Is there any way to check the SSD of a MacOS in binary / hexadecimal?












1















Macs are based on UNIX as far as I know. Thereby I was wondering if there was any way of checking the entire content of the SSD of a macOS in binary or in hexadecimal.



EDIT: I know about xxd and such other tools available however I was looking for a way out which essentially bypasses the security (SIP) as mentioned in an answer below.






macos ssd unix







share|improve this question





























    1















    Macs are based on UNIX as far as I know. Thereby I was wondering if there was any way of checking the entire content of the SSD of a macOS in binary or in hexadecimal.



    EDIT: I know about xxd and such other tools available however I was looking for a way out which essentially bypasses the security (SIP) as mentioned in an answer below.






    macos ssd unix







    share|improve this question



























      1












      1








      1








      Macs are based on UNIX as far as I know. Thereby I was wondering if there was any way of checking the entire content of the SSD of a macOS in binary or in hexadecimal.



      EDIT: I know about xxd and such other tools available however I was looking for a way out which essentially bypasses the security (SIP) as mentioned in an answer below.






      macos ssd unix







      share|improve this question
















      Macs are based on UNIX as far as I know. Thereby I was wondering if there was any way of checking the entire content of the SSD of a macOS in binary or in hexadecimal.



      EDIT: I know about xxd and such other tools available however I was looking for a way out which essentially bypasses the security (SIP) as mentioned in an answer below.






      macos ssd unix




      macos ssd unix






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Dec 17 '18 at 12:33







      Anonymous Developer

















      asked Dec 17 '18 at 6:07









      Anonymous DeveloperAnonymous Developer

      85




      85






















          1 Answer
          1






          active

          oldest

          votes


















          0














          hexdump and xxd are available in macOS. Direct access to /dev/disk0 is blocked by the System Integrity Protection (SIP) on newer macOS, you'll have to disable it.



          Also see this question.






          share|improve this answer
























          • thanks for the answer, however I was looking for a different approach :)

            – Anonymous Developer
            Dec 17 '18 at 12:33











          • If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

            – dirkt
            Dec 17 '18 at 13:17











          • interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

            – Anonymous Developer
            Dec 18 '18 at 7:48











          • If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

            – dirkt
            Dec 18 '18 at 8:33











          • Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

            – Anonymous Developer
            Dec 18 '18 at 9:24











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1385149%2fis-there-any-way-to-check-the-ssd-of-a-macos-in-binary-hexadecimal%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          0














          hexdump and xxd are available in macOS. Direct access to /dev/disk0 is blocked by the System Integrity Protection (SIP) on newer macOS, you'll have to disable it.



          Also see this question.






          share|improve this answer
























          • thanks for the answer, however I was looking for a different approach :)

            – Anonymous Developer
            Dec 17 '18 at 12:33











          • If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

            – dirkt
            Dec 17 '18 at 13:17











          • interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

            – Anonymous Developer
            Dec 18 '18 at 7:48











          • If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

            – dirkt
            Dec 18 '18 at 8:33











          • Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

            – Anonymous Developer
            Dec 18 '18 at 9:24
















          0














          hexdump and xxd are available in macOS. Direct access to /dev/disk0 is blocked by the System Integrity Protection (SIP) on newer macOS, you'll have to disable it.



          Also see this question.






          share|improve this answer
























          • thanks for the answer, however I was looking for a different approach :)

            – Anonymous Developer
            Dec 17 '18 at 12:33











          • If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

            – dirkt
            Dec 17 '18 at 13:17











          • interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

            – Anonymous Developer
            Dec 18 '18 at 7:48











          • If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

            – dirkt
            Dec 18 '18 at 8:33











          • Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

            – Anonymous Developer
            Dec 18 '18 at 9:24














          0












          0








          0







          hexdump and xxd are available in macOS. Direct access to /dev/disk0 is blocked by the System Integrity Protection (SIP) on newer macOS, you'll have to disable it.



          Also see this question.






          share|improve this answer













          hexdump and xxd are available in macOS. Direct access to /dev/disk0 is blocked by the System Integrity Protection (SIP) on newer macOS, you'll have to disable it.



          Also see this question.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Dec 17 '18 at 9:19









          dirktdirkt

          9,15731221




          9,15731221













          • thanks for the answer, however I was looking for a different approach :)

            – Anonymous Developer
            Dec 17 '18 at 12:33











          • If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

            – dirkt
            Dec 17 '18 at 13:17











          • interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

            – Anonymous Developer
            Dec 18 '18 at 7:48











          • If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

            – dirkt
            Dec 18 '18 at 8:33











          • Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

            – Anonymous Developer
            Dec 18 '18 at 9:24



















          • thanks for the answer, however I was looking for a different approach :)

            – Anonymous Developer
            Dec 17 '18 at 12:33











          • If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

            – dirkt
            Dec 17 '18 at 13:17











          • interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

            – Anonymous Developer
            Dec 18 '18 at 7:48











          • If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

            – dirkt
            Dec 18 '18 at 8:33











          • Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

            – Anonymous Developer
            Dec 18 '18 at 9:24

















          thanks for the answer, however I was looking for a different approach :)

          – Anonymous Developer
          Dec 17 '18 at 12:33





          thanks for the answer, however I was looking for a different approach :)

          – Anonymous Developer
          Dec 17 '18 at 12:33













          If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

          – dirkt
          Dec 17 '18 at 13:17





          If you could just bypass the security, it wouldn't be particularly secure... "based on Unix" (BSD, actually) doesn't help with that, the people who added SIP are very aware of this.

          – dirkt
          Dec 17 '18 at 13:17













          interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

          – Anonymous Developer
          Dec 18 '18 at 7:48





          interesting...as I expected! Anyway you mind going a bit more deep into it? would there be anyway to physically get data out of the drive? as at the last it's just "hardware" so maybe we could look at the binaries and decode the file. I believe that if we could get hold of the entire SSD data even if encrypted would suffice. As there definitely would be some particular space that would hold the encryption key as well. @dirkt

          – Anonymous Developer
          Dec 18 '18 at 7:48













          If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

          – dirkt
          Dec 18 '18 at 8:33





          If you can get physical access to the SSD (take it out, connect it to a different computer) you can always get at the whole data. However, that's not (easily) possible e.g. on newer macbooks; the SSD is part of the motherboard. I haven't looked at the details of SIP, but with e.g. the T2 chip and TPM, they can in principle block access to the SSD, even if you try to access the "hardware" (SSD controller) directly. Encryption is irrelevant for that. But at the moment, it's (still) easy to disable SIP...

          – dirkt
          Dec 18 '18 at 8:33













          Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

          – Anonymous Developer
          Dec 18 '18 at 9:24





          Thanks for the support :) it was really helpful. So basically although it's tough to get the hardware out but still if one manages then it can be read/decyphered. that's pretty cool. I guess that's why FBI and other agencies have problem extracting data from recovered ios devices (If it's complicated for a PC then it's super complicated for a tiny iphone). Thanks!

          – Anonymous Developer
          Dec 18 '18 at 9:24


















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1385149%2fis-there-any-way-to-check-the-ssd-of-a-macos-in-binary-hexadecimal%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Сан-Квентин

          Image
          Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но...
          Read more

          8-я гвардейская общевойсковая армия

          Image
          8-я гвардейская общевойсковая ордена Ленина армия Награды: Войска: РККА → Советская армия → СВ России Род войск: Формирование: 1943 Расформирование (преобразование): 1992 Предшественник: 62-я армия (1942—43) → 8-я гвардейская общевойсковая армия (1943—92) → 8-й гвардейский армейский корпус (1992—98) Боевой путь Изюм-Барвенковская операция Донбасская операция Запорожская операция Битва за Днепр Днепропетровская операция Березнеговато-Снигирёвская операция Одесская операция Люблин-Брестская операция Варшавско-Познанская операция Восточно-Померанская операция Берлинская наступательная операция У этого термина существуют и другие значения, см. 8-я армия. Фотография Гвардейского Красного Знамени (лицевая сторона) 8-й гвардейской армии , образца 1943 года. Фотография Гвардейского Красного Знамени (оборотная сторона) 8-й гвардейской армии , образца 1943 года. 8-я гвардейская общевойсковая ордена Ленина армия  — гвардейское фор...
          Read more

          Алькесар

          Image
          Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове...
          Read more