Spotlight and mds may have indexed the Tor Browser Bundle
|Reported by:||runa||Owned by:||tbb-team|
A forensic analysis of the Tor Browser Bundle (version 2.3.25-6, 64-bit) on OS X 10.8 showed that Spotlight and mds may have indexed the Tor Browser Bundle.
Spotlight, and the Metadata Server (mds), indexes all items and files on a system and allows the user to perform system-wide searches for all sorts of items; documents, pictures, applications, system preferences, etc.
I have not been able to open the files in /.Spotlight-V100 and /var/db/mds/messages/, but I would say it is likely that Spotlight and mds picked up the Tor Browser Bundle and the attached external drive at some point.