16
Espionage 3 / Re: Unlocking large folders in 3.6.1
« on: October 05, 2014, 10:34:48 PM »
I've created an issue for this in our internal issue system and assigned it a high priority (for next release).
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Personally I find it easier to copy the text from the web page source, paste it into an editor, select it all and use the OpenPGP: Verify service from the app menu. The use of services instead of the command line seems to be more consistent with the techniques encouraged in the gpgtools kb articles and I suspect a large proportion of your intended user community would find it easier too.
By way of a bit of constructive feedback, I think an FAQ explaining how to "verify the signature of this watch zone" would be very helpful to newbies like me. Especially if the answer to the question explains why verifying the signature should enhance one's trust in what is written.
I make this point because it is the first time I've ever tried to verify a PGP signature and was lead into the exercise by the text on your page. Instead of begin reassured as intended, I ended up confused and, bizarre at it might seem to you, I'm still not sure why I should now attach any increased level of belief to what is written there. Particularly when the words "undefined trust" come up in the results of the verification.
(Incidentally, the page source link doesn't "work" on my standard installation of Safari 7.0.6. I get a dialog with the error: "There is no application set to open the URL view-source:https://www.espionageapp.com/".) I don't know if there is a way to overcome that or not.
Anyway, keep up the good work. I really appreciate the effort you are making to simplify encryption for us.
Forgive me if this question seems dumb but please would you explain how to use GPG Tools to verify the signed message in the page source from Safari?
I've tried copying and pasting it to a text file but receive a verification error when I try to use the OpenPGP: Validate service.
I think this is a very important point. I know Greg acknowledged it but I'd like to explore it a little more. Before its mysterious demise, I used TrueCrypt. When creating a hidden volume with it, there is zero trace on my computer of this hidden volume or its contents. It seems irrelevant to me to allow the creation of multiple folder sets if the a sparsebundle of the encrypted contents of these folders is located in plain site on my computer for all to see. That's not plausible deniability. In fact quite the opposite, there's zero deniability to the existence of encrypted contents in my Espionage folders. Or am I missing a trick?
hdiutil detach /path/to/your/encrypted/folder
Greg
Well, I've made some progress. The problem was caused by DrivePulse, a feature of Drive Genius 3, which constantly monitors the drive for problems. Turning this off allows my Mail folder to lock. Turning it back on blocks locking.
Folder actions are still not working properly, either to unlock or lock. I have to manually quit Mail before it will lock. If I try to lock with Mail running I get a Critical Alert.
Once Mail is locked I have to separately lock the com.apple.mail folder. The problem on unlocking is as I've previously described (a manual click on the "i" is needed.)
One question: I see that Library>Containers also contains a folder called "com.apple.MailServiceAgent". Is there any need to encrypt this?
Thanks for all your help!