The point of Espionage Auto-lock ?

[illusion578]

Hi & Thanks for the App.

Was wondering as the only user and alone in my house, how important the app's auto-lock(not the folders) would be?

Thanks.

[zsolt]

Unless you have a hidden personality, I guess there is no need for that :-)
Espionage will protect the data in case the Mac is stolen, and for the rest you will be just fine.

Let me know if you have any further questions.

Rgds
Zsolt

[illusion578]

Hi Zsolt thanks for the reply.

I guess my question is that if a hacker(or spyware, etc...) gets remote access to a system while the Espionage app itself is unlocked (not the individual folders), could they somehow get access to unlocked folders's data?

[zsolt]

Hello, then it is a different story. There are two kind of accesses I can think off, one is a graphical access, where the attacker can see your screen and control the mouse (I'm not sure if that is possible, unless attacker first switches on the screen sharing/back to my mac option), and the other is command line access. The later is more likely and common (although Macs are usually quite safe, afaik).

If Espionage application is unlocked, attacker can unlock single folders, but only if he can control the graphical elements of your screen, because, considering Espionage does not support scripting or command line, he has to unlock the folder using Espionage GUI.

However, if a folder is unlocked, then the things are much simpler, the unlocked folders are mounted same way as for example an USB stick or external drive would mount. So simply listing mounted volumes using command line, he would be able to access the protected folder and copy the data out of it. This, of course, implies that he knows that you are using espionage and is making a targeted attack to get a data out of a protected folder.

The simplest way of protection I can think off, is to disconnect from the internet as long as you have some folder unlocked.
But of course, general security precautions like enabling firewall, switching off services you do not use, not opening suspicious mail attachments etc, will help too.

Rgds
Zsolt

[illusion578]

Interesting. If a hacker uses Espionage GUI (which is unlocked), that implies the user would actually see the locked folder being unlocked by hacker, correct?

[zsolt]

Yes, you should see his actions on the screen, but probably he would be waiting for an idle time.
But I think we are going to far here.
I can imagine something like happening only through some remote desktop applications which are running in the background, like screen sharing, or team viewer if setup that way.
If you switch those off, then I can hardly believe someone can access the gui. But of course, nothing is impossible.

[illusion578]

Thanks. As with taking it too far, I was thinking the same and then you read today's news that NSA has penetrated the firmware of 12 HDD brands with un-removable malware ... with this digital age, as you say apparently nothing is impossible anymore.

[zsolt]

And this is why you need Espionage :-)