larger amounts of data on physical paper to store things like house blueprints, physically within a house, but looking at the site and the use cases... it's just a QR code with max redundancy.

    • @sunknudsen
      @sunknudsen  2 роки тому

      Hey, there is a hard limit at how much data can be stored within a single QR code… Superbacked also encrypt data using one or two layers of encryption (two for distributed backups) which uses some of that space and adds a layer of plausible deniability which uses significant space ( see github.com/sunknudsen/blockcrypt ). As a result, one can store the equivalent following comment in text.

    • @sunknudsen
      @sunknudsen  2 роки тому

      Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut sem nulla pharetra diam sit amet nisl. Quam adipiscing vitae proin sagittis nisl rhoncus mattis rhoncus. Aliquam ultrices sagittis orci a scelerisque purus semper eget. Arcu cursus vitae congue mauris rhoncus aenean. Sed adipiscing diam donec adipiscing tristique risus nec. Vulputate eu scelerisque felis imperdiet proin fermentum leo. Eleifend donec pretium vulputate sapien nec sagittis. Vestibulum lorem sed risus ultricies tristique nulla aliquet enim tortor. Sed nisi lacus sed viverra.
      Consectetur libero id faucibus nisl tincidunt eget nullam. Nunc mi ipsum faucibus vitae aliquet. Orci phasellus egestas tellus rutrum tellus pellentesque eu tincidunt tortor. Platea dictumst quisque sagittis purus sit amet. Placerat duis ultricies lacus sed turpis. A diam maecenas sed enim ut sem viverra aliquet. Ac turpis egestas sed tempus urna. Blandit aliquam etiam erat velit. Amet facilisis magna etiam tempor orci. Ultrices sagittis orci a scelerisque. Id faucibus nisl tincidunt eget nullam non nisi est sit. Facilisis mauris sit amet massa vitae tortor condimentum. Lacus luctus accumsan tortor posuere ac ut. Purus in massa tempor nec feugiat nisl pretium. Laoreet id donec ultrices tincidunt arcu non sodales. Enim nunc faucibus a pellentesque.

    • @sunknudsen
      @sunknudsen  2 роки тому

      Enough to hold many secrets which can be used to encrypt data stored in the cloud.

    • @TheJacklikesvideos
      @TheJacklikesvideos Рік тому

      i just ran that through a latin translator and it was a trip.

  • @albertcamus6249
    @albertcamus6249 2 роки тому +2

    When I copy some of the files to the desktop they cannot be opened, they are pdfs of a few kilobytes. Is it still dangerous to delete these files inside cup?

    • @sunknudsen
      @sunknudsen  2 роки тому +1

      Did you append .pdf file extension? Yes, files can be purged by running “cancel -a -x”.

    • @albertcamus6249
      @albertcamus6249 2 роки тому +1

      @@sunknudsen Yes, I add the pdf extension. Thanks!!

  • @StefanoAgrotis
    @StefanoAgrotis Рік тому

    This is CUPS being CUPS

  • @ArtyomGalstyan
    @ArtyomGalstyan Рік тому +1

    This is probably done by apple on purpose. I already see how 95% of regular users did not know about this, but cops probably do know...

  • @WagnerBrahm
    @WagnerBrahm 2 роки тому +1

    Same here and the CleanMyMac X doesn't clean this folder too.

    • @sunknudsen
      @sunknudsen  2 роки тому +2

      Likely because folder requires root privileges…

  • @ImSkye
    @ImSkye 2 роки тому +2

    This is why a lot of companies have a policy that you can’t wipe your work computer when leaving the company. This allows an employer to see if an employee has been exfiltrating company secrets with a printer. There is nothing to fix here.

    • @demp11
      @demp11 Рік тому

      It's stupid to say there is nothing to fix when private devices are also affected here. If it's for company security it should only doing this on those company Mac's.

    • @TheJacklikesvideos
      @TheJacklikesvideos Рік тому +1

      the problem in need of fixing is informing the user, which is addressed in part with the making of this video. not being aware of data artifacts is irrefutably a security dilemma.

    • @ImSkye
      @ImSkye Рік тому +2

      @@TheJacklikesvideos by that same token, the user’s failure to read the EULA is not Apple’s fault.

  • @falxie_
    @falxie_ 2 роки тому

    Just noticed that my CUPS on Arch does the same thing

  • @brkbtjunkie
    @brkbtjunkie 2 роки тому +1

    Is this a macOS problem or the common Unix printing system problem though?

    • @sfperalta
      @sfperalta 2 роки тому

      This would definitely by a CUPS issue. According to some threads I've seen, the CUPS author (Michael Sweet) claims this has been fixed, but who knows? I print a fair amount on my Mac running Monterey 12.6.1 and, while there are some PDF files in /var/spool/cups, they're only a few days old, so the claim by this poster that it keeps files "forever" may be a bit of hyperbole.

  • @macktheripper7454
    @macktheripper7454 2 роки тому +9

    You can use Linux on macs now ..I'd recommend that .. none of this stuff surprises me ..great video

    • @kreuner11
      @kreuner11 2 роки тому +2

      This appears to also affect Linux, and probably fixable the same way

    • @lucsoft
      @lucsoft 2 роки тому +5

      It’s a Unix thing so also can effect Linux as cups is also available there

    • @sfperalta
      @sfperalta 2 роки тому +1

      CUPS is CUPS is CUPS whether shipped with macOS or some Linux distro. Assuming the bug is in CUPS (most likely) then switching to some Linux is not going to fix this particular problem.

    • @GHaKKt
      @GHaKKt Рік тому +1

      CUPS isn't always CUPS, CUPS "shipped" with Linux is a Fork of CUPS. And remember, Linux Isn't BSD.. close.. but not exact.

  • @yugen042
    @yugen042 2 роки тому +1

    I'm confused by the fact that you are a privacy and security researcher yet you use a proprietary OS where by definition you can not know what it's doing with your data and what kind of backdoors it might have.

    • @sunknudsen
      @sunknudsen  2 роки тому

      I agree this might be confusing… have you watched ua-cam.com/video/84sCLhy-rw8/v-deo.html

  • @IraeCarvalho
    @IraeCarvalho 2 роки тому

    I've printed family pictures 2 months ago and I have 600Mb of files on /var/spool/cups -- that's pretty bad for apple, feels like an oversight but then again, where is the privacy focused features? there is no reason to waste disk space either

    • @sunknudsen
      @sunknudsen  2 роки тому

      Thanks for sharing… strange hey?

  • @Ro-Bucks
    @Ro-Bucks Рік тому +1

    Most printers do that on their own.

  • @mynameismynameis666
    @mynameismynameis666 Рік тому

    now, that brings up a few questions about for whom apples data recovery really works.

  • @gauravkaushik2822
    @gauravkaushik2822 2 роки тому

    my printer does not have updated drivers so i use linux through UTM so i guess no problem for me

  • @gblargg
    @gblargg 2 роки тому +1

    I remember noticing this in Mac OS a decade ago. I was able to recover something I had lost. But it's an awful feature. What if you're printing sensitive information?

  • @universalvideoes
    @universalvideoes 2 роки тому +1

    oh man! you really look and speak like Ryan Reynold

  • @adonian
    @adonian Рік тому

    Wait… I have a used MacBook Pro. Where is this? I wanna check what they had before. Edit: just to be safe that I don’t have anything I don’t want.

  • @guss2099
    @guss2099 2 роки тому

    There’s another way. 🔨🔨🔨

  • @ronit8067
    @ronit8067 2 роки тому +1

    I have a question, why not use linux as the main operating system instead of mac? I get the preference of mac tho i love mac os (but just up to Catalina )

    • @edrumsense
      @edrumsense 2 роки тому +2

      I'm not sure where... But he already explained thay he uses linux too, but mac is more consumer oriented or something like that, he made a good point, but I can't recall well

    • @sunknudsen
      @sunknudsen  2 роки тому

      Thanks for helping out @EdrumSense… episode is ua-cam.com/video/84sCLhy-rw8/v-deo.html.

    • @Titere05
      @Titere05 2 роки тому +3

      That question has multiple answers, for example, photoshop, vegas, office, and many many more

    • @joshuawalker7054
      @joshuawalker7054 2 роки тому +1

      Linux uses CUPS too.

    • @Cantor214
      @Cantor214 Рік тому

      @Ronit I love the mac os too but just up to Snow leopard.

  • @AWriterWandering
    @AWriterWandering 2 роки тому +1

    Ah, so it stores a grand total of nothing for me

  • @gilbes1139
    @gilbes1139 Рік тому

    Turns out Apple OSes are a security nightmare

  • @southernflatland
    @southernflatland 2 роки тому

    I just gotta point out that UA-cam's closed caption translation is crap, and it totally garbled your website name.
    Sorry but I often watch in simple thumbnail mode while reading closed captioning, my roommate is bothered by the audio which he often doesn't understand.

  • @jarrydlisher5673
    @jarrydlisher5673 2 роки тому +1

    Yeah the print spool, isn't a permanent copy of everything you ever printed. Click bait title, I get it. A simpler solution for you would be to setup the print spool as an in-memory tmpfs mount, this way it will be wiped every time you shutdown.

    • @sunknudsen
      @sunknudsen  2 роки тому +1

      Interesting alternative… have you ever tried implementing it on macOS?

  • @HolowatyVlogs
    @HolowatyVlogs Рік тому

    If you’re a journalist or corporate employee then this may be bad.
    For the end user this is a nothing burger.
    The sheer amount of data-paranoia these days with VPNs and encryption is insane.
    Common sense is to never work with or store critical data on a machine you daily drive.

  • @BobJones-dq9mx
    @BobJones-dq9mx Рік тому

    same and worst with windows

  • @DawsonFord
    @DawsonFord Рік тому

    life hack
    use linux

  • @Mainyehc
    @Mainyehc 2 роки тому

    I knew of the thumbnail issue, but I never suspected macOS would do something so opaque and egregious… Besides the obvious privacy implications, are these files purged if the folder becomes too large? Graphic designers will often print huge .PDF files, so that may also be a concern…
    Regarding Twitter, I’d love to follow you there, but considering just how much more of a dumpster fire it is becoming, I think I’ll pass.

  • @bjarnenilsson80
    @bjarnenilsson80 Рік тому

    So a boorly chocen defauly,oh well thank upu forbtellingbus aboutbit

  • @Hchris101
    @Hchris101 Рік тому

    Sus

  • @PrincessElodie
    @PrincessElodie Рік тому

    No disrespect but you look like the type of person who would use a mac.

    • @sunknudsen
      @sunknudsen  Рік тому +2

      Cool cool… how much of this channel have you watched? Have you stumbled upon the privacy guides reference material? I like to believe I am the type of person who uses the right tool for the job. sunknudsen.com/privacy-guides?search=debian

  • @surplusking2425
    @surplusking2425 2 роки тому

    I cannot understand why people bother about MacOS. Just use Linux and everything will be fine.

    • @euden_yt
      @euden_yt 2 роки тому

      Linux is also affected. The folder does have what you printed but not everything only the latest, secondly you need to override permissions in order to access the folder, which requires to enter your password/touchID. At that point a hacker would be more interested on the rest of your drive than trying to get into that folder.

  • @stephenkamenar
    @stephenkamenar 2 роки тому +1

    the most surprising thing about this video is the fact that someone still uses a mac

    • @macb.631
      @macb.631 2 роки тому

      What do you use?

    • @stephenkamenar
      @stephenkamenar 2 роки тому

      @@macb.631 SerenityOS

    • @jefwesb
      @jefwesb 2 роки тому

      @@stephenkamenar I think you overestimate your average Joe’s interest in operating systems. Most people I know either uses a Mac because they like their iPhone, or has a windows computer because they game or find it cheaper. Very few even know Linux is a thing.

    • @SteveFullerBikes
      @SteveFullerBikes 2 роки тому +4

      Oooohhh. You're so edgy...

  • @cedricbauer2025
    @cedricbauer2025 Рік тому

    He is says he is starting a company and doesn’t know tab Auto complete exists 😂😂

    • @sunknudsen
      @sunknudsen  Рік тому +2

      Hey Cedric, tab completion doesn’t work for root-restricted paths hence why it didn’t work and I had to fallback to copy paste.

  • @loic8939
    @loic8939 2 роки тому

    Couldn't you also symlink /usr/local/sbin/cups to /dev/null?

  • @clothesontheground
    @clothesontheground Рік тому

    "for some reason" - they probably prioritized user experience