Stopping notifications and prompts altogether...

Started by pmj, January 03, 2011, 08:31:00 AM

Previous topic - Next topic

pmj

Hi there, thanks for a wonderful program.

I have a question/suggestion.

Is there a way to stop the notifications that are issued when entering a folder which contains a locked folder. For example in my Downloads folder I have another folder which contains client sensitive information and is locked, lets call it "clients". When I click Downloads in the Finder, I get prompted by Espionage to unlock the folder, pressing Cancel, or letting the dialog time out, results in a notification saying Access was denied. I have the preferences in the Notifications page unchecked (both of them).

The problem is that I don't want to give a clue that there are locked folders in the Downloads folder. I think this is a major security exposure, because now someone snooping knows there is a locked folder and might start looking for it and try to hack into it. I think it would be much more secure if I had to manually unlock the folder without any prompts that give hints to the the fact that there is locked stuff in there. Someone trying to open a locked folder should just see and empty folder. Security by obscurity, always a good idea.

If I have missed something here, please let me know. If this feature is not yet available,please consider adding it to your already great product.

...Peter

greg

#1
Hi pmj,

Quote from: "pmj"... pressing Cancel, or letting the dialog time out, results in a notification saying Access was denied. I have the preferences in the Notifications page unchecked (both of them).

The problem is that I don't want to give a clue that there are locked folders in the Downloads folder.

To get that notification you had to have double-clicked on the folder in the first place, which brought up the password prompt, which is already an indication the folder is locked, so therefore nothing would be achieved by getting rid of that notification (other than, in our opinion, a worse UI).

QuoteI think this is a major security exposure, because now someone snooping knows there is a locked folder and might start looking for it and try to hack into it. I think it would be much more secure if I had to manually unlock the folder without any prompts that give hints to the the fact that there is locked stuff in there. Someone trying to open a locked folder should just see and empty folder. Security by obscurity, always a good idea.

I'm hoping that last part is a joke, as most security professionals will tell you that relying on security through obscurity is asking for trouble. The point of encryption is to make sure the folders aren't hackable. As an example, other programs encrypt entire hard disks, and there it's blatantly obvious (even more so than with Espionage) that the contents of the data is encrypted, yet governments and businesses use this approach just as well. Relying on "security through obscurity" won't get you very far, but good encryption will.
Follow @espionageapp@twitter.com or @espionage@mstdn.io for news and updates!

greg

#2
I should add though, that it is possible to disable all notifications (although we strongly recommend against doing so), and that is by telling Espionage to use Growl in the notification preferences, and then customizing the Growl notifications for Espionage in the Growl System Preferences.
Follow @espionageapp@twitter.com or @espionage@mstdn.io for news and updates!

pmj

#3
Wow, I posted a reply to you and it hasn't showed up. Hope it didn't get lost. I'll wait a little longer and if it doesn't show up I'll post again.

This is in response to the Growl suggestion. I have done that and configuring Growl to disable notifications from Espionage works. But just disabling notification from the Espionage preferences does not.

Thanks Greg.

greg

#4
Quote from: "pmj"Wow, I posted a reply to you and it hasn't showed up. Hope it didn't get lost. I'll wait a little longer and if it doesn't show up I'll post again.

It probably did not get posted is my guess.

QuoteThis is in response to the Growl suggestion. I have done that and configuring Growl to disable notifications from Espionage works. But just disabling notification from the Espionage preferences does not.

Espionage has three kinds of notifications (if you click on the little question mark button in the Notification preferences it will bring up the doc that explains this in detail), and the checkbox in the preferences is only for disabling the general, "info" notifications.
Follow @espionageapp@twitter.com or @espionage@mstdn.io for news and updates!

pmj

#5
OK, here I go again...

In my case I do not have to double click on the locked folder to get prompted for the password. In my case, all I have to do is click on the parent folder. For example my clients folder is inside the Downloads folder. In Finder, just going from the Applications folder to the Downloads folder causes the prompt to unlock to show up. I think you were saying in your previous post that this not the expected behaviour and that I should only get prompted to unlock when double clicking the clients folder. I would be happy to send you a screen cam capture if you wish to see what I see.

Regarding the Security through obscurity comment... I agree that it should not be used as the sole security method, that would be just silly. My locked folders are not encrypted, just locked. So, when going to the parent folder, I do not think I should be asked to unlock. If I'm a snooper that is just a challenge to find out what folder  out there is locked and what it contains. Even clicking the twisty should not prompt me, in my opinion, to unlock. I think It should be a more deliberate action that causes the prompt to appear, like double clicking, or accessing the Services menu. Clicking a locked folder should just an empty folder.

Thanks for listening.

...Peter

greg

#6
Quote from: "pmj"So, when going to the parent folder, I do not think I should be asked to unlock.

Ah, I see, this is a different situation, and indeed, you shouldn't be prompted in this case. Espionage's troubleshooting documentation goes into some depth on what to check to prevent this from happening.

QuoteEven clicking the twisty should not prompt me, in my opinion, to unlock. I think It should be a more deliberate action that causes the prompt to appear, like double clicking, or accessing the Services menu. Clicking a locked folder should just an empty folder.

If you're referring to the disclosure triangle in list view, then clicking on that will bring up the prompt and that is expected behavior, because it is equivalent to a double-click (except in list view). You are asking to list the contents of the folder by doing so, and that triggers the password prompt.
Follow @espionageapp@twitter.com or @espionage@mstdn.io for news and updates!

pmj

#7
QuoteAh, I see, this is a different situation, and indeed, you shouldn't be prompted in this case. Espionage's troubleshooting documentation goes into some depth on what to check to prevent this from happening.

OK, my "disclosure triangles" were pointing down. That did it.

Thanks for your help Greg.

...Peter

greg

#8
No problem!  :)
Follow @espionageapp@twitter.com or @espionage@mstdn.io for news and updates!