Decoding the APFS File System Digital Investigation
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Copy on Write Based File Systems Performance Analysis and Implementation
Copy On Write Based File Systems Performance Analysis And Implementation Sakis Kasampalis Kongens Lyngby 2010 IMM-MSC-2010-63 Technical University of Denmark Department Of Informatics Building 321, DK-2800 Kongens Lyngby, Denmark Phone +45 45253351, Fax +45 45882673 [email protected] www.imm.dtu.dk Abstract In this work I am focusing on Copy On Write based file systems. Copy On Write is used on modern file systems for providing (1) metadata and data consistency using transactional semantics, (2) cheap and instant backups using snapshots and clones. This thesis is divided into two main parts. The first part focuses on the design and performance of Copy On Write based file systems. Recent efforts aiming at creating a Copy On Write based file system are ZFS, Btrfs, ext3cow, Hammer, and LLFS. My work focuses only on ZFS and Btrfs, since they support the most advanced features. The main goals of ZFS and Btrfs are to offer a scalable, fault tolerant, and easy to administrate file system. I evaluate the performance and scalability of ZFS and Btrfs. The evaluation includes studying their design and testing their performance and scalability against a set of recommended file system benchmarks. Most computers are already based on multi-core and multiple processor architec- tures. Because of that, the need for using concurrent programming models has increased. Transactions can be very helpful for supporting concurrent program- ming models, which ensure that system updates are consistent. Unfortunately, the majority of operating systems and file systems either do not support trans- actions at all, or they simply do not expose them to the users. -
ZFS (On Linux) Use Your Disks in Best Possible Ways Dobrica Pavlinušić CUC Sys.Track 2013-10-21 What Are We Going to Talk About?
ZFS (on Linux) use your disks in best possible ways Dobrica Pavlinušić http://blog.rot13.org CUC sys.track 2013-10-21 What are we going to talk about? ● ZFS history ● Disks or SSD and for what? ● Installation ● Create pool, filesystem and/or block device ● ARC, L2ARC, ZIL ● snapshots, send/receive ● scrub, disk reliability (smart) ● tuning zfs ● downsides ZFS history 2001 – Development of ZFS started with two engineers at Sun Microsystems. 2005 – Source code was released as part of OpenSolaris. 2006 – Development of FUSE port for Linux started. 2007 – Apple started porting ZFS to Mac OS X. 2008 – A port to FreeBSD was released as part of FreeBSD 7.0. 2008 – Development of a native Linux port started. 2009 – Apple's ZFS project closed. The MacZFS project continued to develop the code. 2010 – OpenSolaris was discontinued, the last release was forked. Further development of ZFS on Solaris was no longer open source. 2010 – illumos was founded as the truly open source successor to OpenSolaris. Development of ZFS continued in the open. Ports of ZFS to other platforms continued porting upstream changes from illumos. 2012 – Feature flags were introduced to replace legacy on-disk version numbers, enabling easier distributed evolution of the ZFS on-disk format to support new features. 2013 – Alongside the stable version of MacZFS, ZFS-OSX used ZFS on Linux as a basis for the next generation of MacZFS. 2013 – The first stable release of ZFS on Linux. 2013 – Official announcement of the OpenZFS project. Terminology ● COW - copy on write ○ doesn’t -
Creationstation ® Guide
SAFARI Montage CreationStation User Guide SAFARI Montage CreationStation® Overview SAFARI Montage CreationStation is an easy-to-use integrated module that enables schools and districts to upload user-created digital content and licensed media to the SAFARI Montage system's Learning Object Repository (LOR). User types granted upload privileges, such as Student with Upload, Teacher with Upload and higher level user types can add items either individually or in bulk. Once uploaded, content can be meta-tagged with information such as a detailed description, relevant grade ranges and year of copyright, uploads can be correlated to curriculum standards and designated for home access, download, etc. Video and audio content can be segmented into chapters and key concepts, each with their own segment descriptions. Flexible Digital Rights Management provides control over the content to ensure that the correct users have access to digital resources. Media and web links uploaded via CreationStation are fully searchable in conjunction with licensed content, providing a wealth of digital resources that are easily accessible and able to be used with other system features for instructional purposes. When used in conjunction with SAFARI Montage WAN Manager, digital resources can be shared with others in the same school as the user who uploaded it, or published to all schools in the district. Student user types have an appropriately limited ability to upload to the SAFARI Montage system through the CreationStation feature, My Locker. To learn more, refer to the following Help topics: Uploading Media into CreationStation Adding and Editing Metadata Searching for Uploaded Content Using Uploaded Content My Locker for Students - CreationStation video tutorial Accessing CreationStation 1 SAFARI_Montage_creation 1. -
Initial Setup of Your IOS Device
1. When you first turn on your iOS device, you'll see a screen displaying Hello in different languages. Slide from left to right anywhere on this screen. 2. Select the language you want your iOS device to use, and then the region in which you'll be using your iOS device. This will affect things such as date, time, and contact formatting. 3. Your iOS device requires an Internet connection to set up. Tap the name of your desired Wi-Fi network to begin device activation. § If you're activating an iPhone or iPad (Wi-Fi + Cellular) with active cellular service, you can instead choose cellular activation. 4. Choose whether to enable Location Services. 5. Set up your iPhone as a new device, from an iCloud backup, or from an iTunes backup. § If restoring from backup, you can learn how to restore your content. 6. Sign in with your Apple ID, which you've created previously, or create a free Apple ID. § Alternatively, you can tap Skip This Step to sign in or create an Apple ID later. § If necessary, learn how to create a free Apple ID: 1. Select your birthday, then tap Next: 2. Enter your first and last name, then tap Next: 3. You can then use either your current email address, or choose to get a free iCloud email address. Select the option you'd like, then tap Next. 4. Enter your current email address, or what you'd like for your iCloud email, then tap Next. 5. Enter what you'd like for your password and tap Next. -
Learn Yosemite OS X from PCM's Apple Experts
Learn Yosemite OS X from PCM’s Apple Experts Yosemite 101: OS X Support Essentials Give PCM the opportunity to train your team to support users of Apple’s Mac OS X Yosemite. Our Apple certified trainers are ready to come to your location and provide PCM’s Apple certified trainers will teach your team Yosemite OS X fundamentals and how to be efficient with you with invaluable Yosemite tools and resources. hands-on instruction. OS X Yosemite Support Essentials is a three-day, Who Should Attend hands-on course that provides an in-depth explo- • Help desk specialists, technical coordinators, ration of troubleshooting on Mac OS X v10.10 Yo- service technicians, and others who support semite. This course is designed to give you a tour Mac users. of the breadth of functionality of Mac OS X v10.10 • Technical support personnel in businesses that Yosemite and the best methods for effectively use Macs. supporting users of Mac OS X v10.10 Yosemite • Technical coordinators or power users who systems. The course is a combination of lectures manage networks of computers running and hands-on case study exercises that provide Mac OS X — such as teachers and technology practical real-world experience. specialists who manage networks or computer labs. At your location For a class at your location, PCM will provide an What You Will Learn Apple Certified Trainer, all the student materials, • The troubleshooting process and how to and an exam voucher for each attendee (up to become more efficient with available tools 6 students included in price). -
11.7 the Windows 2000 File System
830 CASE STUDY 2: WINDOWS 2000 CHAP. 11 11.7 THE WINDOWS 2000 FILE SYSTEM Windows 2000 supports several file systems, the most important of which are FAT-16, FAT-32, and NTFS (NT File System). FAT-16 is the old MS-DOS file system. It uses 16-bit disk addresses, which limits it to disk partitions no larger than 2 GB. FAT-32 uses 32-bit disk addresses and supports disk partitions up to 2 TB. NTFS is a new file system developed specifically for Windows NT and car- ried over to Windows 2000. It uses 64-bit disk addresses and can (theoretically) support disk partitions up to 264 bytes, although other considerations limit it to smaller sizes. Windows 2000 also supports read-only file systems for CD-ROMs and DVDs. It is possible (even common) to have the same running system have access to multiple file system types available at the same time. In this chapter we will treat the NTFS file system because it is a modern file system unencumbered by the need to be fully compatible with the MS-DOS file system, which was based on the CP/M file system designed for 8-inch floppy disks more than 20 years ago. Times have changed and 8-inch floppy disks are not quite state of the art any more. Neither are their file systems. Also, NTFS differs both in user interface and implementation in a number of ways from the UNIX file system, which makes it a good second example to study. NTFS is a large and complex system and space limitations prevent us from covering all of its features, but the material presented below should give a reasonable impression of it. -
Everything You Need to Know About Apple File System for Macos
WHITE PAPER Everything you need to know about Apple File System for macOS Picture it: the ship date for macOS High Sierra has arrived. Sweat drips down your face; your hands shake as you push “upgrade.” How did I get here? What will happen to my policies? Is imaging dead? Fear not, because the move from HFS+ (the current Mac file system) to Apple File System (APFS) with macOS High Sierra is a good thing. And, with this handy guide, you’ll have everything you need to prepare your environment. In short, don’t fear APFS. To see how Jamf Pro can facilitate seamless macOS High Sierra upgrades in your environment, visit: www.jamf.com • After upgrading to macOS High Sierra, end users will Wait, how did we get here? likely see less total space consumed on a volume due to new cloning options. Bonus: End users can store HFS, and the little known MFS, were introduced in 1984 up to nine quintillion files on a single volume. with the original Macintosh. Fast forward 13 years, and • APFS provides us with a new feature called HFS+ served as a major file system upgrade for the Mac. snapshots. Snapshots make backups work more In fact, it was such a robust file system that it’s been the efficiently and offer a new way to revert changes primary file system on Apple devices. That is all about to back to a given point in time. As snapshots evolve change with APFS. and APIs become available, third-party vendors will Nineteen years after HFS+ was rolled out, Apple be able to build new workflows using this feature. -
“Application - File System” Divide with Promises
Bridging the “Application - File System” divide with promises Raja Bala Computer Sciences Department University of Wisconsin, Madison, WI [email protected] Abstract that hook into the file system and the belief that the underlying file system is the best judge File systems today implement a limited set of when it comes to operations with files. Unfor- abstractions and semantics wherein applications tunately, the latter isn’t true, since applications don’t really have much of a say. The generality know more about their behavior and what they of these abstractions tends to curb the application need or do not need from the file system. Cur- performance. In the global world we live in, it seems rently, there is no real mechanism that allows reasonable that applications are treated as first-class the applications to communicate this informa- citizens by the file system layer. tion to the file system and thus have some degree In this project, we take a first step towards that goal of control over the file system functionality. by leveraging promises that applications make to the file system. The promises are then utilized to deliver For example, an application that never ap- a better-tuned and more application-oriented file pends to any of the files it creates has no means system. A very simple promise, called unique-create of conveying this information to the file sys- was implemented, wherein the application vows tem. Most file systems inherently assume that never to create a file with an existing name (in a it is good to preallocate extra blocks to a file, directory) which is then used by the file system so that when it expands, the preallocated blocks to speedup creation time. -
Filesystems HOWTO Filesystems HOWTO Table of Contents Filesystems HOWTO
Filesystems HOWTO Filesystems HOWTO Table of Contents Filesystems HOWTO..........................................................................................................................................1 Martin Hinner < [email protected]>, http://martin.hinner.info............................................................1 1. Introduction..........................................................................................................................................1 2. Volumes...............................................................................................................................................1 3. DOS FAT 12/16/32, VFAT.................................................................................................................2 4. High Performance FileSystem (HPFS)................................................................................................2 5. New Technology FileSystem (NTFS).................................................................................................2 6. Extended filesystems (Ext, Ext2, Ext3)...............................................................................................2 7. Macintosh Hierarchical Filesystem − HFS..........................................................................................3 8. ISO 9660 − CD−ROM filesystem.......................................................................................................3 9. Other filesystems.................................................................................................................................3 -
Security Analysis and Decryption of Lion Full Disk Encryption
Infiltrate the Vault: Security Analysis and Decryption of Lion Full Disk Encryption Omar Choudary Felix Grobert¨ ∗ Joachim Metz ∗ University of Cambridge [email protected] [email protected] [email protected] Abstract 1 Introduction Since the launch of Mac OS X 10.7, also known as Lion, With the launch of Mac OS X 10.7 (Lion), Apple has Apple includes a volume encryption software named introduced a volume encryption mechanism known as FileVault 2 [8] in their operating system. While the pre- FileVault 2. Apple only disclosed marketing aspects of vious version of FileVault (introduced with Mac OS X the closed-source software, e.g. its use of the AES-XTS 10.3) only encrypted the home folder, FileVault 2 can en- tweakable encryption, but a publicly available security crypt the entire volume containing the operating system evaluation and detailed description was unavailable until (this is commonly referred to as full disk encryption). now. This has two major implications: first, there is now a new functional layer between the encrypted volume and We have performed an extensive analysis of the original file system (typically a version of HFS Plus). FileVault 2 and we have been able to find all the This new functional layer is actually a full volume man- algorithms and parameters needed to successfully read ager which Apple called CoreStorage [10] Although this an encrypted volume. This allows us to perform forensic full volume manager could be used for more than volume investigations on encrypted volumes using our own encryption (e.g. mirroring, snapshots or online storage tools. -
Apple TV Management
WHITE PAPER Apple TV Management Moving education forward If you think Apple TV devices are just for entertainment, think again. In a recent Jamf Nation survey, 99 percent of the 502 school respondents report leveraging Apple TV devices in their education institution, and for good reason. They enable wireless sharing without the need for adapters, and they make the classroom a more collaborative and engaging learning environment. Apple TV is also applicable outside the classroom. But until recently, they haven’t necessarily been easy to set up and manage. That all changed with tvOS 10.2, which recently became available with all fourth-generation Apple TV devices. IN THIS WHITE PAPER, LEARN: • Why Apple TV matters for education. • How to make set up and management easy with mobile device management. • How to leverage Apple TV beyond the classroom. Why Apple TV for education Like Mac and iPad, Apple TV is a powerful tool for educators. Twenty-three percent of schools surveyed about their Apple TV usage have 51-100 Apple TV devices, with a further 23 percent citing 101-500 TV devices. From promoting interaction and collaboration to fitting seamlessly within the Apple ecosystem, the use cases and benefits are vast. Before expanding on these, let’s examine three core Apple TV fundamentals that are key to its appeal. GOODBYE DONGLES. HELLO AIRPLAY. AIRPLAY FOR NON-APPLE DEVICES AirPlay is a wireless streaming technology. Introduced While AirPlay is built into all Apple devices, Apple in 2004, it eliminates the need for display adapters, TV works with common non-Apple platforms and changing the way presentations are delivered and devices, such as Windows and Chromebook. -
Episode Engine User’S Guide
Note on License The accompanying Software is licensed and may not be distributed without writ- ten permission. Disclaimer The contents of this document are subject to revision without notice due to con- tinued progress in methodology, design, and manufacturing. Telestream shall have no liability for any error or damages of any kind resulting from the use of this doc- ument and/or software. The Software may contain errors and is not designed or intended for use in on-line facilities, aircraft navigation or communications systems, air traffic control, direct life support machines, or weapons systems (“High Risk Activities”) in which the failure of the Software would lead directly to death, personal injury or severe physical or environmental damage. You represent and warrant to Telestream that you will not use, distribute, or license the Software for High Risk Activities. Export Regulations. Software, including technical data, is subject to Swedish export control laws, and its associated regulations, and may be subject to export or import regulations in other countries. You agree to comply strictly with all such regulations and acknowledge that you have the responsibility to obtain licenses to export, re-export, or import Software. Copyright Statement ©Telestream, Inc, 2010 All rights reserved. No part of this document may be copied or distributed. This document is part of the software product and, as such, is part of the license agreement governing the software. So are any other parts of the software product, such as packaging and distribution media. The information in this document may be changed without prior notice and does not represent a commitment on the part of Telestream.