Today we’re announcing a brand new, completely rewritten and redesigned Espionage: Espionage 3. Espionage 3 is the result of the combined efforts of Tao Effect and cocoaWithChurros‘ Ernesto Garcia.
Simply put: simplicity and stronger security. We decided to do a complete rewrite of Espionage, focusing more on its user interface, improving its internal design, and making it more secure. We accomplished this by removing many of the decisions facing the user.
- NEW: Rewritten from ground up
- NEW: Redesigned user interface
- NEW: Folder Sets for plausible deniability
- NEW: Tools to manage diskimage/folder size/capacity
- NEW: No longer uses OS X’s weak keychain to store passwords, uses Scrypt and AES-256 instead.
- NEW: Auto-lock for folders and application interface.
- NEW: Control over disk image location (allows Dropbox support). Disk images aren’t moved (better Time Machine support).
- REMOVED: iSpy kernel extension and therefore the password prompt and application associations.
Its user interface (inspired by the wonderful Fantastical) is now a simple list onto which you can drag folders, easily accessible from the menubar:
Espionage no longer moves around the sparsebundles, and this has a couple nice sideffects, one of which is that Time Machine backups are no longer an issue. The other is that Espionage’d folders can now be synchronized with Dropbox.
Layers of Plausible Deniability
We’ve added multiple layers of plausible deniability to protect you if you’re ever forced to give up your master password. By allowing you the ability to have multiple master passwords through Folder Sets, you can now voluntarily give up only the password to the set of folders that you don’t care about, and Espionage 3 in no way makes it obvious that you have other folders encrypted.
Also, while folders are locked, they appear empty by default, but you can put irrelevant files into them! This means that when a folder is locked, whoever is using your computer will see one set of files when opening it, and when you unlock the folder, you’ll see the other, secret set of files.
We’ve also added the much-asked for feature of folder auto-lock!
Espionage 3 Uses Scrypt!
There is now only one password that you need to worry about: your master password. Your master password is used to encrypt each of the individual, high-quality, Espionage-generated passwords for each folder (which Espionage automatically uses to unlock each folder).
Espionage 2 stores these passwords in OS X’s keychain, which uses 3DES. That just doesn’t cut it for us. For Espionage 3, we searched for the best protection we could find and we found the SCRYPT key-derivation function. We put your master password through scrypt and encrypt each sparsebundle password using AES-256. As a key-derivation function, it is 2^8 times more expensive to attack than the industry standard PBKDF2 alone, and 2^5 times more expensive to attack than bcrypt.
What does this mean in practice? It means that even those who foolishly choose weak passwords for their master password will still benefit from the new security of Espionage 3. It will test the patience of someone running a dictionary-based attack even for simple passwords (that said, we recommend you keep your passwords strong).
Application Associations and the Password Prompt Are Gone
This may come as a sacrifice, but we decided to remove application associations and the password prompt from Espionage. This was a decision that wasn’t made lightly, but one that had to be made due to the complexity and technical problems that kept coming up with these features (especially with the release of OS X 10.71). On the positive side, this means that Espionage 3 no longer needs to install a kernel extension to work, and is also allowed on the Mac App Store. Also, now that Lion has been released, we feel that the new FileVault 2 is a great improvement over the previous version, adequate now to protect application data, and so we’re recommending users to use FileVault 2 in conjunction with Espionage 3.
If you still want to protect application data with Espionage 3, it is possible, just not as convenient as it was in the previous version (which you can use in conjunction with Espionage 32): locate the folder that has the application data in it and encrypt it with Espionage. Then make sure the folder is unlocked prior to running the application data. The easiest way to do this is to set the folder to autounlock when you login and leave it unlocked while you’re logged in. Note that, as with Espionage 2, you will run into problems if you use Lion’s application auto-start feature. If an application runs before it’s data is unlocked, it will act as if it’s running for the first time. This is just one reason we recommend using FileVault 2 to protect application data.
How to Upgrade
Espionage 3 and Espionage 2 are completely different programs, and Espionage 3 does not “auto-upgrade” from Espionage 2. Please do not overwrite your copy of Espionage 2 with Espionage 3. You can have both programs running on your computer at the same time by renaming your existing copy of Espionage to “Espionage 2”. To move your folders from Espionage 2 into Espionage 3, you’ll need to first remove them from Espionage 2 (decrypting them), and then add them to Espionage 3 to re-encrypt them.
Note: DO NOT UNINSTALL ESPIONAGE 2 if you have installed version 3 and have encrypted files with it. Please wait till we release v3.0.1 to do this.
Lifetime Users Will Receive an Email with their Espionage 3 License
We have a lot of these to send out, and to prevent our hosting provider from marking us as spammers, we have to send these out at timed intervals, but if you’re a lifetime license holder you should receive your license within 72 hours of this announcement. Please watch your inbox and check you spam folder if you haven’t received it by then. Also, if you’re a lifetime license holder, please do not buy the Mac App Store version but instead download Espionage from our site.
Espionage – Now more affordable! 🙂
Espionage 3 is now $9.99 during the launch week!
We are also lowering the price of Espionage 2! Espionage 2 is now just $9.99 as we focus development on its newest incarnation.
We’d like to sincerely thank our customers for their support over all these years!
1 For example, Lion introduced a feature where applications start automatically when you restart your computer. We could not figure out how to make Espionage 2 compatible with this feature. The sandboxing “feature” also presents many difficulties.
2 Running Espionage 2 and Espionage 3 together is possible. Espionage 2’s helper will run alongside Espionage 3. However, to run the main app you’ll need to temporarily quit Espionage 3 before launching Espionage 2.