Espionage 3.7.2/3.7.3 — Native Apple Hardware Universal Binary

Espionage 3.7.2 (and 3.7.3) bring a notarized universal binary with better M1 and Big Sur support, and some minor bug fixes. Many thanks to Jeff Johnson of Lapcat Software for help with this release! Changes Improvements! Univeral Binary for full native compatibility with M1 processor. (EDIT: hopefully for real in 3.7.3!) Updated OpenSSL and Sparkle. […]

Espionage 3.7 Released!

Espionage 3.7 (and 3.7.1) bring improved macOS Mojave support. Changes New! macOS Mojave Dark Theme support. Fixes macOS Mojave broke restoring folders, this build fixes that. Fixed some potential memory leaks and new compiler warnings. (3.7.1) Crash during setup on macOS Mojave. The signature for Espionage.dmg is here and also here (pubkey here). The SHA256 […]

Espionage 3.6.6 Released!

Nothing exciting, just an important bug fix. In the meantime, we’re continuing our work to sustainably open-source Espionage. Fixes Fixed crash on macOS Sierra during installation. The signature for Espionage.dmg is here and also here (pubkey here). The SHA256 of the main binary is also noted below. Enjoy! 😀 $ openssl dgst -sha256 Espionage.app/Contents/MacOS/Espionage SHA256(Espionage.app/Contents/MacOS/Espionage)= […]

[Security] Protecting Mail On Recent Versions Of OS X

It has been brought to our attention that recent versions of Mail on OS X (perhaps starting with 10.10, but definitely since 10.11), will re-download all of your email from your email server. And since your server doesn’t encrypt your email, that’s a serious concern. This means that the following attack is possible to bypass Espionage’s […]

Espionage 3.6.3 drops 10.7, 10.8, 10.9 + Sparklegate Fix

EDIT February 17, 2016: 3.6.4 and 3.6.5 release notes included here as there are only minor changes. We’re momentarily back from our break in cryptocurrency-research-land (where we’ve been advancing our goal of sustainably open-sourcing Espionage) to bring you the immediate release of Espionage 3.6.3! “But wait! This doesn’t seem like such an exciting release! What […]

Apologies! Sky Kinda Falling + Protecting Yourself From Sparklegate

This is a followup to yesterday’s post: Sky Not Falling: Sparklegate Not As Bad As It Could Be After trying and failing to reproduce Sparklegate, I arrived at the conclusion that Gatekeeper and Quarantine did in fact protect OS X users from the Remote Code Execution (RCE) attack. What I Missed Radek, the discoverer of […]

(UPDATED) Sky Not KINDA Falling: Sparklegate Not As Bad As It Could Be

UPDATE February 1, 2016: It turns out some users are vulnerable to this attack. Read this followup post! Sparklegate is the term I’ve coined for the recent discovery that, allegedly, every OS X machine out there is vulnerable to RCE (remote-code-execution) attacks because the widely used Sparkle framework, along with OS X’s standard WebView component, […]

[Job] Design focused Cocoa developer for Espionage 3

Espionage is a highly rated personal data encryption app for Mac OS X. It currently follows a “source code available” policy, but we think the right thing to do is to completely open source the product. However, this comes with two significant challenges: If we open source Espionage improperly, there is an extremely significant risk […]

Espionage 3.6.2 Released!

Espionage 3.6.2 delivers an important security fix to address a plausible deniability issue with folders that were set to auto-lock, and it also brings important improvements and bug fixes: Security The path for folders set to auto-lock was leaked in previous versions, compromising their plausible deniability (PD). If you require PD for those folders make […]

2014 Apple iMessages security update

A few days ago I made the following tweet: Repeat after me: Apple iMessages IS NOT end-to-end encrypted. https://t.co/sh9due25VF cc @EFF — Greg Slepak (@taoeffect) November 6, 2014 I’d like to apologize for the wording of that, as it could have been written in a more accurate way. To help clear up any confusion, I spent the […]