Espionage 2.0 Released! (Updated 2x)

4 Replies

After months of development, Espionage 2.0 is finally here, and it’s brimming with new features:

  • NEW: Support for separate keychain = support for separate master password!
  • NEW: Application Associations – Tightly integrates applications with their encrypted folders (no need to auto-unlock)
  • NEW: DelayedLauncher built-in. Check “Launch at login” in Application Associations
  • NEW: Stupid-Proof safety checks for folders with application associations (won’t lock/restore while app is running)
  • NEW: Sparsebundle support
  • NEW: Moved to setup-assistant based architecture
  • NEW: Automatic backups of the database and keychain stored in the support folder (keeps 30 of each)
  • NEW: Uninstaller options allow fine-grained control over what’s uninstalled
  • NEW: Bult-in backups allow easy and efficient backups of encrypted folders. Enable them from the preferences.
  • FIXED: Several issues relating to multiple user accounts
  • FIXED: Bug that caused lots of notifications to appear on login when auto-fixing dir in certain situation
  • FIXED: Bug that could cause folder restore to fail in certain situation
  • FIXED: Bug that could cause Espionage to fail to fix a broken folder
  • IMPROVED: Significantly faster encryption (tests have shown over 300% improvement for small folders)
  • IMPROVED: Installer more robust, should handle more system configurations
  • IMPROVED: Installer overhauled to use new setup-assistant architecture
  • IMPROVED: Error handling in case of failure to create image
  • IMPROVED: Password cover is now completely opaque
  • IMPROVED: Unlocking a folder is safer, won’t delete it before making the link unless there are no files in it
  • IMPROVED: Added error checking to prevent encrypting a parent folder of the Espionage application itself
  • IMPROVED: Preferences resize themselves to fit selected view
  • IMPROVED: Better support for backup apps that synchronize over the network
  • IMPROVED: Added new “Tools” menu, currently contains ignore list and application associations
  • IMPROVED: Preferences are unlocked if application is unlocked, no need to re-enter password
  • IMPROVED: Re-enabling a folder will “fix” it if it was left in a poor state (disk image in parent)
  • IMPROVED: Much of the help documentation has been updated or rewritten
  • IMPROVED: Optimizations, quality-of-code improvements, minor bug fixes, lots of polish

One of the most significant new features in Espionage 2.0 was only barely mentioned in the video that’s up on the front page, and so I’d like to discuss it here in depth:

Built-in Backups

The reason this is so significant is because of what Espionage does when it locks, or unlocks a folder. When a folder is locked, the folder’s contents (stored in a hidden encrypted disk image) are inside of the folder, but when it’s unlocked, that disk image is moved into the parent folder (so that a link can be established to the mount point).

This meant that each time Espionage 1.1.2 locked, and then unlocked a folder (or vice versa), backup applications like Time Machine, SugarSync, and Dropbox would think that a file had been deleted, and a new file had been created, potentially culminating in the result that the entire folder would have to be re-backed up (as opposed to only the changes). It also resulted in confusion if users tried to restore the folder from a backup of the folder’s unlocked state.

Built-in backups solves all of that. You can now use Espionage with online backup services like SugarSync and Dropbox, just set the backup destination to a folder that those services backup and you’re done. If you’re using sparsebundles (which Espionage now supports), only the changed “bands” will be sent. Additionally, it no longer matters whether the folder is locked or unlocked, Espionage will make sure that the backup contains a folder in a locked state that’s ready to be restored.

Restoring a folder from a backup is easy, just drag the folder onto Espionage and make sure to select the same encryption settings, and the same password. Espionage will recognize that the folder is already encrypted and will not re-encrypt the folder.

Database & Keychain Backups

Another backup-related feature in Espionage is that Espionage keeps up to 30 backups of its database and its keychain (if you’re using the separate keychain).

You can find the backups in the Espionage’s Application Support directory located here:

/Users/<username>/Library/Application Support/Espionage/Backups

Unlike the contents of the folders themselves (which are backed up through Espionage’s built-in backups), the contents of the database and the keychain file are not vital in order to be able to restore things back to normal in the event of “catastrophic” data loss. As long as you have the backups of the folders, you can restore them (as described above) as long as you know the encryption settings and password for each folder. Having the database & keychain just means that you only need to remember the master password.

Wrapping Up

Much more detailed information is available through Espionage’s built-in help (accessible from the Help menu). We know that many Mac users are used to the help in third-party apps being poor, but believe me, we spent a while writing it, so check it out! 🙂

What applications would you encrypt data for?

10 Replies

Thank you for your responses to our previous question: Should unencrypted folder support be removed?

Based on your responses we’re leaving it in, but some UI changes will make choosing no encryption much more deliberate.

We’re cooking up an incredible update for you guys. It’s going to be here really soon. If you can’t tell by the italics, I’m quite excited.

We’d like to know: What applications would you encrypt data for?

Here’s the list that we have as of this writing (and hopefully it’ll grow a lot): Address Book, Mail, iCal, Safari, Camino, Firefox, iChat, Adium, Colloquy, X-Chat Aqua, and Things.

Update: Please restrict suggestions to applications that store their data to a specific location (not determined by the user). For example, document-based applications that let users save documents to any location don’t count.

Should unencrypted folder support be removed?

5 Replies

The next update to Espionage, Espionage 1.1.3, is turning into 1.2. It will be Espionage’s first major update, boasting many significant new features including: built-in DelayedLauncher, custom master-password support through a separate keychain, various UI changes, and more. Another huge feature (that’s currently hush-hush, involving some more of iSpy’s magical abilities), may make an appearance in this update as well.

However, this post is mainly about one of the features that you may see removed from the next update, and that’s Espionage’s ability to password-protect a folder without encryption, and hence, insecurely.

There are two reasons that I’m considering this:

The first is that it adds some inconsistencies to Espionage, one prime example is the ignore list. Normally, applications that are whitelisted still do not have access to the actual contents of a folder (when it is encrypted), however, they *do* have access to the real contents when that folder is not encrypted.

The second reason, is that it can unwittingly generate bad press. One example is this post by Alex Payne where he describes Espionage in the following manner:

The other tempting option for encrypting just a few files is Espionage, which looks to be part of the so-called “Delicious Generation” of high-gloss single-purpose apps. Unfortunately, this detailed review suggests that Espionage is more style than substance, as there’s a number of scenarios in which the protection it provides is rendered moot.

When someone like Alex Payne can misunderstand a review of Espionage that badly, it makes me wonder whether other, less technically savvy people, also discount Espionage because of this feature.

I should probably make it clear here, that Espionage’s primary method of protection, the encryption of folders, is as secure as FileVault’s1, because it uses the same encrypted disk image technology that FileVault uses, as well as OS X’s secure keychain system.

I know that unencrypted password-protected folders can be a convenient way to protect “a collection of videos that you don’t want your grandma to have access to but don’t care enough about to encrypt”, but does anyone make use of that feature?

We’re interested in hearing your thoughts on this issue, so let us know in the comments.

Thanks!

1Actually, it might be more secure because Espionage has the AES-256 option, and soon, a separate custom master password.

Temporary fix for login messages

Leave a reply

Some users may experience a bug in Espionage 1.1.2 associated with the “auto-unlock at login” option where Espionage will display many “Critical Alert!” messages upon login, which, though harmless, can be annoying.

This bug has been fixed in the next update to Espionage (along with a slew of others), but that update may not be available for a few more weeks because of the nature of the improvements that are being added to it.

However, you don’t have to wait for the next update for a fix to this problem:

  1. Download Fix Messages.zip
  2. After extracting it, double-click on the fixmessages.command file.
  3. This will open the Terminal. At the prompt enter you administrator’s password and press enter.

That’s it. Next time you login those messages should not be there. The fix places a small script in the Espionage support directory that will run when you login. This script simply removes the /Volumes/EspionageMounts directory, which Espionage will subsequently re-create.

To uninstall it, run remove-fixmessages.command.

Fix Messages.zip

Wireless Sleeper – Fixin’ Apple’s Bugs

30 Replies

Quite often in the past I’ve experienced a strange problem with my Macbook Pro where it would wake itself up shortly after I put it to sleep. I discovered that it only did this when the Airport card in my laptop was turned on.

After learning that I wasn’t the only one experiencing this problem, I wrote a program to solve the problem: Wireless Sleeper.

Just launch the program and let Wireless Sleeper do the rest. It’s a tiny, efficient program that silently sits in the background. When it discovers that your computer is about to go to sleep it will turn off Airport and wait 5 seconds to make sure that it’s off (this is necessary for the fix to work). Once your computer wakes up after its night of uninterrupted rest, Wireless Sleeper will turn your Airport card back on for you. It will even add itself to your list of login items when you run it so that you don’t have to worry about that too! 🙂

Enjoy.

Wireless Sleeper

10.6 UPDATE: If you are running Snow Leopard please download this version instead.

Possible Conflict with PGP Whole Disk Encryption

1 Reply

Recently Michael Zenke was kind enough to inform us about a potential conflict between Espionage and PGP’s Whole Disk Encryption. Michael was kind enough to give us permission to quote his email in this blog post to alert other users of the situation:

Hi,

for the last few weeks, I’ve been evaluating PGP Whole Disk Encryption (WDE) on my quest for an alternative for File Vault. While testing PGP WDE I discovered Espionage which meets all my needs. But I had to realize that unmounting on shutdown did not work properly, which resulted in corrupted Thunderbird and Firefox-Profiles. Looking in the system-logs showed that PGP-WDE seems to do some wiered things with the mounted images, so Mac OS X cannot unmount them. During the last two days I decrypted my last WDE-Encrypted external harddisk and removed PGP completely. From this time on Espionage works like a charm. No more corrupted profiles for several reboots. Thanks for your great work.

We will look into this situation to see if there’s anything we can do about it, but in the meantime hopefully this blog post will alert others to the problem. Thanks Michael!

Who’s stealing your memory?

1 Reply

Terminal fiends will likely find this post useful.

A while ago, I was sitting in the library at the University of Florida under the pretense of preparing for a final exam that was scheduled for the following day. I had, however, made the idiotic mistake of bringing my laptop with me.

Instead of studying I became inexplicably fascinated with how much memory my various running applications were taking up. Actually, it was really the fault of Alex Harper’s fantastic MenuMeters application, because I noticed that I was running low on free memory, despite having 2 gigabytes installed and very few applications running.

This lead to another discovery, namely that Safari was hording over a gigabyte of RAM for itself. This upset me, as I’m rather neurotic about how much RAM applications use. Every time the OS has to pageout I cringe inside with the knowledge that my laptop’s battery life, performance, and theoretically, the lifespan of its hard drive, are all affected. So I set aside the textbook and wrote memusage, a shell script that reports back the largest of offenders:

gslepak$ memusage
Top 10 memory intensive apps:

	Name			Percentage	Size

#1:	Xcode                   5.3		217.688 MB
#2:	firefox-bin             4.4		181.754 MB
#3:	WindowServer            4.1		165.961 MB
#4:	Finder                  2.3		95.2305 MB
#5:	iTunes                  2.0		81.7227 MB
#6:	Mail                    1.8		75.7031 MB
#7:	Interface               1.7		67.7344 MB
#8:	coreservicesd           1.3		53.1914 MB
#9:	mds                     1.1		45.0312 MB
#10:	Quicksilver             0.9		38.4531 MB

As you can see, I don’t use Safari anymore. 😛

I wonder what iSpy is using right now…

gslepak$ memusage ispy
ispyd: 0.0 %  0.441406 MB

Ten is too many, just show me the top 5:

gslepak$ memusage 5
Top 5 memory intensive apps:

	Name			Percentage	Size

#1:	Xcode                   5.3		217.688 MB
#2:	firefox-bin             4.5		182.457 MB
#3:	WindowServer            4.1		166.281 MB
#4:	Finder                  2.3		95.2305 MB
#5:	iTunes                  2.0		81.7227 MB

If you’re wondering why the percentages don’t match up with 2GB, it’s because I recently upgraded to 4GB, and I highly recommend it!

memusage

DelayedLauncher – Coming to an Espionage Near You!

9 Replies

Update: DelayedLauncher 2.0 has been released.

Yesterday we received the following support email from Brian Kane:

When I put Mail (which is “espionaged”) in the login items, the folder doesn’t get unlocked in time and Mail acts like it is starting up for the first time. If I cancel the start up dialog and then wait a second or two and restart Mail, it starts up properly. Is there anyway to get the “espionaged” program to delay or something. I’ve had this happen with other “espionaged” programs in login items too. As it stands right now, I can’t put any “espionaged” programs in Login Items.

Brian brings up a very valid point, so I spent part of the day whipping out a temporary solution to this problem, a program called DelayedLauncher:

DelayedLauncher.app

Instead of adding your “espionaged” programs to the login items, you add them to DelayedLauncher, and add DelayedLauncher to the login items. It will launch them after a delay you specify, and then automatically quit after 5 seconds. To stop either the auto-quit or auto-launch, just move the slider, or launch the program while holding down the command key.

A future version of Espionage will make DelayedLauncher unnecessary, but hey, for now it works and it’s a free program that you might find useful for something else! 🙂


Requirements: Mac OS X 10.4+

Update: DelayedLauncher 2.0 has been released.

Cyber…Monuesday?

Leave a reply

Over on twitter, Jeffry R asked why Tao Effect wasn’t offering a CyberMonday discount on Espionage. Good question Jeffry! 🙂

The reason is that we prefer Monuesday instead. This period starts when Greg wakes up and gets out of his cave after recovering from a 7+ hour drive to see his family for Thanksgiving, and ends at midnight on Tuesday (PST).

10% off Espionage, use code ‘monuesday’. 🙂

Back up and running

Leave a reply

“I didn’t know you were down in the first place,” I hear you say.

Indeed! Those of you who sent emails to our support address today were probably pleasantly surprised to find a blazingly fast reply from us in your inbox today, but to your dismay it was not, after all, a reply to your inquiry, but the following description of an unfortunate event that befell Tao Effect yesterday morning:

Hi there!

This is an automatic reply. Today (Mon. 17th of November), my main development machine died, it appears to be a problem with the logic board. Right now I’m scrambling to the nearest Apple Store to get it fixed as soon as possible. Because of this, my ability to reply to your email will probably be delayed a bit, and I apologize for that. I will still do my best to try and send you a reply within 48 hours though.

Hopefully this situation will be fixed soon. I will try my best to keep you posted via updates to the blog.

Best regards,

Greg Slepak
CEO, Tao Effect LLC

I drove down to the nearest Apple Store from Gainesville yesterday, which (timewise) is Orlando. The genius there (Jon) was quite helpful and the laptop is on its way to receive repairs. My guess is that the logic board decided that it would rather leave this realm than live under the stresses that I put it through.

In the meantime, our test machine (a PowerMac) has been setup as the temporary center of operations, so I should be able to reply to support email (and continue development) while waiting for my beloved laptop to find its way back home.