Humans are basically blind


In searching for “what percent of the light spectrum can humans see” I found answers varying from 0% to a maximum of 2.3%, depending on your definition of “light spectrum,” whether you’re asking in terms of a linear scale or a logarithmic scale, and whether you’re using wavelength or frequency [1] [2].

Painfully slow frame rate

The problem doesn’t stop there, however. Searching for “frame rate of human eye” suggests and upper bound of 60 fps.

When someone drops a piece of gelatin, is this what you see?

Dark matter + Dark energy

The above image is a screenshot of the universe’s virtual machine as it existed approximately 13.7 billion years ago. From it, we learned that:

It also constrained the content of the present-day universe; 4.6% atoms, 23% dark matter and 72% dark energy.

That means that everything you learned in school about the world, and everything our scientific instruments can see, only deals with just 4.6% of the universe. And that’s just what our scientific instruments can directly see. Of that, we only see a fraction (0% to 2.3%) with the naked eye, and only at about 60 frames per second (when you’re really paying attention).

Conclusion: don’t make fun of schizophrenics

Perhaps they can simply see more of the universe than you can.

On Integrity, and why we are not joining Fight for the Future’s “Internet Defense League”

TLDR: Using deception to promote a noble cause undermines you and the cause.

Yesterday the organization “Fight for the Future” attempted to organize a “massive online protest” against the NSA’s constitutional transgressions. It seems like many people are upset at the deception surrounding the NSA and the companies who bend over backwards to service their various voyeuristic desires.

So then, does it not seem perhaps a tad hypocritical that Fight for the Future used various deceptive tactics of its own to fool and mislead the public about the size and nature of its “massive online protest”?


Here is a quote from a hype piece written by Tiffiniy Cheng, one of the organizers working with Fight to the Future, that ran on the Huffington Post the morning the protests were supposed to happen (some emphasis added):

To amplify the street protests, the Internet Defense League, which is the formidable network of websites that emerged victorious from the now-infamous SOPA blackout, has raised the “Cat Signal” — its warning beacon for the Internet. Thousands of websites, celebrities, and organizations will be posting the 4th Amendment on the web, including some of the biggest names on the web: WordPress (which serves up 18% of all websites), 4chan, Imgur, Reddit, Mozilla, Internet Association, Fark, TOR Project, Cheezburger, Namecheap, O’Reilly Media, MoveOn, Avaaz, Upworthy, ACLU, and EFF.

We liken today to the first protests that got us to the SOPA blackout and ultimately, the shelving of SOPA and PIPA; American Censorship Day took place 2 months before the blackout and was responsible for making SOPA a household term. It took a lot to defeat SOPA, but it was just one law.

Exciting! I remember participating in the SOPA blackout! Thousands of organizations, including heavy hitters like Wikipedia, succeeded in blocking the legislation by blacking out large portions of their site in protest. That was a spectacular moment of global unity that I, and many others, remember to this day.

Would this be something like that?

Cheng’s pieces seemed to suggest it would be, but with the twist that visitors would see the text of the 4th Amendment instead of a blacked out page. This CNET piece, prominently linked to from Fight for the Future’s campaign website, gave more details:

Reddit, Mozilla, EFF and more join July 4th anti-NSA protests

Rather than going black, like many sites did during the 2012 protests of Congress’ Stop Online Privacy Act, or SOPA, these sites will prominently display a Fourth Amendment banner. The banner will quote the text of the amendment, which says, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”

Additionally, site visitors will be asked to sign an online petition, e-mail Congress, or join street protests. A group called Restore the Fourth is organizing the street demonstrations in nearly 100 U.S. cities, including New York, Washington, D.C., and San Francisco.

Indeed, some websites listed on Fight for the Future’s campaign site displayed some sort of prominent banner to visitors in a show of solidarity with the campaign (e.g. 4chan).

Missing Participants

Although the campaign positioned itself as “the largest online protest since SOPA,” fully HALF of the “heavy hitters” did not modify their websites for the campaign. Among the non-participants, Reddit and Imgur apparently had an ad cycling through their adbox referencing the campaign, but that’s certainly not an indication of participation in the campaign as it was presented by Fight for the Future.

These were the heavy hitters listed as participating and endorsing the campaign on Fight for the Future’s website:


And this is who actually participated:


Fight for the Future may be forgiven for their pie-in-the-sky article on the HuffPo that promised the participation of organizations who ended up sitting on the sidelines. There may in fact have been agreements or implied (mis)understandings to that effect before the campaign started. However, as the day wore on, it should have become clear to them that half of their star participants weren’t participating, and therefore continuing to list them on the campaign site was the wrong thing to do.

I shot them an email requesting that they remove the non-participating sites, but they refused.

OK, but so what?

If you run an organization that purports to stand for a noble and “good” cause, then acting in a deceptive and manipulative way (read: “non-noble”) reeks of hypocrisy. It’s always in your best interest to behave with integrity. Any failure to do so will result in disillusionment, finger-pointing from the other side (or your own), and will undermine your ability to lead, because leadership demands respect. Few people respect you when you use deception to try to get them to join your group, or to take some action.

This disrespect and disillusionment weakens the organization and its cause. People stop taking it seriously, whether they support the cause or not.

It would’ve been better, I think, for FFTF to present their campaign honestly and with integrity.

In the end, it seems FFTF might have tried to redeem themselves a bit. In an email sent out to their mailing list at the end of the day, they refrained from mentioning Reddit, Mozilla, WordPress, or any of the other star non-participants:

FTFF campaign email

The campaign site, however, remains unchanged.

What impression will people who see this campaign walk away with? Some might be fooled, however others will focus on the missing “star participants,” and then turn away from the stench of a campaign full of manipulation and dishonesty that tries to hijack the reputation of other organizations to bolster its cause, instead of allowing the cause to stand on its own merit.

As much as I support this cause, I don’t want to associate Tao Effect with an organization that would mislead and lie to its own base. That’s why I took down their banner code from our websites, and why you won’t see any of the “Internet Defense League” badges on our site.

Espionage 3.5 — Introducing Folder Actions!

Big release today! We know you’ve all missed application associations, and while those have been deprecated, today’s release introduces Folder Actions to replace them!

This time, instead of giving you a description of the new features (in text), we’ve made a 720p screencast ! A picture is worth a thousand words. We hope you enjoy it! The summary of changes is:

  • NEW: Folder Actions! Make magic happen when you lock or unlock folders!
  • IMPROVED: UI transitions in folder details view
  • IMPROVED: Now uses Lion’s invisible scrollbar in the folder list
  • FIXED: Folders appearing as white disk images
  • FIXED: Custom folder icons not showing up
  • FIXED: Preferences shouldn’t be visible after autolock
  • FIXED: Focus ring issues when the modal panel is up
  • FIXED: Overwriting a folder set by changing password to an already used one
  • FIXED: Keyboard focus issues in the modal dialog.

Enjoy! 😀

Espionage 3.0.3 Released!

Version 3.0.3 brings some important bugfixes and Brazilian localization. If you’d like to localize Espionage into your language, please contact us.

  • NEW: Brazilian Portuguese Localization
  • FIXED: Error 9 when unlocking
  • FIXED: Changed method of starting at login to one that’s less likely to fail
  • FIXED: Changed method of disk mounting to one that’s less likely to fail

Version 3.0.2 brought these updates:

  • IMPROVED: Signed with Developer ID for Mountain Lion compatibility
  • FIXED: Crash in autounlock
  • FIXED: Spanish translation in english language

Enjoy! 😀

Espionage 3.0.1 Released!

  • NEW: Spanish Localization
  • IMPROVED: Don’t warn about visibility for folders inside folders on Desktop
  • IMPROVED: Ask for confirmation during setup assistant if user says “no” to launch at login
  • FIXED: Problem unlocking folders when master password is changed
  • FIXED: Allow encryption of folders inside Library
  • FIXED: Allow “Force remove from database…” when disk image is missing
  • FIXED: Allow passwords with non-ascii characters
  • FIXED: Problem unlocking folders when master password is changed

Note that it’s now possible to use Espionage to encrypt folders in ~/Library. Do this at your own risk and let me explain why: with Lion Apple introduced sandboxing which has caused a lot of headaches for many developers. It’s caused massive headaches for us, and was one of the changes that went into our decision to remove application associations. If you encrypt an application’s data with Espionage 3.0.1, there are some things to keep in mind:

  1. Applications might store their data in the ~/Library/Application Support folder, but then if the developer enables sandboxing the operating system will move their data to ~/Library/Containers. If you had their data previously encrypted, this transition may not go smoothly, and even if it does, you might not be aware of it and suddenly the data is now unencrypted in a different location.
  2. Because application associations are gone, you’ll need to unlock the application’s folder before using it. We’re considering our options as to what we can do here, whether it’s bring back application associations or something else, but don’t bet on it yet. The situation is hairy. In the meantime you can set the folder to auto-unlock when you login.

Mac App Store Failure

One of our goals for version 3, was to address a user-request to get Espionage into the Mac App Store (MAS). We thought we succeeded in this, but it looks like this was only a momentary success. Apple’s June 1st sandboxing deadline hit, and we thought we were safe because we were already in the store, but this turns out to be not true. Apple didn’t make this very clear, but they’re preventing non-sandboxed applications from receiving feature updates in the MAS. So all non-sandboxed apps in the MAS are essentially “dead in the store”.

We’re unable to sandbox Espionage because of a bug in Apple’s operating system (rdar://10419391), and we have a feeling they won’t fix this bug anytime soon. Since we’re not able to update Espionage in the MAS anymore, we’re going to have it removed from the store.

We’re asking users who purchased Espionage in the store to switch to the non-MAS version of Espionage, and to contact us using the following instructions so that we can send you a license to it. If you purchased Espionage in the MAS, please read these instructions before switching to the non-MAS version of Espionage.

How To: Switch to non-App Store version of Espionage 3

Step 1: Locate your copy of Espionage in the Applications folder and then right-click (control-click) on it, and choose Show Package Contents:

Step 2: Locate the receipt file in Contents > _MASReceipt > receipt. Copy this file to your Desktop (drag it while holding the Option key):

Step 3: Visit this link and enter your information. Click ‘Choose File’ (Safari) or ‘Browse’ (Firefox) and select the receipt file on your Desktop. Then click Submit. Your Espionage 3 license will be emailed to the address you provided, so make sure there are no typos.

Step 4: After you receive an email with your license, download Espionage 3 from its website, and replace your copy of Espionage with it. Then register it with the license you received. Don’t replace your copy of Espionage until you receive your license.

That’s it!

We apologize for the inconvenience that has been caused by this situation. On the bright side, we no longer have to wait for Apple’s approval to release updates to Espionage, and 3.0.1 will be released shortly.

Announcing Espionage 3 for the Mac App Store!

Today we’re announcing a brand new, completely rewritten and redesigned Espionage: Espionage 3. Espionage 3 is the result of the combined efforts of Tao Effect and cocoaWithChurros‘ Ernesto Garcia.

What’s New?

Simply put: simplicity and stronger security. We decided to do a complete rewrite of Espionage, focusing more on its user interface, improving its internal design, and making it more secure. We accomplished this by removing many of the decisions facing the user.

  • NEW: Rewritten from ground up
  • NEW: Redesigned user interface
  • NEW: Folder Sets for plausible deniability
  • NEW: Tools to manage diskimage/folder size/capacity
  • NEW: No longer uses OS X’s weak keychain to store passwords, uses Scrypt and AES-256 instead.
  • NEW: Auto-lock for folders and application interface.
  • NEW: Control over disk image location (allows Dropbox support). Disk images aren’t moved (better Time Machine support).
  • REMOVED: iSpy kernel extension and therefore the password prompt and application associations.

Its user interface (inspired by the wonderful Fantastical) is now a simple list onto which you can drag folders, easily accessible from the menubar:

Simple Design

Espionage no longer moves around the sparsebundles, and this has a couple nice sideffects, one of which is that Time Machine backups are no longer an issue. The other is that Espionage’d folders can now be synchronized with Dropbox.

Layers of Plausible Deniability

We’ve added multiple layers of plausible deniability to protect you if you’re ever forced to give up your master password. By allowing you the ability to have multiple master passwords through Folder Sets, you can now voluntarily give up only the password to the set of folders that you don’t care about, and Espionage 3 in no way makes it obvious that you have other folders encrypted.

Also, while folders are locked, they appear empty by default, but you can put irrelevant files into them! This means that when a folder is locked, whoever is using your computer will see one set of files when opening it, and when you unlock the folder, you’ll see the other, secret set of files.

We’ve also added the much-asked for feature of folder auto-lock!

Espionage 3 Uses Scrypt!

There is now only one password that you need to worry about: your master password. Your master password is used to encrypt each of the individual, high-quality, Espionage-generated passwords for each folder (which Espionage automatically uses to unlock each folder).

Espionage 2 stores these passwords in OS X’s keychain, which uses 3DES. That just doesn’t cut it for us. For Espionage 3, we searched for the best protection we could find and we found the SCRYPT key-derivation function. We put your master password through scrypt and encrypt each sparsebundle password using AES-256. As a key-derivation function, it is 2^8 times more expensive to attack than the industry standard PBKDF2 alone, and 2^5 times more expensive to attack than bcrypt.

What does this mean in practice? It means that even those who foolishly choose weak passwords for their master password will still benefit from the new security of Espionage 3. It will test the patience of someone running a dictionary-based attack even for simple passwords (that said, we recommend you keep your passwords strong).

Application Associations and the Password Prompt Are Gone

This may come as a sacrifice, but we decided to remove application associations and the password prompt from Espionage. This was a decision that wasn’t made lightly, but one that had to be made due to the complexity and technical problems that kept coming up with these features (especially with the release of OS X 10.71). On the positive side, this means that Espionage 3 no longer needs to install a kernel extension to work, and is also allowed on the Mac App Store. Also, now that Lion has been released, we feel that the new FileVault 2 is a great improvement over the previous version, adequate now to protect application data, and so we’re recommending users to use FileVault 2 in conjunction with Espionage 3.

If you still want to protect application data with Espionage 3, it is possible, just not as convenient as it was in the previous version (which you can use in conjunction with Espionage 32): locate the folder that has the application data in it and encrypt it with Espionage. Then make sure the folder is unlocked prior to running the application data. The easiest way to do this is to set the folder to autounlock when you login and leave it unlocked while you’re logged in. Note that, as with Espionage 2, you will run into problems if you use Lion’s application auto-start feature. If an application runs before it’s data is unlocked, it will act as if it’s running for the first time. This is just one reason we recommend using FileVault 2 to protect application data.

How to Upgrade

Espionage 3 and Espionage 2 are completely different programs, and Espionage 3 does not “auto-upgrade” from Espionage 2. Please do not overwrite your copy of Espionage 2 with Espionage 3. You can have both programs running on your computer at the same time by renaming your existing copy of Espionage to “Espionage 2”. To move your folders from Espionage 2 into Espionage 3, you’ll need to first remove them from Espionage 2 (decrypting them), and then add them to Espionage 3 to re-encrypt them.

Note: DO NOT UNINSTALL ESPIONAGE 2 if you have installed version 3 and have encrypted files with it. Please wait till we release v3.0.1 to do this.

Lifetime Users Will Receive an Email with their Espionage 3 License

We have a lot of these to send out, and to prevent our hosting provider from marking us as spammers, we have to send these out at timed intervals, but if you’re a lifetime license holder you should receive your license within 72 hours of this announcement. Please watch your inbox and check you spam folder if you haven’t received it by then. Also, if you’re a lifetime license holder, please do not buy the Mac App Store version but instead download Espionage from our site.

Espionage – Now more affordable! 🙂

Espionage 3 is now $9.99 during the launch week!

We are also lowering the price of Espionage 2! Espionage 2 is now just $9.99 as we focus development on its newest incarnation.

Thank You!

We’d like to sincerely thank our customers for their support over all these years!

Enjoy! 😀

1 For example, Lion introduced a feature where applications start automatically when you restart your computer. We could not figure out how to make Espionage 2 compatible with this feature. The sandboxing “feature” also presents many difficulties.
2 Running Espionage 2 and Espionage 3 together is possible. Espionage 2’s helper will run alongside Espionage 3. However, to run the main app you’ll need to temporarily quit Espionage 3 before launching Espionage 2.