It was a typical Monday morning for Emily, a freelance graphic designer working on her MacBook Pro. She was trying to meet a looming deadline, but her computer seemed to be playing a trick on her. She swore she had saved a crucial design file on her desktop, but it was nowhere to be found.
In UNIX-based systems, file hiding is a convention rather than a security feature. Files prefixed with a dot ( . ) are excluded from standard directory listings by shells like zsh (the default in macOS since Catalina) and graphical file managers. macOS extends this model with additional metadata flags inherited from Classic Mac OS (HFS) and the current Apple File System (APFS). macos show hidden files
| Layer | Mechanism | Scope | Persistence | | :--- | :--- | :--- | :--- | | | Dot-prefix convention | Per filename | Permanent until renamed | | HFS/APFS | kUFHiddenFlag (via chflags ) | Per file inode | Persistent across reboots | | Finder (GUI) | AppleShowAllFiles (plist) | User interface only | Toggled via defaults | It was a typical Monday morning for Emily,
When hidden files are revealed, the threat model changes fundamentally. Based on incident reports from 2022–2025, the following risks are prevalent: In UNIX-based systems, file hiding is a convention
