Espionage 3.6.3 drops 10.7, 10.8, 10.9 + Sparklegate Fix

EDIT February 17, 2016: 3.6.4 and 3.6.5 release notes included here as there are only minor changes. We’re momentarily back from our break in cryptocurrency-research-land (where we’ve been advancing our goal of sustainably open-sourcing Espionage) to bring you the immediate release of Espionage 3.6.3! “But wait! This doesn’t seem like such an exciting release! What […]

Apologies! Sky Kinda Falling + Protecting Yourself From Sparklegate

This is a followup to yesterday’s post: Sky Not Falling: Sparklegate Not As Bad As It Could Be After trying and failing to reproduce Sparklegate, I arrived at the conclusion that Gatekeeper and Quarantine did in fact protect OS X users from the Remote Code Execution (RCE) attack. What I Missed Radek, the discoverer of […]

(UPDATED) Sky Not KINDA Falling: Sparklegate Not As Bad As It Could Be

UPDATE February 1, 2016: It turns out some users are vulnerable to this attack. Read this followup post! Sparklegate is the term I’ve coined for the recent discovery that, allegedly, every OS X machine out there is vulnerable to RCE (remote-code-execution) attacks because the widely used Sparkle framework, along with OS X’s standard WebView component, […]

2014 Apple iMessages security update

A few days ago I made the following tweet: Repeat after me: Apple iMessages IS NOT end-to-end encrypted. https://t.co/sh9due25VF cc @EFF — Greg Slepak (@taoeffect) November 6, 2014 I’d like to apologize for the wording of that, as it could have been written in a more accurate way. To help clear up any confusion, I spent the […]

Giving away commercial iSpy licenses

iSpy is the low-level tech that powered Espionage versions 1 and 2. It is unique, there are no competing technologies that can do what it does (to my knowledge): monitor and intercept file-system events based on arbitrary filters. It’s how Espionage 2 could display a password-prompt when a user double-clicked on a folder and “pause” […]

Pootle Tutorial: Guide for translators and developers

We’re working on localizing Espionage into many languages, so we installed Pootle, an excellent free and open source web-based localization platform that developers and translators can use for that purpose. To help our translators, I’ve put together what I hope if an easy-to-follow guide on how to use Pootle (partly because Pootle’s documentation on actually […]

Espionage 3.5.3 Released!

Version 3.5.3 addresses an important data leak introduced in 3.5.2, improves Mavericks compatibility, and adds other important bug fixes, please update right away! If you’d like to localize Espionage into your language, please contact us. SECURITY: Bug introduced in 3.5.2 that resulted in all folder paths of an unlocked Folder Set being logged to the […]

Phasing out support for Espionage 2 + Last chance to upgrade!

It has been almost five years since we announced Espionage to the world. Since then, we’ve gone through three major versions. I would like to sincerely thank all of our customers, and everyone who has supported our work in any way, whether it was by purchasing a license to Espionage, writing a review, or just […]

Espionage 3 — Source Code Available to Security Professionals

Oh boy, we’re really excited about this! Not only do we have an update for you today, but we’re super thrilled to announce that as of today, security professionals can obtain access to Espionage 3’s source code! 😀 I’ve wanted to do this for a while, but I never felt comfortable releasing the code for […]