About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Products » Reviews » The Very Ugly

Ghost Folder 2.0

Bad Software (Wil Gieseler)
Rating: (four burnt toasts)

If by 'engineering' you mean 'guy who figured out two shell scripts' then John. But if by 'engineering' you mean 'guy who did all the work and made everything happen', then Wil.
Human Interface Design:
Wil, who figured out how to use a table view! Woo!
Wil and John. Also I'll probably make Will do some too.
There is none. Get over it.

The icon says everything. But if that isn't enough, know that the motto of this stellar product is officially 'security through obscurity' [sic].

The authors of Ghost Folder 2.0, who really call themselves 'Bad Software', have taken the idiocy of Apimac Secret Folder 2.6.4 and elaborated it to its theoretical extreme.

Not only is this application lame already in its design and based on total misinformation about the underlying operating system, but it cannot even perform what it sets out to do - which was realistically not asking very much.

It doesn't matter that this gem is released as a free product: even if it worked it would be worthless, but the extent to which it doesn't work has to have set new all-time records. What follows is more a pictorial of a run of Ghost Folder 2.0 than a detailed examination of its putrid innards, but such a pictorial should speak well better than thousands upon thousands of words.

Kick back with your favourite drink and enjoy.

The opening dialog sheet. Aqua on metal is so exquisite. The test team deliberately typed in different single character passwords in each of the two fields - and the program accepted the input without a hint of protest.

Submitting the first of many names for 'secret folders' - for what reason nobody knew.

The mystery that is Ghost Folder 2.0: for whatever you do, all you'll get is the diagnostic shown above. The test team cleaned the system, submitted proper passwords, stuck to 'easy' folder names and paths - to no avail. Put simply, the program just doesn't work - not at all.

The 'documentation' said there would be no documentation, but the Help menu item was there, so a poor sod from the test team clicked on it.

The illustration on the right does however prove two things:

  1. The program kept complaining things were going wrong when they weren't going that wrong at all - indicating something is really wrong.

  2. The supposedly 'secret protected' folders are eminently visible and accessible wherever you want to look for them.

The test team also discovered two mysterious text files, gf-0.espd and gf-4.espd, which seem to be some sort of infantile attempt to lesser the old 'Caesar' encrypting technique.

gf-0.espd (concatenated):
a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9 0 ! . ? _ @ # $ % ^ & * ( ) { } [ ] \ | " ' : < > , / ~ ` + = -

gf-4.espd (concatenated):
H r s t u v \ | a b = - 7 8 9 ^ B C D E d e i j y z ] T U V I J ? 2 < > _ w x { } [ p q A X Y , / ~ ` + Q R 3 f g h @ # $ % " L M N O P K 0 ! . & * ( c 4 5 6 k l m n o W ' : ) Z 1 S F G

Clearly we here have genius at work.

The application leaves a file in your Preferences folder. It has no prefix because the Bad Authors at Bad Software evidently didn't know how to set this up right. The file is simply named 'Ghost Folder.plist' and even this is a gem - the details of which the reader will be spared.

However the password is stored 'more or less' in the clear: using a one-to-one character substitution as outlined above, it is child's play to extrapolate back to the original. (In case all you techies didn't get it, 'passenc' stands for 'password encrypted' - pretty cool, eh?)


At least they chose a good name for the company.

See Also
Control Your Pod

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.