Tao Effect Forums

Espionage => Espionage 2 => Topic started by: cicakchanson on April 09, 2011, 05:31:06 AM

Title: A suggestion, A possibility
Post by: cicakchanson on April 09, 2011, 05:31:06 AM
So, I really do like Espionage because its finally brought security to my system.  The only problem is I can never use it as intended.  For example, I never close Chrome.  I hate reloading it, finding all my pages again etc. (I've got about 10 tabs open as well)  Not to mention the unlocking of all the support files (through Espionage) makes loading any protected application a long and cumbersome process.  Consequently, Chrome (and other protected apps) are always open and I it really defeats the purpose of Espionage because if someone, somehow, gets past the initial pasword on my screen saver (not hard) I'm screwed.  

My thought to improve Espionage would be this...  I oftentimes hide or minimize windows when I'm not using them.  Later, when I want to access the same windows again I simply un-hide or un-minimize.  What if espionage had an option to assign a hotkey (or a series of them) to un-minimize or unhide an application? Try to un-minimize or unhide without the hotkey(s) enough times and the application quits and falls under the full protection of Espionage.

Regardless of whether or not you like this idea I don't think I'm alone in the way I use my computer.  People really don't want to quit applications every single time we leave them only to have to relaunch them 2 min later.   Why not implement this idea or another like it so that Espionage stays relevant to how people use their machines?
Title: Re: A suggestion, A possibility
Post by: greg on April 09, 2011, 06:07:40 PM
Hey cicakchanson,

Thanks for your suggestion!  :)

For now, we're focusing on features that are primary to Espionage's function of encrypting folders and backing them up, and improving Espionage's existing functionality.

I wonder, what is the reason you say that you have to quit the app each time you leave your computer? The screensaver password really should be enough to protect your files if they're encrypted with Espionage. With Espionage, your files are encrypted on the disk the entire time, even when the folder is unlocked. When a folder is unlocked, all that happens is a virtual "portal" is created to your files, and the second your shutdown your computer, or your log out of your user account, or it loses power, that "portal" disappears and your files are safe. So, while it's true that if someone can get past your screensaver password they'll be able to access your unlocked folders, it shouldn't be a very likely scenario, just make sure your user account password is a strong one.

You can also control whether Espionage will lock a folder when its application quits (click the "Edit Application Associations" button in Espionage to disable the "Lock On Quit" for all folders associated with that app). This is useful if you frequently open and quit an app and don't want to have to enter your password each time you run it again. As mentioned, this does not mean though that the folder won't be locked if you restart or log out.
Title: Re: A suggestion, A possibility
Post by: cicakchanson on April 10, 2011, 12:55:39 AM
Hi Greg,

Thanks for the reply.  I think I might be using incorrect terminology on occasion in my previous message so perhaps I can illustrate what I mean with an example.  So here goes...

I leave loads of applications running (MAIL, MS WORD, CHROME...) on my computer all of the time.  Some of these Apps are protected through Espionage.  My fear has been (and my reason for buying Espionage) that someone would take my computer or I might stupidly loose it etc...  Anyhow, whomever finds it/takes it would only have to make it past the screensaver password in order to have access to my applications (CHROME, MAIL) because they could still be open and running (Since I do not shut my apps down).  From there a person could simply look into my browser history to access sites that have my passwords automatically entered in by the browser or start sending email from my accounts etc....  From that point on the whole scenario spirals into some horrible possibilities.  

I understand that the folders are still encrypted even when the application is open but if you leave the portal open constantly (by leaving protected applications running) the encryption wouldn't matter.  Perhaps I'm being paranoid but I've always felt that it isn't enough to have only my screensaver password standing in the way of someone getting to my running applications. I also understand that upon shutdown/restart of my computer, someone would have to enter in my Espionage passwords for my protected folders but my fear is that someone could gain access to my desktop without shutting the computer down or restarting.  

I thank you for your suggestion about making it so the protected apps don't need a password to be opened but I, again, feel that having that password step before opening each of my apps is one of the major benefits of Espionage.  I just think that if there was some way of getting apps to quit (thus requiring the entry of a password upon relaunch) without inhibiting the way the computer is used through something like a hotkey combination that must be pushed upon un-minimization/unhide, then it would close something of a security loophole since anyone trying to un-minimize/unhide an app window who isn't me would be frustrated in their attempts.  Couple that with a feature that shuts apps down when the hotkey isn't pressed (after a few chances to get it right) and I think that Espionage makes itself more functional as a security program. Again, you might disagree and feel that the screen saver password is enough.  Regardless, thanks for communicating with me and helping to make the mac more secure through Espionage.
Title: Re: A suggestion, A possibility
Post by: marty on April 11, 2011, 12:19:12 PM
Your points are understandable, yet OS X doesn't provide a universal way to "nicely" ask for an application to quickly quit (certainly not without the possibility of prompts about saving unsaved documents, etc.). Until the application and anything else using the files encrypted by Espionage have closed all the files in a given protected folder, the folder cannot go into it's stable-state locked condition. Perhaps if someday OS X provides for that, we can reexamine how Espionage behaves in the situation you're describing.

One other key point to make: physical access to your computer gives the 'bad guys' so much power. That's why we're saying that if you use the screen saver requiring your password as a line of defense that your OS X account password needs to be a good one... keep them out to the point of them giving up. At some point they'll reboot the system to look for an easier way to find stuff of interest and there they'll find nothing but the encrypted and locked folders that Espionage setup for you.

--
Best regards,
Marty
Tao Effect Support

For news, follow @esponageapp!
http://twitter.com/espionageapp (http://twitter.com/espionageapp)