How to keep your data safe with Espionage for Mac OS X

If someone stole my MacBook Air, the computer’s data should be fairly safe, due to my use of Apple’s FileVault 2 whole-disk encryption. But what if someone got access to my computer while I’m still logged in? Or what if someone got hold of my login password?

Certain data, like website passwords, are already encrypted via applications like Apple’s Keychain and AgileBits’s 1Password. But how can we secure non-encrypted documents like bank statements, contracts, etc.?

In the past, I considered using applications like Knox, which make it slightly less cumbersome to deal with encrypted disk images than dealing with them directly. But, unfortunately, Knox didn’t go far enough in the area of usability—it basically makes you deal with Finder-mounted volumes—to convince me to use it.

Recently, though, I discovered a product that did — and it’s called, Espionage.

How Espionage works

Espionage, which lives in your menubar and is activated with a keystroke, manages lists of folders you want protected.

Each list is associated with a password of your choosing. When Espionage is locked, the contents of your folders are encrypted. When you unlock Espionage—by entering one of your passwords—the contents of the folders in the list associated with the password you entered are unencrypted and become accessible.

By managing the encryption of folders where they reside in the file system, as opposed to Knox, which mounts encrypted volumes in the Finder, Espionage becomes infinitely more useful. And an interesting additional feature of Espionage—the ability to assign actions to the locking and unlocking of folders—makes it even more powerful.

Under the hood

Espionage actually stores the contents of your listed folders in individual, encrypted disk images outside of the source folders themselves.

When you unlock a folder, Espionage “mounts” the associated disk image at the folder’s source in the Finder—giving the impression that you’re simply working with a normal folder. When you then lock the folder, the encrypted disk image is closed, and the original folder is returned—either empty, or with any contents you’ve since added not to be encrypted. (This behavior has some interesting benefits discussed later.)

The individual, encrypted disk images are sparse bundles, which mean they actually consist of a large number of tiny little encrypted files—making them space-efficient and working well with backup utilities like Time Machine, as well as making Espionage suitable to work with applications like Dropbox.

The sparse bundles are named with hashes, so, if they were found, there’d be no way to associate any of them with particular folders. In addition, Espionage generates a highly-secure, unique, internal password for each image file, and maintains a mapping of those passwords to each list’s master password through “key derivation” technology called, scrypt.

Plausible deniability

One of the benefits of the way Espionage has been implemented is plausible deniability. Here’s two examples:

  1. Since Espionage manages any number of lists of folders, if you were required to give someone a password to unlock Espionage, you could provide the password that unlocks a benign list of folders that you’d setup just for such a situation. They would have know way of knowing or proving that you had additional passwords in use with Espionage, which unlocked additional lists of folders.
  2. Since Espionage stores your folder contents in encrypted images outside of your source folders, and if you, for example, chose to use Espionage to encrypt the contents of’s data folder(s), then if you launched without having unlocked that list of folders in Espionage, Mail would launch with a different setup—one that could, again, appear benign, without giving any indication that you’re real email is encrypted.

Other features

Espionage provide some additional features, such as the ability to disable spotlight indexing at the folder level, as well as overriding where it stores the folder’s associated encrypted sparse image.

All in all, it’s a thoughtful, powerful and well-designed app. I’ve been using it for a few days now, and am really impressed. I think you’ll like it too.

Agree? Disagree? What do you think?