Forums temporarily locked down! Please read!

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - greg

Pages: 1 [2] 3 4 ... 47
Espionage 3 / Re: Unlocking large folders in 3.6.1
« on: October 05, 2014, 10:34:48 PM »
I've created an issue for this in our internal issue system and assigned it a high priority (for next release).

Espionage 3 / Re: Decrypt folders is not longer possible
« on: October 01, 2014, 10:50:06 PM »
Updated post above with a link to:

Note that's a very old video and the Console app has changed a bit since then.

Espionage 3 / Re: Decrypt folders is not longer possible
« on: October 01, 2014, 09:45:26 PM »
What OS are you folks using? We need as much info as you can provide:

1. System log messages (open the Console app, and repeat what you did, then search for "Espionage" and copy/paste the stuff you see here)
2. OS details (10.7, 10.9, 10.10??)

Espionage 3 / Re: Encrypted folders on desktop
« on: September 21, 2014, 12:27:20 AM »
FYI: Fixing this issue is getting bumped till after 3.6.1 as we're prioritizing releasing 3.6.1 for 10.10 compat.

Espionage 3 / Re: Backdoor for Secret Agencies
« on: September 17, 2014, 06:10:40 PM »
Personally I find it easier to copy the text from the web page source, paste it into an editor, select it all and use the OpenPGP: Verify service from the app menu.  The use of services instead of the command line seems to be more consistent with the techniques encouraged in the gpgtools kb articles and I suspect a large proportion of your intended user community would find it easier too.

You should be able to just verify directly in the source (using the Service menu), but it might depend on whether the browser messes with the formatting or not.

By way of a bit of constructive feedback, I think an FAQ explaining how to "verify the signature of this watch zone" would be very helpful to newbies like me.  Especially if the answer to the question explains why verifying the signature should enhance one's trust in what is written.

I'll be honest: while that's a great suggestion, it is low on our priority list. If we had resources to spare, it would be done, but we are focusing right now, among other things, to make sure E3 doesn't break when Yosemite is released. :P

This situation, remember, was also my fault. You would have likely successfully verified the signature the first time around had I not made my silly Find/Replace-All mistake. We are counting on a small fraction of our users who are savvy enough to use GPG properly to verify it.

I make this point because it is the first time I've ever tried to verify a PGP signature and was lead into the exercise by the text on your page.  Instead of begin reassured as intended, I ended up confused and, bizarre at it might seem to you, I'm still not sure why I should now attach any increased level of belief to what is written there.  Particularly when the words "undefined trust" come up in the results of the verification.

Ah, yes, that is GPG-insanity right there. That whole concept is putrid IMO and confuses even GPG veterans (why I am working on an alternative, where you get a black & white answer: "Yes this is authenticated", or "You're being hacked").

(Incidentally, the page source link doesn't "work" on my standard installation of Safari 7.0.6.  I get a dialog with the error: "There is no application set to open the URL view-source:".)  I don't know if there is a way to overcome that or not.

Use Firefox! :D

Anyway, keep up the good work.  I really appreciate the effort you are making to simplify encryption for us.

Thank you!! :D

Espionage 3 / Re: Backdoor for Secret Agencies
« on: September 17, 2014, 01:14:08 AM »
OK, Mr. gpgtoolsnewbie, problem should be fixed. I accidentally broke the signature doing a search/replace of the entire document (doh!).

Note that in the latest GPGTools nightlies it still fails to verify the signature for some reason (I've opened up an issue about this with their team), but I think GPGTools 2.1 (the current release) should verify it (let me know if it doesn't). You can also manually copy and paste that text (including the "ASCII guards"—the dashed parts that surround it) into a plain text file, save it, and run gpg -v on it, it should show it as a valid signature (e.g.: gpg -v path/to/textfile.txt).

Thank you for bringing this to our attention!  :)

Espionage 3 / Re: Extending plausible deniability to other volumes
« on: September 15, 2014, 07:51:53 PM »
It should also be noted that Espionage's PD in the Data folder actually extends somewhat to the external volumes already, without any action required from users. The reason is that if, say, the data is on a laptop, and only your laptop is stolen, the "real" data on your external drives might not even be known to exist (to whoever stole your laptops). So it's important to have decoy Folder Sets set up, and to encrypt some semi-incriminating data locally.

Espionage 3 / Re: Extending plausible deniability to other volumes
« on: September 15, 2014, 07:32:46 PM »
Hmm. Yes, that is an interesting use case. Keep in mind that this would require some additional plausible deniability (PD) logic fenangaling on the part of the user:

  • The difference between the Data folder PD and the PD you're describing is that Espionage takes care of creating fake data for *everyone* for the Data folder.
  • Therefore, it would be known that unlike every other Espionage user, you chose to manually run the assistant to generate fake data on the external drive.
  • Therefore, it would be likely (depending on how you set things up) that on that drive you have one "real" disk image, one or more decoys that you manually created to show off, and one or more fake disk images that Espionage created.

That is still *much* better than having just one disk image on that drive. Also, you don't have to do it that way. You could, for example, create fake disk images on *all* of your external drives, increasing your PD even more.

To be honest, implementing this feature request is fairly low on our priority list, as I'm guessing it's not something most users will find themselves wanting to do.

For now, however, what you can do is quit Espionage and rename the com.taoeffect.Espionage3 folder to something else (*don't delete it or you will lose your data!*). The next time you start Espionage it will re-run the PD assistant and will create a new "fresh" (but randomly timestamped) batch of fake disk images for you in the Data folder. You can move these to your external drive as you desire. After you're done, quit Espionage and restore the original com.taoeffect.Espionage3 folder, making sure to place it where it was in ~/Library/Application Support.

Finally, make sure to create at least one decoy Folder Set and encrypt some semi-incriminating folders on your external drive (make of that what you will ;)). If the folders that you drag into Espionage are located on that external drive, it will ask you to choose where to save the disk image, so you can place it next to the fake disk images.

Hope that's helpful! Let us know if you have any other questions!

Espionage 3 / Re: Backdoor for Secret Agencies
« on: September 15, 2014, 05:49:40 AM »
Forgive me if this question seems dumb but please would you explain how to use GPG Tools to verify the signed message in the page source from Safari? 

I've tried copying and pasting it to a text file but receive a verification error when I try to use the OpenPGP: Validate service.

Hmm, you are right, this is odd, I might need to speak with the GPGTools team about this, as it's not verifying on my end either now (it seems it was signed with a key that is a subkey of A884B988, but why it fails to verify even on *my* machine, even after re-signing, I do not fully understand).

Don't panic though: as of September 14, 2014 10:48PM PDT, we still haven't received a NSL letter or anything of the sort.

If this problem isn't fixed within two weeks of this message posting, consider that a sign that the FBI *has* been here (or I got hit by a bus).

Espionage 3 / Re: Mail refusing to Lock
« on: September 09, 2014, 07:05:23 PM »
What happens if you try to manually eject the folder? You can do this by choosing Go to Folder... from the Finder's Go menu, and pasting in: ~/Library

In there you should see a folder called Mail. Try right-clicking on it and choosing Eject, let us know what happens.

Espionage 3 / Re: Encrypted folders on desktop
« on: September 01, 2014, 09:06:09 PM »
We introduced a fix for a related problem in 3.6 that is causing this. It can happen depending on your finder settings:

For now, try playing around with those setting until you get it how you like it. We'll work on addressing this situation on our end too (for a future update).

Espionage 3 / Re: Folder Sets and Plausible Deniability
« on: August 13, 2014, 04:41:42 PM »
I think this is a very important point. I know Greg acknowledged it but I'd like to explore it a little more. Before its mysterious demise, I used TrueCrypt. When creating a hidden volume with it, there is zero trace on my computer of this hidden volume or its contents. It seems irrelevant to me to allow the creation of multiple folder sets if the a sparsebundle of the encrypted contents of these folders is located in plain site on my computer for all to see. That's not plausible deniability. In fact quite the opposite, there's zero deniability to the existence of encrypted contents in my Espionage folders. Or am I missing a trick?

It sounds like there's misunderstanding going on.

You have very strong Plausible Deniability with Espionage: better than the PD you get from TrueCrypt.

Espionage 3 / Re: Synchronize via Owncloud Client with a web server
« on: August 09, 2014, 10:41:16 PM »
Ishan: right now you can accomplish half of what you want.

Have your script simply run this command:

Code: [Select]
hdiutil detach /path/to/your/encrypted/folder
This way you can ensure the folder is locked before doing the sync. For now, you'll need to manually unlock it again.

This type of automation stuff is on our TODO list though. :)

Espionage 3 / Re: Mail refusing to Lock
« on: July 27, 2014, 12:51:45 AM »
You can email them to If you need to encrypt your email with GPG, our public key is

Espionage 3 / Re: Mail refusing to Lock
« on: July 26, 2014, 10:05:37 PM »

Well, I've made some progress. The problem was caused by DrivePulse, a feature of Drive Genius 3, which constantly monitors the drive for problems. Turning this off allows my Mail folder to lock. Turning it back on blocks locking.

Awesome! Congrats on figuring that out, and actually this is a known issue, I should have remembered to ask. I just created an issue right now to auto-detect Drive Genius and warn users about this conflict so that hopefully this won't happen again.

Folder actions are still not working properly, either to unlock or lock.  I have to manually quit Mail before it will lock. If I try to lock with Mail running I get a Critical Alert.

What does it say? Could you post more logs that contain that error?

Once Mail is locked I have to separately lock the folder.  The problem on unlocking is as I've previously described (a manual click on the "i" is needed.)

Yes, this we'll have fixed in the next release, please allow us some time though as one of our core devs is on vacation and won't be back until after August 3rd. We'll try to fix this before then but I can't guarantee we'll be able to.

One question: I see that Library>Containers also contains a folder called "".  Is there any need to encrypt this?

Thanks for all your help!

It doesn't seem to contain anything of value on my end, but verify for yourself. Check folders that don't have the little arrow in their icon (those are aliases that point to the real location of the folder so they can be skipped).

Pages: 1 [2] 3 4 ... 47