Espionage 3.0.3 Released!

Version 3.0.3 brings some important bugfixes and Brazilian localization. If you’d like to localize Espionage into your language, please contact us.

  • NEW: Brazilian Portuguese Localization
  • FIXED: Error 9 when unlocking
  • FIXED: Changed method of starting at login to one that’s less likely to fail
  • FIXED: Changed method of disk mounting to one that’s less likely to fail

Version 3.0.2 brought these updates:

  • IMPROVED: Signed with Developer ID for Mountain Lion compatibility
  • FIXED: Crash in autounlock
  • FIXED: Spanish translation in english language

Enjoy! :-D

Espionage 3.0.1 Released!

  • NEW: Spanish Localization
  • IMPROVED: Don’t warn about visibility for folders inside folders on Desktop
  • IMPROVED: Ask for confirmation during setup assistant if user says “no” to launch at login
  • FIXED: Problem unlocking folders when master password is changed
  • FIXED: Allow encryption of folders inside Library
  • FIXED: Allow “Force remove from database…” when disk image is missing
  • FIXED: Allow passwords with non-ascii characters
  • FIXED: Problem unlocking folders when master password is changed

Note that it’s now possible to use Espionage to encrypt folders in ~/Library. Do this at your own risk and let me explain why: with Lion Apple introduced sandboxing which has caused a lot of headaches for many developers. It’s caused massive headaches for us, and was one of the changes that went into our decision to remove application associations. If you encrypt an application’s data with Espionage 3.0.1, there are some things to keep in mind:

  1. Applications might store their data in the ~/Library/Application Support folder, but then if the developer enables sandboxing the operating system will move their data to ~/Library/Containers. If you had their data previously encrypted, this transition may not go smoothly, and even if it does, you might not be aware of it and suddenly the data is now unencrypted in a different location.
  2. Because application associations are gone, you’ll need to unlock the application’s folder before using it. We’re considering our options as to what we can do here, whether it’s bring back application associations or something else, but don’t bet on it yet. The situation is hairy. In the meantime you can set the folder to auto-unlock when you login.

Mac App Store Failure

One of our goals for version 3, was to address a user-request to get Espionage into the Mac App Store (MAS). We thought we succeeded in this, but it looks like this was only a momentary success. Apple’s June 1st sandboxing deadline hit, and we thought we were safe because we were already in the store, but this turns out to be not true. Apple didn’t make this very clear, but they’re preventing non-sandboxed applications from receiving feature updates in the MAS. So all non-sandboxed apps in the MAS are essentially “dead in the store”.

We’re unable to sandbox Espionage because of a bug in Apple’s operating system (rdar://10419391), and we have a feeling they won’t fix this bug anytime soon. Since we’re not able to update Espionage in the MAS anymore, we’re going to have it removed from the store.

We’re asking users who purchased Espionage in the store to switch to the non-MAS version of Espionage, and to contact us using the following instructions so that we can send you a license to it. If you purchased Espionage in the MAS, please read these instructions before switching to the non-MAS version of Espionage.

How To: Switch to non-App Store version of Espionage 3

Step 1: Locate your copy of Espionage in the Applications folder and then right-click (control-click) on it, and choose Show Package Contents:

Step 2: Locate the receipt file in Contents > _MASReceipt > receipt. Copy this file to your Desktop (drag it while holding the Option key):

Step 3: Visit this link and enter your information. Click ‘Choose File’ (Safari) or ‘Browse’ (Firefox) and select the receipt file on your Desktop. Then click Submit. Your Espionage 3 license will be emailed to the address you provided, so make sure there are no typos.

Step 4: After you receive an email with your license, download Espionage 3 from its website, and replace your copy of Espionage with it. Then register it with the license you received. Don’t replace your copy of Espionage until you receive your license.

That’s it!

We apologize for the inconvenience that has been caused by this situation. On the bright side, we no longer have to wait for Apple’s approval to release updates to Espionage, and 3.0.1 will be released shortly.

Announcing Espionage 3 for the Mac App Store!

Today we’re announcing a brand new, completely rewritten and redesigned Espionage: Espionage 3. Espionage 3 is the result of the combined efforts of Tao Effect and cocoaWithChurros‘ Ernesto Garcia.

What’s New?

Simply put: simplicity and stronger security. We decided to do a complete rewrite of Espionage, focusing more on its user interface, improving its internal design, and making it more secure. We accomplished this by removing many of the decisions facing the user.

  • NEW: Rewritten from ground up
  • NEW: Redesigned user interface
  • NEW: Folder Sets for plausible deniability
  • NEW: Tools to manage diskimage/folder size/capacity
  • NEW: No longer uses OS X’s weak keychain to store passwords, uses Scrypt and AES-256 instead.
  • NEW: Auto-lock for folders and application interface.
  • NEW: Control over disk image location (allows Dropbox support). Disk images aren’t moved (better Time Machine support).
  • REMOVED: iSpy kernel extension and therefore the password prompt and application associations.

Its user interface (inspired by the wonderful Fantastical) is now a simple list onto which you can drag folders, easily accessible from the menubar:

Simple Design

Espionage no longer moves around the sparsebundles, and this has a couple nice sideffects, one of which is that Time Machine backups are no longer an issue. The other is that Espionage’d folders can now be synchronized with Dropbox.

Layers of Plausible Deniability

We’ve added multiple layers of plausible deniability to protect you if you’re ever forced to give up your master password. By allowing you the ability to have multiple master passwords through Folder Sets, you can now voluntarily give up only the password to the set of folders that you don’t care about, and Espionage 3 in no way makes it obvious that you have other folders encrypted.

Also, while folders are locked, they appear empty by default, but you can put irrelevant files into them! This means that when a folder is locked, whoever is using your computer will see one set of files when opening it, and when you unlock the folder, you’ll see the other, secret set of files.

We’ve also added the much-asked for feature of folder auto-lock!

Espionage 3 Uses Scrypt!

There is now only one password that you need to worry about: your master password. Your master password is used to encrypt each of the individual, high-quality, Espionage-generated passwords for each folder (which Espionage automatically uses to unlock each folder).

Espionage 2 stores these passwords in OS X’s keychain, which uses 3DES. That just doesn’t cut it for us. For Espionage 3, we searched for the best protection we could find and we found the SCRYPT key-derivation function. We put your master password through scrypt and encrypt each sparsebundle password using AES-256. As a key-derivation function, it is 2^8 times more expensive to attack than the industry standard PBKDF2 alone, and 2^5 times more expensive to attack than bcrypt.

What does this mean in practice? It means that even those who foolishly choose weak passwords for their master password will still benefit from the new security of Espionage 3. It will test the patience of someone running a dictionary-based attack even for simple passwords (that said, we recommend you keep your passwords strong).

Application Associations and the Password Prompt Are Gone

This may come as a sacrifice, but we decided to remove application associations and the password prompt from Espionage. This was a decision that wasn’t made lightly, but one that had to be made due to the complexity and technical problems that kept coming up with these features (especially with the release of OS X 10.71). On the positive side, this means that Espionage 3 no longer needs to install a kernel extension to work, and is also allowed on the Mac App Store. Also, now that Lion has been released, we feel that the new FileVault 2 is a great improvement over the previous version, adequate now to protect application data, and so we’re recommending users to use FileVault 2 in conjunction with Espionage 3.

If you still want to protect application data with Espionage 3, it is possible, just not as convenient as it was in the previous version (which you can use in conjunction with Espionage 32): locate the folder that has the application data in it and encrypt it with Espionage. Then make sure the folder is unlocked prior to running the application data. The easiest way to do this is to set the folder to autounlock when you login and leave it unlocked while you’re logged in. Note that, as with Espionage 2, you will run into problems if you use Lion’s application auto-start feature. If an application runs before it’s data is unlocked, it will act as if it’s running for the first time. This is just one reason we recommend using FileVault 2 to protect application data.

How to Upgrade

Espionage 3 and Espionage 2 are completely different programs, and Espionage 3 does not “auto-upgrade” from Espionage 2. Please do not overwrite your copy of Espionage 2 with Espionage 3. You can have both programs running on your computer at the same time by renaming your existing copy of Espionage to “Espionage 2″. To move your folders from Espionage 2 into Espionage 3, you’ll need to first remove them from Espionage 2 (decrypting them), and then add them to Espionage 3 to re-encrypt them.

Note: DO NOT UNINSTALL ESPIONAGE 2 if you have installed version 3 and have encrypted files with it. Please wait till we release v3.0.1 to do this.

Lifetime Users Will Receive an Email with their Espionage 3 License

We have a lot of these to send out, and to prevent our hosting provider from marking us as spammers, we have to send these out at timed intervals, but if you’re a lifetime license holder you should receive your license within 72 hours of this announcement. Please watch your inbox and check you spam folder if you haven’t received it by then. Also, if you’re a lifetime license holder, please do not buy the Mac App Store version but instead download Espionage from our site.

Espionage – Now more affordable! :-)

Espionage 3 is now $9.99 during the launch week!

We are also lowering the price of Espionage 2! Espionage 2 is now just $9.99 as we focus development on its newest incarnation.

Thank You!

We’d like to sincerely thank our customers for their support over all these years!

Enjoy! :-D

1 For example, Lion introduced a feature where applications start automatically when you restart your computer. We could not figure out how to make Espionage 2 compatible with this feature. The sandboxing “feature” also presents many difficulties.
2 Running Espionage 2 and Espionage 3 together is possible. Espionage 2′s helper will run alongside Espionage 3. However, to run the main app you’ll need to temporarily quit Espionage 3 before launching Espionage 2.

Hiring: Customer Support Specialist

Update: This position has been filled.

Do you love Mac software and know your way around the Mac operating system (OS X)? Are you looking for part-time contract work at home? If so, we have an opportunity for you! :-)

Tao Effect LLC is currently looking to hire an independent contractor to help us with tech support for our highly rated OS X app, Espionage.

Candidate Requirements

  • Strongly familiar with Mac OS X and its software and utilities
  • Excellent command of the English language
  • Familiarity with Espionage (meaning you’ve at least downloaded and used the program)
  • Clear and friendly communications skills

Job Details

  • Flexible hours (approx. 5-10 hrs/week)
  • Work from home or wherever you find yourself

To apply, send an email to contact at with subject ‘Tech Support Specialist’ with your resume.

Notice of delayed support due to emergency

I (Greg) recently found myself in an auto accident that resulted my hospitalization for a period of a few days, during which I was not able to access the internet. The good news is that no one is injured, the bad news though, for which I apologize profusely, is that we have a backlog of support email and forum posts. It has been several days since people have sent us support requests and they have not received a response at all because at the moment no one other than Greg is handling that. We are looking to rectify this situation.

We are very grateful for your understanding as we deal with the inevitable mess from this incident. In the meantime, here are some resources that may be of help to you:

Many thanks for the understanding!

Greg Slepak
Tao Effect LLC

Espionage 2.8.13 Released!

I know I know! I’m getting tired of the 2.8 series as well! :-p

  • NOTE: This update will cause the installer to run again (prompting you for your admin password)
  • FIXED: removed “failed to get node path” console messages in ispyd.log on Lion
  • FIXED: issue with application associations on Lion
  • IMPROVED: removed some 10.5 dependencies. recompiled with llvm-gcc.

Bear with us, Lion turned out to cause some unexpected issues that weren’t caught in the 2.8.12 release, so this maintenance release is mainly for Lion compatibility.

As mentioned, this release no longer supports Mac OS 10.5 Leopard. If you need a Leopard compatible version of Espionage, please use version 2.8.10 instead.

Enjoy! :-D

Espionage 2.8.12 Released!

Espionage 2.8.12 brings two important announcements:

  • NOTE: With Lion approaching, this will likely be the last release to support Mac OS 10.5 Leopard
  • CHANGED: Removed ability to backup unlocked folders for integrity reasons (you can force it on an unlocked folder by holding the Option key when clicking on Espionage in the menubar)
  • FIXED: “Folder is being backed up, please wait…” notification appearing inappropriately
  • FIXED: “Backups Successful” notification appearing inappropriately
  • FIXED: Update issue on Leopard
  • IMPROVED: Updated documentation on corrupt database error

Two Important Announcements

Leopard support is going away

Apple is moving quickly and the changes that they have been adding to Lion are making it difficult to continue support Leopard. We want to make sure though that our customers have plenty of time to update to the latest and greatest operating system from Apple, which is why we make it a point to support the current OS and the previous OS. With the release of 2.8.11, we managed to release a version of Espionage that supports all three operating systems, but it was not easy. We would like to take advantage of some of the great new features coming in Lion, so, with Lion expected next month, this will likely to be the last version of Espionage to support Leopard.

Unlocked folders will no longer automatically backup

Removing a feature, especially a feature that is probably used by many, definitely requires justification, and so, here is why we are doing this:

Espionage’s backups uses a program called rsync to quickly backup only the changed items of an encrypted folder. It came to our attention recently that there was a small but nonetheless real possibility that a corrupt backup could be made if a folder was being backed up while its contents were being modified. Because rsync is not designed to handle this situation properly, we have temporarily disabled this feature to avoid the risk of creating corrupt backups.

HOWEVER! We have not completely disabled it. :-D

Because the ability to backup folders while they’re unlocked is so useful, we’ve made it possible to do so via a little hidden shortcut until we can properly and safely handle the unlocked-folder backup situation ourselves:

  1. Hold down the Option key and then click on the Espionage icon in the menu bar.
  2. As you hover over the unlocked folders, you should see the “Backup Now” menu item appear on them.

You can then click on “Backup Now”, but only if you’re certain that the folder is not being accessed by any program, and make sure to not do anything with the folder until the backup is finished.

Enjoy! :-D