This article originally appeared in TidBITS on 2014-05-08 at 8:29 a.m.
The permanent URL for this article is: http://tidbits.com/article/14740
Include images: Off

Hider 2 Promises File Privacy for the Masses

by Nick Mediati

When it comes to encrypting files on OS X to keep them safe from prying eyes, you have a couple of built-in options. You could use FileVault 2, but that’s more to protect your data in case of theft, since it unlocks the data as soon as you log in. What if you want to keep some files private from a spouse, roommate, or child whom you allow to use your Mac and account?

The historical solution is to create an encrypted disk image and store the files on it so only those with the password can mount the disk image and read the files, but that gets messy. While the process itself isn’t too difficult, it’s not something I’d expect my non-tech-savvy mother to master. After all, the concept of a disk image isn’t entirely obvious. (“Let me get this straight, dear. It looks and acts like a disk… but it isn’t a disk?”) Besides, you’ll probably end up with a collection of encrypted disk images scattered haphazardly around your disk.

MacPaw’s Hider 2 [1] ($19.99) takes a different approach. Instead of relying on an encrypted disk image, it stores all your encrypted files in an encrypted “vault,” and lets you organize and group them within the vault as you please. The vault is a hidden folder containing encrypted files; “hiding” a file with Hider essentially copies it to the vault and securely deletes the file from its original location.

[Editor’s Note: As of Hider 2.0.3, the delete is only a single-pass deletion, as discussed in the comments. MacPaw plans to add a more sophisticated approach to preventing data retrieval in a future update. We apologize for any confusion. -Adam]

Hider is best thought of as a fireproof safe for your important files and information — complete with a safe-themed login screen. The combination lock wheel even rotates as you enter your Hider password, as though you were trying to unlock a physical safe. Although over-the-top skeuomorphism can get in the way, this little touch doesn’t detract from Hider’s usability. It isn’t particularly functional, but it gives you a clear sense of the app’s purpose, and makes Hider more approachable. It sends the message, “Hey, you can trust me with your important stuff,” and it is, dare I say, kind of fun.

[image link] [2]

Your password should be strong and memorable, and although you can back it up in Mac OS X’s keychain, anyone who knows your keychain password (which is usually your login password) will then have full access to your Hider vault.

The main Hider window uses a familiar two-column view with a source list along the left and the main content pane — which lists your files — to the right.

[image link] [3]

In the source list, click the + button to create groups that contain files. The groups are more like Finder folders than iTunes playlists in that a file can exist in only one group.

MacPaw says this was a conscious design decision and that the company sees it as a more convenient approach to file management, but I’d like to see the app give you the option of using the more flexible playlist-like organization mechanism in a future version.

Adding a file to your encrypted Hider vault is as simple as dragging it into the Hider window, although Hider is over-sensitive about whether documents may still be open — every time you hide a file that you have previously opened and whose app is running, you’re prompted to verify that the document is not currently open. Although you can disable these warnings, Hider should be smarter about identifying open documents. You can also click the + button in the lower left corner of the vault pane to choose files from a dialog.

When you hide a file or folder, Hider copies it to your vault then encrypts it using the AES-256 encryption standard [4], and then securely erases the original on the drive so no one can recover it later. When you make the file or folder visible again, Hider decrypts it and copies it back to its original location.

MacPaw says that Hider always maintains one instance of every file — either encrypted or decrypted — at all times so there’s no worry about data being lost in transit. As the saying about putting all your eggs in one basket goes, don’t worry, since you can back up Hider’s vault. Just be careful to back up your user account’s Library folder. The vault itself is located in a hidden folder deep within ~/Library/Containers/com.macpaw.Hider2.

When you try to hide a file or folder from an external drive, Hider alerts you that it must create a vault on that drive and asks you to grant access. Additional vaults appear in Hider’s sidebar, but only when the associated drive is mounted. It would be better if those files remained visible within Hider’s interface and Hider attempted to mount the external drive, prompting you to attach if it necessary. Vaults on external drives aren’t hidden away as they are on your main drive; they’re just normal packages at the top level of the drive.

[image link] [5]

Although Hider’s vault displays a list of your hidden files, you can’t open a file from within Hider. Instead, you must unhide it, and then open it from the Finder. The same goes for folders that you add to your Hider vault. I’d like to see Hider handle this more smoothly — perhaps have the app automatically unhide and open a file when you double-click it? (Double-clicking a file in Hider currently does nothing.) This small change would make using Hider that much smoother and more seamless. In the meantime, Hider can optionally reveal a file in the Finder when you unhide it, and you can click the magnifying glass next to a visible file’s name in Hider to view that file in the Finder.

Unhiding and opening files may be a little clumsy, but what if you want to edit the file once you make it visible? That’s more problematic, since Hider is essentially juggling two copies of the file: the encrypted copy within the vault and the unencrypted copy in the Finder. If you make a change to the unencrypted copy and save, Hider notices and displays a confusing dialog; in essence, it’s saying that you have to hide the file (add it to the vault) manually again. I’d like to see Hider at least offer the user the option of re-hiding the file automatically.

[image link] [6]

In addition to files, you can also store secure notes within Hider’s vault. These notes can be just about anything: Swiss bank account numbers, phone numbers for your undercover sources, incriminating email messages, or even the selfies the White House doesn’t want leaked to the press (though the images don’t scale to fit the window nicely). You can save as many of these as you like, and you can organize them into groups, just as you can with files.

Hider’s secure notes work as advertised, but they are stuck in Hider. You can’t export them or turn them into files in the Finder; all you can do is copy and paste them into a separate document.

[image link] [7]

Hider includes a couple of ways to access its features quickly. First, a pair of global keyboard shortcuts let you lock Hider or hide all visible items. Press Command-Control-H to hide all visible files; Command-Control-L locks Hider. Second, a menu bar item provides fast access to existing vault files without opening Hider, although you must still enter your password if Hider is locked (which can happen automatically after a specified amount of time).

[image link] [8]

The menu bar item is turned off by default, but you can easily switch it on in Hider’s Preferences window. However, while you can hide and unhide files already stored in your Hider vault through the menu bar icon, it doesn’t allow you to add anything to the vault — you must still open Hider’s main window for that. Also, you can’t view secure notes via the menu bar assistant, though that makes sense, since it would become unwieldy if it took on too much functionality.

Although I didn’t encounter any noteworthy problems with Hider in the time I’ve used it, some App Store reviewers report losing data.

According to MacPaw, data loss resulted from two issues, one of which was a custom permissions problem that was fixed in the Hider 2.0.2 update. The other is an underlying issue with the way Hider stores large amounts of data: MacPaw says it has “partially fixed” this problem in Hider 2, but that it’s working to further improve its data storage system. You might not want to put gigabytes of data into Hider just yet, but as long as you have a good versioned backup, you should be able to recover Hider’s vault at previous points in time, before any corruption occurred.

In all, though, Hider 2 seems to be a polished, solid encryption tool for those who want to keep some files confidential without messing around with encrypted disk images. Hider is simple enough to understand and use, but I’d love to see MacPaw address the rough edges surrounding unhiding files, editing files, and working with external disks in a future update.

[1]: http://macpaw.com/hider
[2]: http://tidbits.com/resources/2014-05/Hider-2-login.png
[3]: http://tidbits.com/resources/2014-05/Hider-2-vault.png
[4]: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
[5]: http://tidbits.com/resources/2014-05/Hider-2-external-drive.png
[6]: http://tidbits.com/resources/2014-05/Hider-2-file-edit.png
[7]: http://tidbits.com/resources/2014-05/Hider-2-secure-note.png
[8]: http://tidbits.com/resources/2014-05/Hider-2-menu-bar.png