Joelika.com

Secure Adium IM Logs

Maybe like me, you’re lucky enough to be able to use a Mac at work. And maybe you’ve been lucky enough to convince your boss to use some type of IM protocol like Jabber so they don’t have send those two word emails that when you read makes your head go, what the?! Then you fire off a reply only to wait 5 hours to get any type of clarification, giving you only 15 minutes to do a job that you should have had all day to do (well, actually, you still get those emails, but that’s besides the point).

If you are so lucky, you might be using an IM client like Adium, that way you can also talk to all your buddies on AIM, GTalk, and whatever else you maybe using while you’re chatting it up on your “lunch break”. Even though you are an upstanding employee and you only talk to your buddies off company time, you probably don’t want your boss or friendly network admin to be able to look up your old IM conversations in your Adium logs. However, you may not necessarily want to turn off logging either, since it does come in handy when you need to look up a previous conversations with your boss to try to figure out what the heck their 2 word email did mean from 3 weeks ago (OK, so occasionally I procrastinate, but who doesn’t?).

Well, what do you do? You could enable Adium’s nice implementation of OTR (Off The Record) encrypted chat, but then you buddies need to be running an IM client that also supports OTR. Plus, Adium still stores your OTR chats as unencrypted text, so even though your IM is sent securely to your buddy, anyone else who gains access to your machine could still read your Adium logs. A better option is to instead save all of your Adium logs to an encrypted disk image that you can either leave on the internal hard drive, or take with you on a USB flash disk. Below I will show you the necessary steps to setup an encrypted disk image for your own Adium Logs.

First, fire up Disk Utility located in your Applications Folder > Utilities. In Disk Utility, goto File > New > Blank Disc Image, and choose a size (I chose 40 MBs, but I’m not a big IMer), Encryption as AES-128, and Format as sparse disk image. You could save it as a read/write disk image, but with a sparse disk image, you can increase the size at a latter date. You can’t do that with a read/write formated disk image.

Disk Utiltiy

Save the Disk Image to your Documents Folder (or onto your USB Flash Drive if you are going that route). As Disk Utility is saving your Disk Image, it will prompt you for a password for the disk image. Choose a good, strong password. Remember, this is all the separates all those kissie faces between you and foxysofine and the rest of your workplace. And do not check the box to add the password to your keychain, that totally defeats the purpose. You need to memorize this one buddy. Deal with it.

Once your disk image has been saved, fire up Script Editor (for Apple Script) located in Applications > AppleScript. Copy and paste in the following Apple Script:

Code (applescript)
  1. tell application "Finder"
  2. set myshell to "hdiutil attach -nobrowse -encryption CEncryptedEncoding ~/Documents/AdiumLogs.sparseimage -mountpoint ~/Logs"
  3. do shell script myshell
  4. end tell

What this Apple Script is doing is invoking a shell command (hdiutil from Apple) to mount your disk image. Now you maybe thinking, why can’t I just double click on it? Well, you could, but then anyone who logs into your Mac via the network will see your new Adium Logs disk image (since it is mounted in /Volumes/), and then they’ll be able to just browse away and read your entire IM conversation (not a good time). Plus, if you just double click on the disk image, it will also place an disk icon on your desktop, which frankly I find annoying. This command will safely mount your disk image into your Home Folder, where it will stay protected, and there won’t be an annoying icon on your desktop either. (Note: If you saved your disk image on a USB Flash Drive, you’ll need to substitute out the “~/Documents/” portion in the Apple Script to “/Volumes/NAME OF YOUR USB DRIVE/NAME OF DISK IMAGE.sparseimage”.)

Now save this Apple Script as an Application Bundle, and place it in your Documents Folder.

If you still have Adium running at this point, you’ll have to quit it. After this, find the Apple Script Application Bundle that you saved out in the step above and double click on it. You should get a password prompt to mount the disk image (again, don’t have your keychain remember it!). The Apple Script should then quit, then if you goto your Home Folder, you should see a new item with what looks like a Network Icon. Congratulations! Your encrypted disk image has been mounted.

Now, we need to move your Adium logs into the encrypted disk image. So goto your Home Folder > Library > Application Support > Adium 2.0 > Users > Default and copy the “Logs” folder into your encrypted disk image (mounted in your Home Directory). After you’ve copied all of your Logs, delete the Log folder from your Adium 2.0 folder.

Now we just need to create a symbolic link so Adium knows where to save, and get your encrypted logs. Open the Terminal (found in Applications > Utilities) and type the following command:

Code (bash)
  1. ln -s ~/Logs/Logs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs

This will create a symbolic link (the Unix equivalent to an alias or shortcut) from the old Adium Log location to your new encrypted disk image. Once this is done, you can relaunch Adium and click on your Chat Transcript viewer to verify that Adium can find all of your logs.

Finally, you can add our Apple Script application bundle to your log in items, so when you log in each morning, your encrypted disk image will mount. You’ll want to make sure that the encrypted disk image is mounted before you launch Adium, or it won’t be able to find your Logs, even if you mount it later. So if you normally have Adium launch at login, and you want to be real crafty, you could add a line to your Apple Script to launch Adium after the encrypted disk image has been mounted.

Log In Items

Now, at the end of the day when you log off your machine, your encrypted Logs disk image will also be unmounted from your Home Folder, protecting all of your IMs from anyone who doesn’t know your password (that’s why it is good to choose a password that is different then your network log in). If by some chance you want to unmount your encrypted logs disk image without logging off, you can issue the following command in the terminal. Just remember to remount the disk image with your Apple Script before using Adium again.

Code (bash)
  1. hdiutil detach ~/Logs

Your logs are now secure! Questions, comments, problems? Post a comment below. Happy IMing!

trackback | permalinkComments Feed

Fritz:

20080109 09:52

Great tip – thanks!

Stef:

20080306 01:50

Question: could you not use this method to secure the entire Adium 2.0 folder and everything in it, including contact lists etc.? This is what I’m trying to do.. I want to put Adium entirely inside an encrypted sparseimage that I mount. If I could place an “alias” in the typical location where Adium looks for its data, and have it point to the sparseimage, that would be a simple fix. But Adium does not work with aliased folders.

joel:

20080306 10:08

Hi Stef,

I don’t see why that wouldn’t be possible. The only thing is you’ll need to create a symbolic link to the Adium 2.0 folder with the ln -s command I explain above.

Usually, an alias created in the Finder doesn’t due the trick, but creating a symbolic link should.

Hopefully this works for you! Good luck!

Stef:

20080317 07:56

Joel:

It did work. Now I just have to decipher from the article how to make the mounted encrypted sparseimage not viewable or mountable from the network.

Cheers and thanks.

hi:

20080321 12:35

The ailas is a little wrong

ln -s ~/Logs/Logs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/Logs

should be:

ln -s ~/Logs/Logs ~/Library/Application\ Support/Adium\ 2.0/Users/Default/

Placing the alias in the ../Default/Logs dir makes it look like a subdirectory to Adium, which (strangely enough) it follows. However it then tries to read the directories containing the logs as if they were the log files themselves. Placing the alias in the ../Default directory corrects this behaviors by replacing the log directory with the link to the encrypted image.

joel:

20080321 03:47

Actually, both syntaxes are correct. In my post, I’m just explicitly giving the symbolic link a name, where your syntax is relying on the name of the parent folder in ~/Logs/Logs. So it is still placing the symbolic link in the “Default” directory, and not creating a “Logs” subdirectory first.

Also, my post deals with just encrypting the “Logs” directory. If you want to encrypt the entire “Default” directory that contains your contact lists and signatures, you can do that too. But like you said, you’ll need to create the symbolic link to point to the “Default” directory in “Users”.

Thanks for the comment! Maybe next time you can give us your real name? πŸ™‚

Tetanus:

20080531 02:05

What would that one line to launch Adium be? Sorry, I’m an Applescript idiot… πŸ˜›

Jonathan:

20080917 03:28

you should make this as an third party plug in πŸ˜‰
cheers!

Carlton:

20090113 06:15

I’m having trouble with getting the script to work with the volume on my USB Hard drive. I get this error:
sh: -c: line 0: syntax error near unexpected token ‘(‘
sh: -c: line 0: ‘hdiutil attach – nobrowse -encryption CEncryptedEncoding /Volumes/Robot (B-9)/ AdiumLogs.sparseimage -mountpoint ~Logs’

What am I doing wrong?

Thanks for any help,

Carlton

joel:

20090114 11:16

Hi Carlton,

You need to escape the parenthesis in your volume name:

hdiutil attach – nobrowse -encryption CEncryptedEncoding /Volumes/Robot \(B-9\)/AdiumLogs.sparseimage -mountpoint ~Logs

Hope that helps!

T:

20090518 02:40

if i execute the bunble it tells me:
“hdiutil: attach failed – Resource busy”

leopard 10.5.6 with iDeneb 1.4 on a hackintosh.

T:

20090518 02:46

nevermind – fixed itself – leopard mounted that image after i typed in the password by itself – just had to eject it and mount it with the boundle πŸ˜‰

thanks for this useful tutorial πŸ˜‰

JonnieCache:

20100509 03:46

Hi there

if anyone is looking to disable logging completely for some contacts but not others, see my post here

http://cleverna.me/#posts=how-to-selectively-disable-logging-for-certain-contacts-in-adium

JC

TnIan:

20100526 07:25

I had no idea about that -mountpoint argument in hdiutil. Awesome. This entire article is super-handy for securing all kinds of stuff in addition to Adium logs. Thanks!

melody:

20110207 01:36

Hi there,

I have a problem at this stage:

“Once your disk image has been saved, fire up Script Editor (for Apple Script) located in Applications > AppleScript. Copy and paste in the following Apple Script:”

my problem is that i couldnt find Script Editor nor AppleScript folder. πŸ™
πŸ™

joel:

20110207 12:29

Hi Melody,

I believe Apple moved it and changed the name in 10.6. Please look in Applications > Utilities > Apple Script Editor.

Hope that helps!

John A:

20111107 03:54

The one liner to launch in applescript is

do shell script “open /Applications/Adium.app”

I’m sure there’s a nicer way to do this like

tell application “Adium”
open
end tell

or something but I didn’t really know a better way.