Announcing Espionage 3 for the Mac App Store!

Today we’re announcing a brand new, completely rewritten and redesigned Espionage: Espionage 3. Espionage 3 is the result of the combined efforts of Tao Effect and cocoaWithChurros‘ Ernesto Garcia.

What’s New?

Simply put: simplicity and stronger security. We decided to do a complete rewrite of Espionage, focusing more on its user interface, improving its internal design, and making it more secure. We accomplished this by removing many of the decisions facing the user.

  • NEW: Rewritten from ground up
  • NEW: Redesigned user interface
  • NEW: Folder Sets for plausible deniability
  • NEW: Tools to manage diskimage/folder size/capacity
  • NEW: No longer uses OS X’s weak keychain to store passwords, uses Scrypt and AES-256 instead.
  • NEW: Auto-lock for folders and application interface.
  • NEW: Control over disk image location (allows Dropbox support). Disk images aren’t moved (better Time Machine support).
  • REMOVED: iSpy kernel extension and therefore the password prompt and application associations.

Its user interface (inspired by the wonderful Fantastical) is now a simple list onto which you can drag folders, easily accessible from the menubar:

Simple Design

Espionage no longer moves around the sparsebundles, and this has a couple nice sideffects, one of which is that Time Machine backups are no longer an issue. The other is that Espionage’d folders can now be synchronized with Dropbox.

Layers of Plausible Deniability

We’ve added multiple layers of plausible deniability to protect you if you’re ever forced to give up your master password. By allowing you the ability to have multiple master passwords through Folder Sets, you can now voluntarily give up only the password to the set of folders that you don’t care about, and Espionage 3 in no way makes it obvious that you have other folders encrypted.

Also, while folders are locked, they appear empty by default, but you can put irrelevant files into them! This means that when a folder is locked, whoever is using your computer will see one set of files when opening it, and when you unlock the folder, you’ll see the other, secret set of files.

We’ve also added the much-asked for feature of folder auto-lock!

Espionage 3 Uses Scrypt!

There is now only one password that you need to worry about: your master password. Your master password is used to encrypt each of the individual, high-quality, Espionage-generated passwords for each folder (which Espionage automatically uses to unlock each folder).

Espionage 2 stores these passwords in OS X’s keychain, which uses 3DES. That just doesn’t cut it for us. For Espionage 3, we searched for the best protection we could find and we found the SCRYPT key-derivation function. We put your master password through scrypt and encrypt each sparsebundle password using AES-256. As a key-derivation function, it is 2^8 times more expensive to attack than the industry standard PBKDF2 alone, and 2^5 times more expensive to attack than bcrypt.

What does this mean in practice? It means that even those who foolishly choose weak passwords for their master password will still benefit from the new security of Espionage 3. It will test the patience of someone running a dictionary-based attack even for simple passwords (that said, we recommend you keep your passwords strong).

Application Associations and the Password Prompt Are Gone

This may come as a sacrifice, but we decided to remove application associations and the password prompt from Espionage. This was a decision that wasn’t made lightly, but one that had to be made due to the complexity and technical problems that kept coming up with these features (especially with the release of OS X 10.71). On the positive side, this means that Espionage 3 no longer needs to install a kernel extension to work, and is also allowed on the Mac App Store. Also, now that Lion has been released, we feel that the new FileVault 2 is a great improvement over the previous version, adequate now to protect application data, and so we’re recommending users to use FileVault 2 in conjunction with Espionage 3.

If you still want to protect application data with Espionage 3, it is possible, just not as convenient as it was in the previous version (which you can use in conjunction with Espionage 32): locate the folder that has the application data in it and encrypt it with Espionage. Then make sure the folder is unlocked prior to running the application data. The easiest way to do this is to set the folder to autounlock when you login and leave it unlocked while you’re logged in. Note that, as with Espionage 2, you will run into problems if you use Lion’s application auto-start feature. If an application runs before it’s data is unlocked, it will act as if it’s running for the first time. This is just one reason we recommend using FileVault 2 to protect application data.

How to Upgrade

Espionage 3 and Espionage 2 are completely different programs, and Espionage 3 does not “auto-upgrade” from Espionage 2. Please do not overwrite your copy of Espionage 2 with Espionage 3. You can have both programs running on your computer at the same time by renaming your existing copy of Espionage to “Espionage 2”. To move your folders from Espionage 2 into Espionage 3, you’ll need to first remove them from Espionage 2 (decrypting them), and then add them to Espionage 3 to re-encrypt them.

Note: DO NOT UNINSTALL ESPIONAGE 2 if you have installed version 3 and have encrypted files with it. Please wait till we release v3.0.1 to do this.

Lifetime Users Will Receive an Email with their Espionage 3 License

We have a lot of these to send out, and to prevent our hosting provider from marking us as spammers, we have to send these out at timed intervals, but if you’re a lifetime license holder you should receive your license within 72 hours of this announcement. Please watch your inbox and check you spam folder if you haven’t received it by then. Also, if you’re a lifetime license holder, please do not buy the Mac App Store version but instead download Espionage from our site.

Espionage – Now more affordable! 🙂

Espionage 3 is now $9.99 during the launch week!

We are also lowering the price of Espionage 2! Espionage 2 is now just $9.99 as we focus development on its newest incarnation.

Thank You!

We’d like to sincerely thank our customers for their support over all these years!

Enjoy! 😀

http://www.espionageapp.com/

1 For example, Lion introduced a feature where applications start automatically when you restart your computer. We could not figure out how to make Espionage 2 compatible with this feature. The sandboxing “feature” also presents many difficulties.
2 Running Espionage 2 and Espionage 3 together is possible. Espionage 2’s helper will run alongside Espionage 3. However, to run the main app you’ll need to temporarily quit Espionage 3 before launching Espionage 2.

39 thoughts on “Announcing Espionage 3 for the Mac App Store!

  1. Reply

    Dorian

    Sounds like a great new version. However, my only question is this: are the folders encrypted with version 2 still compatible to encrypt / decrypt with version 3?

  2. Reply

    Norm Kerr

    I just purchased version 3 from your website, and find that it shows up in my applications folder as, “Espionage 2”, which was strange, because it is clearly identified as “ver 3” and dated 5/10/12 (my current version was just “Espionage” in my applications folder, and identified as “ver 2.8.13”.

    Upon opening Espionage 3, after paying $9.99 for it via PayPal, it indicated to me that I have “free trial 14 days left”, making it seem like your system did not recognize my payment.

    These two things may make it confusing for other customers, as they were for me, at first.

  3. Reply

    Greg Slepak Post author

    Hi Norm, please use the support forums for any such questions or contact us directly as mentioned on the Espionage 3 support page.

    If you purchased Espionage from our site and not the Mac App Store, then you should receive an email from us with your license and instructions on how to register.

  4. Reply

    Marcus

    So since you’ve dropped support for Application association, can we still protect Application data and keep people out of specific programs? Or do we just dig, find and encrypt the application/program data folder?

  5. Reply

    Greg Slepak Post author

    Hey Marcus, we’ve updated the post and the section on application associations. Yes it’s possible to still encrypt application data (as mentioned above on the updated section), but there no longer is a password prompt that appears. Using the example of Mail, if you encrypt Mail’s data and run Mail while its folder is locked, it will start up as if it’s starting for the first time with no email.

  6. Reply

    Greg Slepak Post author

    @Dorian: the easiest way to move your Espionage 2 folders into Espionage 3 is to remove them from Espionage 2 (decrypt them), and then add them to Espionage 3.

  7. Reply

    Lee J.

    Wow! The removal of application associations is a massive step backwards as far as I’m concerned, as this is basically all I use Espionage for (I find Disk Utility images more convenient for other things). Indeed, this was its unique selling point, and what really made it stand out from other security utilities. And I’d hardly call it complex. Will Espionage 2 be updated to stay compatible with Mountain Lion?

  8. Reply

    Norm Kerr

    follow up question to Greg’s reply above: once we’ve moved our files to Esp 3, can we delete version 2? To do so, is it simply dragging the old icon from the applications folder to the trash, or is there a special delete program or process required to do so?

  9. Reply

    Greg Slepak Post author

    @Norm: Espionage 2 has a built-in uninstaller that’s accessible from the Espionage menu in the application.

  10. Reply

    Greg Slepak Post author

    @Lee: in our testing Espionage 2 is compatible with Mountain Lion.

  11. Reply

    Dorian

    I feel i can only +1 Lee J. here.
    Removing application associations is indeed a step backwards for me.

    There are undeniable improvements on the one hand, but at the same time the removal of application associations makes espionage “just another” encryption tool as far as the features are concerned.

    Now having to keep both versions running is a possibility, but it kind of defeats the point of paying for the improvements that version 3 has to offer!

  12. Reply

    Lee J.

    @Greg: that’s good to know, but doesn’t entirely answer my question. If a future point version breaks Espionage 2 (for example), will it be updated to stay compatible, at least with future point versions of Mountain Lion?

  13. Reply

    Alexandre Langer

    Great product for information security, excelent
    ótimo produto para segurança de informação, excelente

  14. Reply

    Marcel D

    +1 to Lee J.
    Espionage (2) was my secondary method of encryption next to TrueCrypt because of the easy methods of securing and unlocking applications. So basically I am going to have to stay with espionage 2 while I am finding a replacement asap because 3 and any version after this are now no option for me anymore And no autounlocking after login is not a option as it defies the entire purpose of having security while logged in and a user should not have to go through extra hoops for something that was easy in the first place.

    So we come to the solution offered FileVault 2 and why it is *not* a solution in certain setups. Filevault 2 only allows full disk encryption instead of the older Home folder based encryption why is that a problem? Because of theft.

    I can’t go for the FileVault option because of tracing software if my system gets stolen I need them to login on a dummy honey pot account if they can’t boot I can’t retrieve there personal information nor can I wipe the disk in case I am dealing with a profesional hacker/cracker on the other side. Encrypting is one thing monitoring is another.

    This *should* have been communicated to the consumers before it was released its such a big change to the overall security model that it warrants that it would be receive with a lot less commotion. Moreover this move to the Appstore will result in a lot less secure environment in the long run because a lot of actions/features will be restricted by what Apple dictates.

    There is no jumpship or adapt mentality here I see companies do both. Two separate versions one Appstore version less features lower price. The other being higher priced for the features it offers and sold through another store. Which is a fine busines model that works and keeps both consumer level as powerusers happy.

    Apple giving you headaches already? Wait till you see the review time required for any updates to come through the store. I feel sorry for you guys I truly am but I am bailing ship instead of jumping nor adapting.

  15. Reply

    ADK

    Really wish Application Association was still available… by far the best part of Espionage 2 that no one else was able to offer…

  16. Reply

    Louis

    +1 to Marcel D totally agree

  17. Reply

    Evan

    I’m another user who bought Espionage solely for the application associations. Sorry to see them go. I guess I’ll ride out version 2 as long as it continues to work.

  18. Reply

    Ross

    Frankly, I think you “threw the baby out with the bath water.” I don’t so much mind the loss of encryption of application specific data, but the loss of the password prompt for ordinary folders is a PITA. “Easy access from the menu bar.” Meh. How about just double clicking on the file you need, instead of having to go somewhere else on the screen? I also understand there is no right-click menu option. If so, this is a great leap backward.

    Are backups no longer automatic? If so, another leap backward. This was enormously convenient.

    Is this an OS 10.7 app only?

  19. Reply

    Andrew

    So disappointing, this amounts to a downgrade whatever the merits of Scrypt. Like the majority of respondents, the key feature that set Espionage apart for me was application-associations …suggesting that FileVault 2 is an appropriate alternative is to completely overlook the fact that many users, if not most, don’t log-out or shutdown for days or weeks at a time and thus application-data will be unsecured, not to mention access to the respective apps themselves.

    It’s a real shame that Tao did not see fit to poll it’s users before admitting defeat. It would have been preferable to disable automatic launching of apps in the OS in favour of keeping application associations. The option should have been there.

    Furthermore, what’s the point in suggesting that Espionage 2 and 3 can theoretically be run together? Surely, if this was ever a genuine intention then it would have made sense to have the application renamed so that neither the app itself or support folder, preferences, etc conflicted.

    Knox, offers much greater portability for encrypting my document and project files and retains a back-up function that avoida having to place the ‘live’ folders in Dropbox. My support for Espionage hinged on where it innovated, ie. application-associations, without these there is no compelling reason to continue with it. Such a shame !

  20. Reply

    Greg Slepak Post author

    @Ross: there are no built-in backups because v3’s design makes it unnecessary. You simply use whatever backup software you want, like Time Machine, to backup the disk image.

    Yes, it’s OS 10.7 only. You can double-click on the folder in the list and it will open it up. This can be faster than searching for it in the Finder.

    I understand the frustration of many here who are sad to see app associations go. I am not happy about it either. Lion presented many challenges for us and we bent. I thank you for sticking with us for this long. We now have an app that is simply different, better in some respects, than version 2. I still feel it’s the best encryption app for the Mac. Blows Knox out of the water, IMO. 😉

  21. Reply

    Pulpdoctor

    Like many, I too, like to support developers of software I use. I have an iMac with Lion and a Macbook Pro with Snow Leopard. When I tried to install version 3 on my MBP, I was informed that it didn’t work on my OS.

    I’ve read all the comments and it’s clear that there are many that like Application Associations. It’s not something I used. Maybe I’m stoopid but if you don’t like an app, just don’t buy it. That’ll teach the developers a lesson 😉

    The loss of income to the developer may be enough that they will change things. But from what I’ve read, the developers tried everything to keep this feature but there were just too many obstacles to overcome related to Lion. So maybe everyone upset over the loss of App Associations should be upset with Apple, not Tao Effect.

    And just to show that I’m not taking up for Tao Effect, using two products (Espionage and File Vault 2) does seem counter-productive, sort of like a Rube Goldberg invention.

    The bottom line: if you need App Associations, don’t abandon Tao Effects b/c of Espionage 3. Instead, continue to use Espionage 2 and save yourself the $9.99.

    Flame on, Garth.

    Flame on, Wayne.

  22. Reply

    Lee J.

    I don’t understand that Lion is responsible for this – after all, 2.8.13 works perfectly on Lion, doesn’t it?

    Also, you still haven’t answered my question re future support of 2.x – will it be kept compatible with any future versions of Mountain Lion at least?

  23. Reply

    Marcel D

    @PulpDoctor I can’t speak offcourse for everyone here but I know that a lot of users are devote people that are willing to compromise features on there software if there is no other choice. The problem however is we are talking about security measures and it is never wise to fiddle to much on that at one time. True enough we can stick with espionage 2 for now but if Tao has no interest in keeping the for us necessary functions than we are taking a incredible risk but so are they. We don’t know for how many OS versions 2 will be supported as the given reason that Lion 10.7 was a challenge Mountain Lion 10.8 will be almost impossible to manage without puling resources from the development cycle of 3 and future products. The problem isn’t the product it is how the company communicates outwards. The product support is great let me first point that out no problem what so ever on that. But the company is not involving its userbase as much as it should for there own benefit. They are forgetting that most people who have interest in a product are a potential free resource. We are happy to provide feedback think on providing workarounds or even marketing the product for zero money. If Tao had provided a roadmap a lot of this commotion was reduced to a few whines instead of serious legit concerns. If Tao had provided a subboard like Feedback the forum wouldn’t be a mess right now with a lot of confused users. We are all losing on this either the product, money, time or all at once.

  24. Reply

    Greg Slepak Post author

    @Lee: I did mention this in a reply to you above, yes, in our testing Espionage 2 works on Mountain Lion, however, at the moment our decision is to focus on version 3. There are too many existing, and more importantly, potential issues that can arise with the way version 2 is designed. Fundamentally what Espionage 2 is doing is messing with third-party data that we don’t have control over. If a user, or in the case of sandboxing, an operating system, decides to move this data, or rename it, the headaches for us and users can be endless. Espionage 2 works perfectly for some users but for many others it does not because of this design. The proof is in the support requests we receive for it via email and on the forums. It was consuming all of my time, and I couldn’t keep up with it, so I decided to create a version that does less but does what it does better.

  25. Reply

    ADK

    In all honesty, I would rather purchase a “complete product” (with all of Espionage 2’s old functions that made it so great) directly from Tao Effect than a watered down version through the App Store.

    I wonder if there is a way to sell “Espionage 3 Lite” through the App Store and an option the purchase the “pro” version ‘in-app’ to upgrade to the full functional Espionage 3.

    I too don’t want to move from Espionage 2 because of what I would lose…

  26. Reply

    Pistarino

    I want Application Association back! This feature was the only reason that led me to purchase your product. Luckily before upgrading I tried the v3 and I discovered this BIG lack. I will stay on v2, even if I will miss the auto adjusting size feature.

  27. Reply

    SomeGuy

    Ouch ! Application Association is the main reason i use Espionage and the one feature that sets it apart from similar tools.
    If the problem is really the Appstore and its limitations , then perhaps the solution would be to release a “Basic” version on the Appstore, and an “Advanced” version ( that brings back Application Association) sold only thru your website ?

  28. Reply

    Greg Slepak Post author

    @SomeGuy: we’re mulling over the idea of having an “Espionage Pro”, but right now, to me, this idea seems like a nightmare. Perhaps in the future.

  29. Reply

    Daniel

    I did the following to manually upgrade vom v2 to v3:

    1. Close EspionageHelper (so 2 folders aren’t protected anymore)
    2. Move the hidden .sparsebundle (inside the normally protected folder) to another place
    3. Created a new encrypted folder with v3
    4. Delete the .sparsebundle v3 created, rename the old v2 one and moved it to where the v3 .sparsebundle was
    5. Change the password of the v2 .sparsebundle to whatever v3 created

    Decrypting and encrypting a 2.5TB sparsebundle isn’t what I want to do when all I do is upgrading an app.

  30. Reply

    Ross

    Somebody mentioned using Knox for file encryption. I just tried it and I advise you not to do so. Espionage 3 may be seriously flawed, but at least we can expect it to be reliable and safe as E-2.

  31. Reply

    Ross

    Some egg on my face regarding Knox. =-(

    There is a limitation in the software (Knox) that is not spelled out in the documentation, hence my bad experience.

    Judging from the research I’ve been doing, Espionage 3, for all its shortcomings, may still be the best game in town. Certainly, their customer support is excellent. Here’s hoping Espionage 4 is better.

  32. Reply

    Andrew

    I mentioned using Knox …it has the advantage that it’s vaults are portable so for documents and project files I found it a better option than Espionage 2, which I used exclusively for locking access to, and encrypting the application, application-support folder and cache folder for those apps that I considered as sensitive …namely Mail, Safari, Address Book, iCal and Omnifocus.

    In the beginning I found the behaviour of Knox vaults, i.e. them mounting as volumes, less elegant than the folder method employed in Espionage 2. However, apart from the annoying fact that calculate-folders had to be disabled and disclosure-triangles carefully monitored to avoid unnecessary prompts, that Espionage 2 actually disguises the sparsebundle as a folder is potentially dangerous and insecure for the uninitiated as files are copied to it and not moved.

    I have no doubt that Scrypt is more advanced than the system used by Knox, and it’s a frustration that since buying the app, Agilebits has done nothing to develop it …well so far! Nevertheless, it’s portability and integrated back-ups, such that they can be located to the Dropbox folder are still compelling features and reasons to stick with Knox.

    For all my concerns, I have downloaded Espionage 3 to explore so Tao have my money and hopefully it will go into ‘fixing’ some of the functionality.

    Lastly, I would reiterate that it ‘s a lack of understanding about how users run their systems 24/7 which is the most serious oversight …all other encryption software failed to address this, now sadly so has Espionage too !!

  33. Reply

    Andrew

    In the case of Mail, and I assume other apps as well, one can relocate the various data/support folders to a location outside of the Library folder and replace them with aliases …this gets around the current problem with not being able to encrypt anything inside the Library folder itself.

    This solves encrypting locally stored emails, however, unfortunately launching Mail with the local data locked still does not prevent the ‘Get Mail’ action to refresh the view of one’s mail from iCloud !! ….application-associations anyone.

    Sorry Greg …I’m sure you weren’t ready for so much fallout . Despite the whole application-associations thing being regrettable I sincerely hope you can pick yourself up and move forward positively. Thanks for Espionage 2 and good luck with version 4. :-))

  34. Reply

    Greg Slepak Post author

    Thanks Andrew. I don’t know if you saw this but in the next update (3.0.1) it will be possible to encrypt folders in the Library folder. We may figure out how to add application associations back to Espionage 3, it may just take some time.

  35. Reply

    Adam

    Great software! Check out the video review we put together on YouTube.

    http://youtu.be/FHStJaeOH1w

  36. Reply

    Ed Levinson

    Do you have an estimated release date for V 3.0.1?

  37. Reply

    Greg Slepak Post author

    @Ed: As soon as Apple approves the update, we’re hoping sometime this week.

  38. Reply

    Antonio

    Just another in the camp of wanting password prompt with applications back. Had knox and moved to Espionage for that reason several years ago. As suggested by one or more folks, I’d pay extra for an Espionage Pro version sold solely on the website, if Apple isn’t playing nice and is forcing the software development to change course.

  39. Reply

    Greg Slepak Post author

    @Antonio: before the month is over we should release Espionage 3.5. While it won’t bring the password prompt back, it will include a feature called Folder Actions that will make it possible (much more convenient really), to encrypt application data.

    Keep an eye on the blog and twitter account!

Leave a Reply to Greg Slepak Cancel reply

Your email address will not be published. Required fields are marked *