C-Command Software Forum

Saving and Encrypting Specifics

Just wondering, when exactly does EagleFiler actually save a record? For example, if I edit an existing RTF record, does it save it when I go to view a different record, or if I quit EagleFiler without going to a different record, does it save it at that point? I haven’t been watching the Activity Monitor much, but is there some indexing going on after I update a record? Should I be careful about quiting EagleFiler too quickly, or will it warn me?

Another question regarding encrypted EagleFiler Libraries and when they are decrypted/encrupted. So far, I haven’t made an encrypted library more that a few records, and the decryption and especially the encryption seem instantaneous. When I open the Sparseimage file, it prompts me for the encryption password. If the encrypted library is large - perhaps a few hundred one-screen RTF records and maybe up to 2Gb, will it take awhile (as in “minutes”) for the entire library to be decrypted?

Then, when you open the the XXXX.eflibrary file in the mounted volume, I assume it opens at the same speed as any unencrypted library. Lets say you then add/modify records in the library and when you close the library (or quit EagleFiler), I assume that the library in the mounted volume is not encrypted yet. Does the “re-encryption” take place when you eject the mounted volume? If so, will this take some time for a library with a few hundred records and maybe up to 2Gb (as in minutes)? If so, are there issues with waiting to shut down, or if the library is on an attached external disk, ejecting that disk? All these questions stem from the appearance that this process is transparent and “instantaneous” (with my very small sample library).

One of the features of EagleFiler that sets it apart from some other apps is that you can encrypt the entire library instead of just one record at a time. I appreciate this capability, because I envision having one of my libraries with many RTF records that all would need to be encrypted.

Thanks for your observations.

It saves when you view a different record, or change windows, or switch to a different application, or quit. Basically, you don’t have to worry about it.

Shortly after saving, EagleFiler will update the index. If it saves as a result of your quitting the application, then it will skip the index update and do that the next time you open the library.

It doesn’t decrypt the whole library. The contents of the sparseimage are encrypted at the block level. It only encrypts or decrypts the data that’s actually read/written. This all happens in real-time. So there is no long delay to encrypt or decrypt the whole library (nor do you need temporary disk space or RAM to hold the whole decrypted library), but on the other hand each individual operation will take slightly longer because it’s doing the encryption on the fly.

No. The contents of the volume are always encrypted. There will never be unencrypted data on disk, even if you unplug your Mac in the middle of an operation.

No, it’s mostly transparent with today’s fast processors.

Yes, some key points about this, which might not be obvious:

  1. Encrypting the whole library works much better if you want to have index-based searching. If you encrypt at the file level, you either can’t index the encrypted records, or you have to expose the decrypted data inside the index, or you have to maintain an encrypted index for the encrypted files and an unencrypted index for the other files.
  2. If you encrypt at the file level, files generally start out unencrypted. Then when you tell the application to encrypt the file, an unencrypted version is probably still sitting on the drive.
  3. When encrypting at the library level, the names, tags, modification dates, and other metadata are also encrypted. So you don’t expose any information by letting people see which files exist.

Wow, there’s a lot going on behind the scene. I guess that’s a sign of a good application - things happening that I’m not aware of so I can concentrate on on using the features of the application.


Decryption / Encryption Process

I have a small encrypted library (in Tiger, 104 RTF records, about 800Kb of data and 33Mb for the desktop volume). When I authenticate and the desktop volume is created (in about one second by the diskimages-helper tool, not EagleFiler), it appears that all RTF files in the disk volume are immediately available, ie to be opened by TextEdit or something. I know that I shouldn’t be editing these files outside EagleFiler. Are all the files still encrypted in the disk volume and decryption occurs when I open one or more files in TextEdit?

Now I click on the xxxx.eflibrary and EagleFiler launches (it takes about 15 seconds or so, and that’s fine), and everything is visible in EagleFiler. Once the library is open, there is virtually no delay to view different records, so it’s easy to assume that they are all decrypted. Or, is each file decrypted into memory (not on the disk) on the fly as I move to it within EagleFiler?

Now, the amazing “save” process. There is no “save” menu in EagleFiler. So after I edit a file, EagleFiler automatically does a save, and must write the encrypted data back to the disk volume. But here’s where it seems counter-intuitive to me (dragging anything to the trash to save it seems wrong). I make my edit changes to a file in EagleFiler, and quickly quit EagleFiler and drag the disk volume to the trash. As I do this, EagleFiler encrypts my file edits, saves the encrypted file in the disk volume, recreates (or updates) the sparseimage file in a matter of a second or less. Is this correct?

On another note, I created an encrypted library, but have forgotten if I specified 1Gb or 2Gb. I assume that the specified maximum library size of an encrypted library is identified in the “Get Info” window of the desktop volume via the “Volume Capacity” size - right? I also suspect that the “Used” size in the same “Get Info” window is how large the library really is (including the overhead for encryption - 26Mb or more for my 1Gb library), and that the size of the xxxx.sparseimage disk image file (while about 33% smaller than the desktop volume) is not relevant in this calculation.

Are you prompted when the library grows near the specified maximum?

Thanks again for a marvelous product and superb support.

It’s fine to edit them outside of EagleFiler.

They’re always encrypted on disk. The decryption happens when the files are accessed.

They’re decrypted into memory on the fly. Modern Macs are pretty fast, so this usually isn’t noticeably slower than using an unencrypted library.

Dragging to the trash is one shortcut for using the Eject command. In fact, the trash icon changes to an Eject icon. In any case, this doesn’t save anything. The save had already occurred, and you’re merely putting away the encrypted volume (i.e. telling Mac OS X to forget the passphrase that you’d typed in).

Yes, all of the saving happens when you switch to another record or window, i.e. it’s generally already done before you tell EagleFiler to quit.

That’s correct, except that the overhead for encryption is really the size of the sparseimage file minus the “Used” size from Get Info. That is, getting info on the volume shows the actual size of your data, not counting overhead.

By the way, unless you need compatibility with Mac OS X 10.4, it’s much better to have EagleFiler create a sparsebundle instead of a sparseimage. Either way, the size of the disk image should closely track the “Used” size, rather than the maximum size.

No. Since there isn’t much overhead, the intent is that you should use a maximum capacity that’s larger than you expect to ever need.