iCloud Drive Can Strip Metadata From Your Documents
Apps create files and directories in iCloud container directories in exactly the same way as they create local files and directories. And all the file’s attributes are saved, if they add extended attributes to a file, those attributes are copied to iCloud and to the user’s other devices too.
I have examined files with a rich collection of extended attributes, under 10.12.6 and 10.13.2, on local storage and in iCloud Drive. This confirms that most xattrs are stripped by iCloud Drive in this fashion.
Xattrs removed include:
- com.apple.FinderInfo
- com.apple.metadata:_kMDItemUserTags
- com.apple.ResourceFork
- com.apple.serverdocs.markup
- net_sourceforge_skim-app_ series
- net_sourceforge_skim-app_notes
- net_sourceforge_skim-app_rtf_notes
- net_sourceforge_skim-app_text_notes
- co.eclecticlight.[any]
[…]
Xattrs which are preserved include:
- com.apple.TextEncoding
- com.apple.metadata:kMDItemDownloadedDate
- com.apple.metadata:kMDItemWhereFroms
- com.apple.metadata:kMDLabel_ series
- com.apple.quarantine
For me, iCloud Drive preserves tags, but labels, resource forks, and any third-party extended attributes have always been lost. I don’t understand why Apple’s documentation claims otherwise.
Previously: Dropbox 1.0.
Update (2018-01-09): See also: Hacker News.
Update (2018-01-12): See also: Howard Oakley.
Update (2018-01-29): Howard Oakley:
When you access your iCloud Drive from two or more client systems, iCloud Drive knows which files originated from each of the clients, and keeps track of that.
[…]
What is most startling is the way that it adds an apparently unique xattr of type
com.apple.cscachefsto many files within application bundles. iCloud Drive doesn’t appear to add quarantine flags (com.apple.quarantine), but addscom.apple.cscachefsinstead – only when accessed from a second client.[…]
Some
com.apple.*xattrs, likecom.apple.ResourceForkandcom.apple.serverdocs.markup, always get stripped; others will only be stripped if they exceed a certain size, which varies according to the type of xattr. All xattrs of 80 KB or larger are removed, but iCloud allowscom.apple.metadata:kMDItemCopyright, for example, to reach 24 KB size and leaves it intact. If you rely on a particular xattr passing unscathed through iCloud’s filters, you need to test it carefully over a range of sizes and situations.
Update (2020-03-27): Howard Oakley:
However, when you access files which have been uploaded to iCloud from a different Mac or iOS device, iCloud doesn’t preserve all xattrs by any means. Some are often but not always preserved, others usually stripped, and one type invariably stripped.
3 Comments RSS · Twitter
What about xattr when files have been synced over iCloud Photos. If a file has been uploaded to iCloud Photos from IPhone can it be determined which device it was uploaded from? For example Sam’s iPhone X or sam@icloud.com
@Sam I don’t think iCloud Photos syncs xattrs or that the uploading device is stored in the xattrs.
Let more reason to keep control of your own data, and avoid these "clouds".