What happens with the files after decryption/encryption?

[Poco]

Hi there,

I've been deciding which encryption software to use and I narrowed it down to Concealer vs Espionage 3.
Would you mind helping me out with a few doubts I have?

1. What happens with the files once they are decrypted and encrypted again? Do the decrypted files' bytes sit somewhere around the harddrive? Is it not possible to recover them after that?

2. Related: Will there be any option in the future not to trash the encrypted data? Right now the folder is automatically placed to the trash after the first encryption. But there is no more secure empty  in El Capitan, meaning I have to pull out the trash and use either terminal or some third party program to get rid of it. So it just adds extra work to send it to trash.

3. The backing up of the files and passwords is kind of confusing for me (see the Dropbox sync tutorial). That means that if I don't copy the password of the folder and I accidentally lose my Espionage install, my files are gone forever. Now as far as I could test Concealer this does not happen there. If I change the bundle's location in Concealer, I reinstall it, I can still just choose the bundle file and access it with my password. Is there any benefit in your solution?

Thanks and keep up the good work!

Frank

[zsolt]

Hello Frank,

When you encrypt a folder, the content of the folder is copied into an encrypted spares bundle disk image and the originals are moved to the trash (I guess you understood this judging from your third question). When you decrypt the folder, the files are copied out of the disk image into the original folder (which was used as the disk image mount point while the data was protected) and the disk image is deleted.

For the non trashing option, this is a valid input, I will suggest to implement this as an option, but to set the default behaviour to be same as now. But what would you suggest, if the data is not trashed, where would you put it? We cannot leave it in the folder as it would be very confusing seeing the same files with both locked and unlocked folder. In the case when the folder is locked you would see your original files and when unlocked, you would see the copy in the mounted disk image. So where to put them?

There is no need to backup the single password for each disk image. All you have to remember is the master password you unlock espionage with, this password decrypts the Espionage database which contains the disk image passwords and relation between the disk images and protected folders. This database is automatically backed up (copies are created). In case of any trouble with the database itself you can revert to an earlier version. So what you should backup is the database (and the database backups/copies) and the disk images. As by default both are located in your home folder's Library subfolder, if you backup your user folder (which you should do in general) your Espionage installation is safe.
We never used single password for all protected folders, but in Espionage 2 you were required to define a password for each protected folder and one for unlocking Espionage. We are all humans (mostly :-)) and tend to keep it simple, so users would usually use the same password for all. Even if not, the passwords would be simple and easy to remember (and guess). So in Espionage 3 we opted for software generated very strong disk image passwords, all protected with one user defined password, and when there is only one to remember, users "dare" to make it more complex, and that makes the whole setup more secure.

As you seem to be concerned with security and want to know more about Espionage let me add just that there are also folder sets, which allow for multiple master passwords, each unlocking Espionage with different folder set, this can, for example, be used in extreme situations when you are forced to unlock espionage, you can unlock the fake folder set. There is no technical possibility to determine if Espionage has multiple folder sets or not.

Furthermore, as mentioned above, you can place files into a locked folder, those will be visible only when the folder is locked, and temporarily disappear when you unlock the folder. Again, this can be used to place fake files into the protected folders and there is not technical way to determine if a folder is a Espionage mount point folder or not.

Finally, since Espionage 3.6, we create fake disk images during initial setup, so the number of sparse bundle disk images does not determine how many folders did you protect with Espionage as the 1:1 relation is broken.

I hope this answers your questions, feel free to ask more if you wish.

Thanks for your interest in Espionage,

Zsolt

[Poco]

Hello Zsolt,

Thank you for your fast and detailed response!

About the trash/secure delete issue: The option of "do not delete files/folders after encryption" would be great. Then just warn the user in the notification that the folder has been encrypted but not deleted; optionally with a tiny magnifying glass that would open the parent directory so he can decide what to do with it. The very best thing would be to include a file shredder and shred it right away. Hider 2 has this option, for example (you can choose 1 pass with zeros, 1 pass with random data, 3 passes...).

I think I didn't explain my 1st question clearly, so allow me to be more precise. What I meant was:
1. If I encrypt a folder, this folder is sent to trash... then I can decide what to do with it. An empty folder is created by Espionage at the same location, etc. (<-not important)
2. I can decrypt the folder and...

...the files are copied out of the disk image into the original folder (which was used as the disk image mount point while the data was protected) and the disk image is deleted.

And this is what I meant. The files are copied to the HDD after I decrypt them, to the 'original' location. Now what happens to those files when I encrypt/lock the folder again? Do you simply delete them from the HDD? They are gone from the original location but are not placed into the trash, so where are they? If deleted - are they securely deleted? Because if not... well, that would kind of defeat the purpose of encrypting them, would it not? They could be still rather easily recovered from the HDD sectors.

Thank you once again!

Frank

[zsolt]

Hi Frank, we are starting to go in circles, and this is the point where written communication starts to fall apart.
So if you wish, we can make a remote session and you can tell me and show me your concerns, but I will try one more time:

- I asked you: where do I put the files which I encrpyted if not in the trash. You say, "leave them where they are"...I cannot, as that folder will be used to show you the protected files when the folder is unlocked. So I must move them somewhere else and by doing that it is not very much different then moving them into the trash. Except that now you have to take them out from the trash to shred them, whereas with "your" approach I could shred the folder I put them in, right away. The question is: how many customers are going that far to shred the files manually if only a handful, then this would be a added complexity to all other users. So by far the best would be to implement a shredder in Espionage, or make the option not to trash the files configurable and disabled by default....

- for the second question, I cannot uderstand what is unclear. If you encrypt a folder, we create a disk image, copy the files into it, move the originals into trash. If you decrypt (not unlock, but decrypt) the folder, we copy the files back into original folder and trash the disk image. If you encrypt them again, we just repeat the process - we create a new disk image, copy the files into it and move those from the original folder into trash.....

Cheers
Zsolt

[Poco]

Hey Zsolt,

No worries, man, I don't think the remote session is necessary but I do appreciate your offer!

About File deletion: You wrote: So by far the best would be to implement a shredder in Espionage, or make the option not to trash the files configurable and disabled by default.... - that was exactly my point.

For the 2nd question: Sorry, I know nothing about bundles, mounting images and encryption... I see now, so if the folder is unlocked the files are not copied to the HDD, they are just "visible" in the same folder as they were originally in, but they are not copied, they still reside inside of the encrypted bundle, is that right?

Thank for your time, Zsolt, much appreciated! Take care!

[zsolt]

for the second question....yes, we copy the files only during encryption and decryption, in unlock/lock case, we mout/unmount the encrypted disk image and use the originally protected folder as mountpoint to show you the content of the mounted disk image. This is why it is empty when the folder is locked, because the volume is unmounted and there is nothing to show....

Let me just repeat that when the folder is locked i.e. volume unmounted, the mountpoint folder is just a regular empty folder, so you can put files in it and they will stay there happily...it is just that they will temporary disappear if you unlock the folder (and appear when you lock it)

Thanks again for your input,

Zsolt