Coding Turtle

Scrambler

a simple encryption app for the Mac

Download for free

Update (December 2021): Made free and dropped maintenance

Still works fine, even on macOS 12 Monterey; use this license key

Version 1.3 (4.6 MB)

Requires OS X 10.7.5 or later

Release notes

Scrambler 1.3:

  • Fixes visual bugs and adds support for dark mode on OS X Yosemite.

Scrambler 1.2.8:

  • Signed with a new Developer ID to prevent spurious warnings on OS X 10.9.5 and later.
  • Various minor changes.

Scrambler 1.2.6:

  • Fixes a menu bar icon problem introduced in version 1.2.4 (compatibility with Bartender, an app by another developer that manages your menu bar items).
  • Fixes some window positioning issues when using multiple displays with OS X Mavericks.

Scrambler 1.2.4:

  • System requirements increased from 10.7 to 10.7.5.
  • Fixes a bug that occasionally made it unable to drag files on Scrambler.
  • The app now behaves more properly when using Spaces.
  • Various other bug fixes and improvements.

Scrambler 1.2.2:

  • Fixes a bug where users with Macs running over network drives were not able to properly use the “source folder” feature.
  • Fixes a bug where users could, in some cases, not properly select folders in the open dialog that appears before encryption/decryption.

Scrambler 1.2:

  • A new, vastly more secure scrambled file format that makes brute-force attacks practically impossible (unless the user chooses a weak password).
  • The new file format also produces more compact files—about 25% smaller.
  • Adds the optional ability to automatically delete the original item(s) after encryption/decryption.
  • A few minor improvements and bug fixes.

Important:

  • Scrambled files created with Scrambler 1.2 will not decrypt on older versions.
  • Descrambler users also have to upgrade to the newest version to decrypt the new file format. (Descrambler is a free “decrypt-only” version of Scrambler, available from the same developer.)
  • The new versions are, of course, able to decrypt the old file format.

Scrambler 1.1.8:

  • Sandbox support. This technology vastly improves app security and is now recommended by Apple for all Mac apps. For technical reasons, a consequence of this is that if you are currently using Scrambler’s “save in source folder” feature, you have to set it up again through Scrambler’s new Preferences window.
  • Various minor improvements.

Scrambler 1.1.6:

  • New icons and artwork that are compatible with the retina display.
  • Fixes a bug that in some cases caused an error during decryption.
  • Various underlying bug fixes.

Scrambler 1.1.4:

  • Fixes a bug that in some cases caused an error/crash during encryption.

Scrambler 1.1.2:

  • Fixes a bug that made it unable for some users to launch the app.
  • Some minor internal improvements.

Scrambler 1.1:

  • The file size limitation of 250 MB has been removed; users can now encrypt as large files as they want.
  • Adds a progress indicator that shows the percentage completion of the encryption/decryption.
  • Encryption and decryption can now be cancelled during progress.
  • Encryption and decryption are now dramatically more memory-efficient.
  • Fixes a bug that sometimes, in rare cases, made it impossible to decrypt scrambled files.
  • Fixes various other minor bugs.
  • The underlying codebase has been completely reworked to take full advantage of new technologies provided in OS X Lion. For the user, this results in a nice performance boost. For the developer, this provides a great foundation for further improvements.

Scrambler 1.0:

  • Initial release.

Support email: “support” at our domain name

Encryption

Using Scrambler is a breeze. Just drag a file, folder, or multiple files or folders on Scrambler’s menu bar icon and type in a password. Scrambler will encrypt everything into a single scrambled file.

Decryption

To decrypt a scrambled file, just drag it back on Scrambler and type in the correct password.

Other features

You can configure Scrambler to automatically delete the original item(s) after encryption/decryption.

Technical details

ULTRA-TECHNICAL DETAILS

Note: Regular users don’t need to worry about these ultra-technical details.

The file format of scrambled files

Scrambled files are structured as follows.

  • The first 16 bytes are the characters Scrambler0000001, obfuscated with each bit of each character inverted. (The obfuscation is done to discourage curious laypeople from modifying the file when they open it in a text editor.) The idea here is that if a new file format comes along, the count can be increased from 0000001 to 0000002.
  • The next 16 bytes consist of a random salt, which is generated fresh for each file.
  • Finally, all the remaining bytes consist of an encrypted tar.gz archive of the item(s) that the user wants to encrypt.

The archiving, key derivation, and encryption happen roughly as follows. (Since Scrambler shows a progress indicator, this actually happens in small chunks at a time, but you get the picture.)

  1. The item/items that the user wants to encrypt is/are compressed into a tar.gz archive. This archive is designed to preserve OS X metadata of files, including extended attributes.
  2. A random 16-byte salt is generated.
  3. The user-provided password is converted to bytes using the UTF-8 encoding.
  4. The salt and password are fed into the PBKDF2 key derivation function, which is set to use the HMAC-SHA512 pseudorandom function, and 50,000 iterations are performed to obtain 48 bytes of data. The first 32 bytes are used for the encryption key, and the other 16 bytes for the initialization vector.
  5. The tar.gz archive data, encryption key, and initialization vector are fed into the AES-256-CBC encryption algorithm to produce the final encrypted data.
  6. As mentioned above, the final scrambled file contains 16 bytes of obfuscated Scrambler0000001, followed by the 16-byte salt, followed by the final encrypted data.

Decrypting scrambled files in the OS X Terminal

If you read above about the scrambled file format, you could devise your own ways of decrypting scrambled files. The following steps provide just one example:

  1. Please download this Ruby script.
  2. Try using it to decrypt a scrambled file: Run ruby decrypt.rb file.scrambled file.tar.gz and type in the password. If this works, skip to step 8 below. You may, however, see an error about the missing function pbkdf2_hmac(). In this case, continue on to the next step.
  3. Download and install Xcode.
  4. In Xcode, go into Preferences → Locations, and install the Command Line Tools.
  5. Launch the OS X Terminal and install Homebrew.
  6. Install a later version of Ruby with brew install ruby. (If you get a “/usr/local/include isn't writable” error, try this solution.)
  7. Try our script again with the new Ruby: Run /usr/local/opt/ruby/bin/ruby decrypt.rb file.scrambled file.tar.gz and type in the password. This should work.
  8. You now have a tar.gz archive that you can unarchive by double-clicking on it in the Finder.

Decrypting old scrambled files in the OS X Terminal

To decrypt scrambled files created with Scrambler 1.1.8 or earlier, please follow these steps:

  1. Launch the OS X Terminal and type in echo -n "yourPassword" |openssl sha1 to obtain the SHA-1 hash of your password.
  2. Run openssl aes-256-cbc -d -a -in file.scrambled -out file.tar.gz and paste in the SHA-1 hash when prompted for the password.
  3. You now have a tar.gz archive that you can unarchive by double-clicking on it in the Finder.

© Coding Turtle