SafeGuard File Encryption for Mac 6.10 release notes


About SafeGuard File Encryption for Mac

Sophos SafeGuard File Encryption for Mac offers transparent file-based encryption on local drives, network shares, removable drives and in the cloud via certain cloud storage providers.
With SafeGuard File Encryption for Mac you can safely encrypt and decrypt files and exchange these files with others.

       New files in the relevant locations are encrypted automatically.

       Old files in the relevant locations can be encrypted initially.

       If you have the key for an encrypted file, you can read and modify the content.

       If you do not have the key for an encrypted file, you can only see the encrypted (not readable) content. Please note that if you access an encrypted file from any other computer, on which SafeGuard File Encryption for Mac is not installed, the encrypted file content is shown as well.


System requirements

       Mac OS X versions: SafeGuard File Encryption for Mac supports Mac OS X 10.7, 10.8, 10.9 and 10.10.

       OSXFUSE: SafeGuard File Encryption for Mac is based on OSXFUSE version 2.61 or newer. During the installation process it is checked, whether OSXFUSE version 2.61 or higher is installed. If not found, the installation terminates and prompts the user to install OSXFUSE first. To obtain OSXFUSE, please go to http://osxfuse.github.io/

       Sophos SafeGuard Enterprise: SafeGuard File Encryption for Mac needs a SafeGuard Enterprise backend, from which it obtains its encryption policies and the encryption keys.
Please install the Sophos SafeGuard Enterprise backend version 6.10 or higher prior to installing SafeGuard File Encryption for Mac.
During the installation process of the Mac client you will be required to provide and import a SafeGuard Enterprise Client Configuration ZIP file, in order to bind the Mac to its SafeGuard backend.

       SSL trust to the SafeGuard backend server must be configured on client.
Please make certain that the correct SSL certificates of the SGN server(s) are imported into the Mac’s System keychain only, and not in the user’s Login keychain.

       Supported client languages: The supported client languages are English, German, and French.


General

Note that all links to the Sophos web page in this document lead to the SafeGuard Enterprise 6.10 release.

Compatibility and upgrades

The compatibility of this release of SafeGuard File Encryption for Mac with previous releases and modules of Sophos is as follows:

SafeGuard File Encryption for Mac and SafeGuard Disk Encryption for Mac

Both products share the modules that connect the SafeGuard for Mac client to the SafeGuard Enterprise 6.10 backend.

Note that SafeGuard File Encryption for Mac adds two new features to the server connection:

       The SafeGuard for Mac client supports two SGN servers – just as the SafeGuard for Windows clients do.

       During the setup of the SSL-connection between SafeGuard for Mac client and its server(s), the authenticity of the SSL certificates of the SGN servers is verified.

 

As both products share common modules, they need to be installed and uninstalled in a certain order.

 

These are the supported installation sequences:

Only SafeGuard File Encryption for Mac is used:

       Install SafeGuard File Encryption for Mac and import the SafeGuard Enterprise Client Configuration ZIP file.

 

SafeGuard File Encryption for Mac and SafeGuard Disk Encryption for Mac version 6.01 and older are used together on the same Mac:

 

1.     Install SafeGuard Disk Encryption for Mac version 6.01 first or upgrade to it from an older version (versions 5.55 or 6.0).

2.     Import the SafeGuard Enterprise Client Configuration ZIP file.

3.     Then install SafeGuard File Encryption for Mac version 6.10.

Note: SafeGuard File Encryption for Mac 6.10 is compatible with SafeGuard Disk Encryption for Mac version 6.01 only.
If you have an older version of SafeGuard Disk Encryption for Mac installed (for example SafeGuard Disk Encryption for Mac version 5.55 on Mac OS X 10.7), then you need to upgrade SafeGuard Disk Encryption for Mac to version 6.01 first before you install SafeGuard File Encryption for Mac.
Note that it is highly recommended to always have the latest versions of Sophos applications installed.

 

SafeGuard Disk Encryption for Mac 6.01 or older gets updated or uninstalled, while SafeGuard File Encryption for Mac is installed:

Note that these situations need to be taken care of, because this overwrites shared modules with older versions or might even remove modules, so that SafeGuard File Encryption for Mac will not work correctly any more.

       After having removed or upgraded SafeGuard Disk Encryption for Mac 6.01 or older, you need to reinstall SafeGuard File Encryption for Mac and re-import the SafeGuard Enterprise Client Configuration ZIP file.

SafeGuard File Encryption for Mac and SafeGuard Disk Encryption for Mac version 6.10 are used together on the same Mac:

       Both products take care of each other and can be installed, and uninstalled in any order.

 

Anti-virus software

Usually anti-virus software works in two modes:

1.   Manual or scheduled mode or

2.   Real time scanning or On-access scan mode

 

For both modes applies the following:

·         Whichever scanning mode you are using, we do not recommend you scan the encrypted files in their original location. This is because you cannot find a virus within an encrypted file.

·         Instead, it is strictly recommended to scan all files in the corresponding SafeGuard Secured volumes.
This returns the unencrypted file content and therefore viruses can be detected.

·         Please test, whether the on-access scanner of the installed anti-virus product finds a virus in files on SafeGuard Secured volumes. Please see instructions about the EICAR test file below.

 

Sophos Anti-Virus for Mac version 8 and 9 have been tested with SafeGuard File Encryption for Mac and detect viruses on SafeGuard Secured volumes in both modes under the following circumstances:

·         “Scan now” or “Scan local drives”:
Make sure you always scan the SafeGuard Secured volumes or you risk missed detection.

If you happen to scan it through the original path, you can do so, it won’t do any harm, but you won’t find any virus, as the file content you scan is encrypted.

·         On-access scanning:
If you have installed SafeGuard File Encryption for Mac, please make sure that

o   (1) the on-access scanner of Sophos Anti-Virus for Mac is turned and

o   (2) its feature “Scan Files on network volumes” is switched on as well.

·         This will allow the file content on a SafeGuard Secured volume to be scanned on-access.

 

If you are using other anti-virus software, make sure that your product is able to detect viruses, too. You can use the EICAR Anti-Malware test file (http://www.eicar.org/86-0-Intended-use.html ) for testing purposes.


Particularities and limitations

       Files can be accessed via two different paths: the original path and the SafeGuard File Encryption Secured Volume (mount point). Transparent encryption works only on the SafeGuard Secured Volumes.

       Blacklisted folders: SafeGuard File Encryption for Mac OS X makes certain that folders that are important for OS X to function properly are not and cannot be encrypted by a SafeGuard administrator.
Even if a SafeGuard Security Officer specifies an encryption policy for a folder on the blacklist, the client software of SafeGuard File Encryption for Mac OS X will not encrypt file is this folder.

This is the list of folders on the blacklist:

      Folders without subfolders

      <Root>/

      <Root>/Volumes/

      Folders including their subfolders:

      <Desktop>/

      <Root>/bin/

      <Root>/sbin/

      <Root>/usr/

      <Root>/private/

      <Root>/dev/

      <Root>/Applications/

      <Root>/System/

      <Root>/Library/

      <User Profile>/Library/

      <Removables>/SGPortable/

      <Removables>/System Volume Information/

·         It is not possible to modify sharing & permission via Finder for a SafeGuard File Encryption mount point. This is, because the SafeGuard File Encryption mount point is not the original path, but only a “shadow”.
To modify it for a certain folder, please do this via the original path.

·         Read-only folders (such as disk images or NTFS formatted devices) will not be mounted as Secured Volume by SafeGuard File Encryption for Mac.

·         OSXFuse provides its Secured Volumes as network volumes.
This has several consequences:

      Volumes will be shown on your OS X Desktop, if configured in the Finder Preferences.
Or you can find them using the Finder option “Go > Computer”

      The Spotlight service has no access to the SafeGuard Secured mount points. A search will find a file in the original path, but not in the SafeGuard Secured Volume.

      Deletion of files cannot be undone in Secured Volumes. These volumes don’t have a trash.

      The OS X feature “Browse All Versions” is not supported in Secured Volumes.

      Some anti-virus scanners (like for example Sophos Anti-Virus) do not scan files on network volumes via their built-in on-access scanners, unless they are explicitly told to do so.
Please turn on such a feature.

       It is not guaranteed that policies for SafeGuard File Encryption for Mac can be implemented in reality immediately (for example, a mounted Secured Folder cannot be unmounted, because files in it are open.)
To be on the safe side, please log out and log in again.


Known issues

Check the known issues for this SafeGuard Enterprise release, since improper configuration of certain options may cause unexpected behaviour.

Note the following additional known issues:

•       OSXFUSE supports a maximum of 24 mounts per Mac.

•       The installation, upgrade and uninstallation of SafeGuard File Encryption for Mac can take longer (up to 5 – 20 minutes), if your Mac is located behind a firewall, which prevents direct access to the Internet.
In order to speed up the installation in such a case, either disconnect it from any network or allow direct Internet access.
Please note that this is a general issue with OSX Gatekeeper and is caused by the verification of the digital signature via Apple servers, with which SafeGuard’s files are signed.

•       Circular copy of a file and user decides to “Replace” the file:
If you copy a file from a SafeGuard Secured Volume to its original volumes or vice versa, always select the option “Keep both” or “Stop”!
If you accidentally select the option “Replace”, both files will be deleted.

•       Creation of mobile user accounts at OS X login with confirmation by user:
Do not require confirmation of the OS X user before creating a mobile account, as the user can select “Don’t Create”. Selecting this option will create an incomplete OS X user, for example a user that does not have a local home directory.

•       Labelled files:
If you open a labelled file via a Smart Folder, OS X does not open the file in the SafeGuard Secured Folder, but opens the file in its original location.
If the file is encrypted, you will only see its encrypted content.

•       Displaying the encryption status of a file via color-coding in the inner circle of the SafeGuard system menu icon:
To display the encryption status reliably, please mark the file, click on the desktop and then in the Finder window again. This will display the status color in the inner circle of the SafeGuard system menu icon correctly.

•       Show icon preview
For performance reasons it is recommended to turn off the Finder option “show icon preview”.
This is particularly valid for slow devices or network shares, on which a big number of encrypted files are located.
Note that application-specific icons (for example Microsoft Office for Mac) are also influenced by the Finder option “show icon preview”.

      Keys sporadically and wrongly shown in orange in SafeGuard Preference Pane on Mac OS X 10.8.
The availability of the SafeGuard keys is shown correctly via sgfsadmin --list-keys though. The keys can be used and files can be en- and decrypted.

      For performance reasons and Finder stability it is not recommended to copy files via Finder in parallel multiple times into the same SafeGuard SECURED folder.


Technical support

You can find technical support for Sophos products in any of these ways:

       Visit the SophosTalk community at community.sophos.com/ and search for other users who are experiencing the same problem.

       Visit the Sophos support knowledgebase at www.sophos.com/en-us/support.aspx.

       Download the product documentation at www.sophos.com/en-us/support/documentation/.

       Send an email to support@sophos.com, including your Sophos software version number(s), operating system(s) and patch level(s), and the text of any error messages.


Legal notices

Copyright © 1996 - 2014 Sophos Group. All rights reserved. SafeGuard is a registered trademark of Sophos Group.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.



Disclaimer and Copyright for 3rd Party Software


OpenSSL

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/) 



AES-NI

This software uses code from the Intel_aes_lib. The following is applicable to Intel_aes_lib:

/* intel_aes_lib source files come from Intel. 

 * Modified by Patrick Fay

 *

Copyright (c) 2010, Intel Corporation 

All rights reserved.

Redistribution and use in source and binary forms, with or without 

modification, are permitted provided that the following conditions are met: 

    * Redistributions of source code must retain the above copyright notice, 

      this list of conditions and the following disclaimer.

    * Redistributions in binary form must reproduce the above copyright notice, 

      this list of conditions and the following disclaimer in the documentation 

      and/or other materials provided with the distribution. 

    * Neither the name of Intel Corporation nor the names of its contributors 

      may be used to endorse or promote products derived from this software 

      without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 

ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 

WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 

IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 

INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 

BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 

DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 

LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE 

OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 

ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 

 ---------------------------------------------------------------------------

 Issue Date: Aug 6, 2010 

 */

DISCLAIMER

[The AES-NI library] software is provided 'as is' with no explicit or implied warranties  in respect of its properties, including, but not limited to, correctness  and/or fitness for purpose. 




Gladman AES

Copyright (c) 1998-2007, Brian Gladman, Worcester, UK. All rights reserved.

LICENSE TERMS

The free distribution and use of this software is allowed (with or without changes) provided that: 

DISCLAIMER

This software is provided 'as is' with no explicit or implied warranties in respect of its properties, including, but not limited to, correctness and/or fitness for purpose. 




gSOAP

gSOAPRationale: This license agreement for commercial use of the gSOAP software standard edition 

in open source form shall replace the gSOAP public license and GPL license for Customer's 

use of the Software, thereby permanently replacing the terms and conditions imposed by the 

gSOAP public license and GPL license, as set forth in this Agreement. This license covers the 

entire gSOAP source distribution, including, but not limited to, the runtime library, compiler, 

WSDL importer, example applications, and documentation. 

THIS LICENSE AGREEMENT ("Agreement") is made and entered into as of the last date 

executed by the parties below (the "Effective Date") by and between GENIVIA, INC., a Florida 

corporation having a principal place of business at 3178 Shamrock East, Tallahassee, Florida 

32309, USA, ("Genivia"), and Sophos Limited and its subsidiaries and affiliates, a 

company in accordance with the laws of England and Wales having a principal place of 

business at The Pentagon, Abingdon, OX14 3YP, United Kingdom ("Customer"). 

The parties agree as follows:

1. DEFINITIONS.

"Original Code" means Source Code of computer software code which is described in the 

Source Code notice required by Exhibit A as Original Code. 

"Modifications" means any addition to or deletion from the substance or structure of either the 

Original Code or any previous Modifications. When Covered Code is released as a series of 

files, a Modification is: (i) any addition to or deletion from the contents of a file containing 

Original Code or previous Modifications; (ii) any new file that contains any part of the Original 

Code, or previous Modifications. 

"Covered Code" means the Original Code, or Modifications or the combination of the Original 

Code, and Modifications, in each case including portions thereof. 

"Software" means the Covered Code and accompanying documentation and support files 

referenced in section 1 of Exhibit A, including Updates (if any). 

"Updates" means any patches, bug fixes, upgrades, and new versions of the Software made 

generally available by Genivia during the term of this Agreement. 

"Source Code" means computer programming code in human readable form that is not 

suitable for machine execution without the intervening steps of interpretation or compilation, 

meaning the preferred form of the Covered Code for making modifications to it, including all 

modules it contains, plus any associated interface definition files, scripts used to control 

compilation and installation of an Executable Object Code, or source code differential 

comparisons against the Original Code. The Source Code can be in a compressed or archival 

form, provided the appropriate decompression or de-archiving software is widely available for 

no charge.

GENIVIA INC. STANDARD EDITION LICENSE AGREEMENT FOR COMMERCIAL USE 2 of 8 

"Executable Object Code" means the computer programming code in any other form than 

Source Code that is not readily perceivable by humans and suitable for machine execution 

without the intervening steps of interpretation or compilation. 

"Authorized Site" means the specific address of Customer’s facility consisting of a single 

building or multiple buildings on a contiguous campus as specified in Exhibit A. 

"Project" means a concerted undertaking by an identified Customer development team to 

design or produce a Target Application. 

"Run-Time Module" means the Software in Source Code form or as Executable Object Code 

to be incorporated into a Target Application as inseparably embedded code or statically linked 

to a Target Application.

"Target Application" means an end-user item, such as a software product that is possibly 

replicated in identical form and offered for sale or licensed to third parties, or a device or 

system developed by Customer pursuant to a Project that contains a Run-Time Module, or any 

portion thereof, as specified in Exhibit A and any Updates made during the term of this 

Agreement.

2. SOURCE CODE LICENSE.

Subject to Customer’s compliance with the terms and conditions of this Agreement and 

payment of any applicable fees, Genivia hereby grants to Customer a non-transferable, nonexclusive, 

worldwide, perpetual, royalty-free, paid-up license: (i) to reproduce and use the 

Software solely at the Authorized Sites in connection with the Project; (ii) to make backup 

copies at the Authorized Sites for the purpose of this Agreement; (iii) to store the Software in a 

source code repository; (iv) to create Modifications and other derivative works of the Software, 

solely to the extent necessary to support the development of the Target Application; (v) to 

compile the Software, including any Modifications and derivative works thereof, into Run-Time 

Modules; (vi) to reproduce an unlimited number of Run-Time Modules for physical 

incorporation into the Target Application; and (vii) to market, sell, offer to sell, and distribute the 

Target Application. 

3. RESTRICTIONS.

Customer shall reproduce and include any and all copyright notices and proprietary rights 

legends, as such notices and legends appear in the original Software, on any copy of the 

Software, or portion thereof, with the exception of the gSOAP public license and GPL license 

notices.

The Software shall be handled, used and stored, solely at the Authorized Site identified in 

Exhibit A. The Software may be used from a single machine, a set of machines, or a network 

file server, but there shall be no access to the Software from any external network not located 

at the Authorized Sites.

GENIVIA INC. STANDARD EDITION LICENSE AGREEMENT FOR COMMERCIAL USE 3 of 8 

A function of the Software is to create Run-Time Modules for incorporation into Target 

Applications. Except as set forth in Section 2 above, no license is granted hereunder to 

reproduce or distribute the gSOAP soapcpp2 compiler and wsdl2h importer as part of such 

Target Application.

4. OWNERSHIP.

Genivia represents and warrants to Customer that Genivia has all rights in the Software 

necessary to grant the rights and license granted to Customer in this Agreement. 

Without limiting the foregoing, Genivia represents and warrants that Genivia has acquired an 

assignment of all intellectual property rights in and to all portions of the Software delivered to 

Customer under this Agreement.

Customer shall not have any obligation to provide, assign, or disclose to Genivia or any other 

party any Modifications. Notwithstanding the foregoing, Genivia and its licensors shall retain 

exclusive ownership of all worldwide Intellectual Property Rights in and to the Software. 

Customer acknowledges that this Agreement does not grant to Customer any Intellectual 

Property Rights in or to the Software other than the limited rights with respect to the Software 

as set forth in Section 2. 

5. DELIVERY AND PAYMENT.

Immediately following the Effective Date, Genivia grants Customer the right to download the 

Software from the Approved Software Download Site specified in Exhibit A, and install the 

Software at the Authorized Site and use the Software as set forth in Section 2 subject to the 

restrictions listed in Section 3. Notwithstanding any terms or other agreements posted on the 

Approved Software Download Site, this Agreement shall be the sole and exclusive agreement 

governing Customer's use of the Software. 

Customer shall pay to Genivia the Software license fee set forth in Exhibit A. License fees will 

be invoiced with shipment of this License Agreement. Payment of all amounts invoiced shall be 

due forty-five (45) days after receipt of the invoice. 

All payments and amounts shall be paid without deduction, set-off or counter claim, free and 

clear of any restrictions or conditions, and without deduction for any taxes, levies, imposts, 

duties, fees, deductions, withholdings or other governmental charges. If any deduction is 

required to be made by law, Customer shall pay in the manner and at the same time such 

additional amounts as will result in receipt by Genivia of such amount as would have been 

received by Genivia had no such amount been required to be deducted. If Customer is 

claiming sales or use tax exemption, a certified Tax Exempt Certificate must be attached to 

this Agreement or applicable purchase order submitted by Customer. 

6. TERM AND TERMINATION.

GENIVIA INC. STANDARD EDITION LICENSE AGREEMENT FOR COMMERCIAL USE 4 of 8 

This Agreement shall commence upon the Effective Date and is granted in perpetuity, but may 

be terminated without notice in the following circumstances: if Customer breaches any term of 

this agreement, unless such breach is curable and is cured by Customer within thirty (30) days 

after notice of such breach is provided by Genivia; if Customer, being a firm or partnership, is 

dissolved; or, by Customer, if Customer destroys the Software for any reason. Upon 

termination, Customer shall destroy any remaining copies of the Software or otherwise return 

or dispose of such material. Termination pursuant to this clause shall not affect any rights or 

remedies, which Genivia may have otherwise under this license or at law. 

The following Sections shall survive any termination of this Agreement: Sections 1, 4, 6, 8, and 

10. Termination of this Agreement, if any, shall not affect any licenses or other grants of any 

rights, titles, or interests of Customer in or to any Run-Time Modules or the Target Application. 

7. LIMITED WARRANTY.

Genivia warrants that the Software, installation scripts, and future Updates will be provided to 

Customer. Customer assumes full responsibility for: (i) the selection, download, and installation 

of the Software from the Approved Software Download Site specified in Exhibit A; (ii) the 

proper use of the Software; (iii) verifying the results obtained from the use of the Software; and 

(iv) taking appropriate measures to prevent loss of data. Genivia does not warrant that the 

operation of the Software will meet Customer’s requirements or that Customer will be able to 

achieve any particular results from use or modification of the Software or that the Software will 

operate free from error.

EXCEPT AS EXPRESSLY SET FORTH IN SECTIONS 7 AND 8 OF THIS AGREEMENT, 

GENIVIA AND ITS LICENSORS DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, 

IMPLIED OR STATUTORY, INCLUDING, WITHOUT LIMITATION, THE IMPLIED

WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE, 

NONINFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY RIGHTS, AND ANY 

WARRANTY THAT MAY ARISE BY REASON OF TRADE USAGE, CUSTOM, OR COURSE 

OF DEALING. WITHOUT LIMITING THE FOREGOING, CUSTOMER ACKNOWLEDGES 

THAT THE SOFTWARE IS PROVIDED "AS IS" AND THAT GENIVIA DOES NOT WARRANT 

THE SOFTWARE WILL RUN UNINTERRUPTED OR ERROR FREE. THE ENTIRE RISK AS

TO RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY CUSTOMER. 

UNDER NO CIRCUMSTANCES WILL GENIVIA BE LIABLE FOR ANY SPECIAL, INDIRECT, 

INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY KIND OR NATURE 

WHATSOEVER, WHETHER BASED ON CONTRACT, WARRANTY, TORT (INCLUDING 

NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, ARISING OUT OF OR IN ANY WAY 

RELATED TO THE SOFTWARE, EVEN IF GENIVIA HAS BEEN ADVISED ON THE

POSSIBILITY OF SUCH DAMAGE OR IF SUCH DAMAGE COULD HAVE BEEN 

REASONABLY FORESEEN, AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL 

PURPOSE OF ANY EXCLUSIVE REMEDY PROVIDED. SUCH LIMITATION ON DAMAGES 

INCLUDES, BUT IS NOT LIMITED TO, DAMAGES FOR LOSS OF GOODWILL, LOST

PROFITS, LOSS OF DATA OR SOFTWARE, WORK STOPPAGE, COMPUTER FAILURE OR 

MALFUNCTION OR IMPAIRMENT OF OTHER GOODS. IN NO EVENT WILL GENIVIA BE 

LIABLE FOR THE COSTS OF PROCUREMENT OF SUBSTITUTE SOFTWARE OR 

GENIVIA INC. STANDARD EDITION LICENSE AGREEMENT FOR COMMERCIAL USE 5 of 8 

SERVICES. CUSTOMER ACKNOWLEDGE THAT THIS SOFTWARE IS NOT DESIGNED

FOR USE IN ON-LINE EQUIPMENT IN HAZARDOUS ENVIRONMENTS SUCH AS 

OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR CONTROL, OR LIFECRITICAL 

APPLICATIONS. GENIVIA EXPRESSLY DISCLAIM ANY LIABILITY RESULTING 

FROM USE OF THE SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT IN HAZARDOUS 

ENVIRONMENTS AND ACCEPTS NO LIABILITY IN RESPECT OF ANY ACTIONS OR

CLAIMS BASED ON THE USE OF THE SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT 

IN HAZARDOUS ENVIRONMENTS BY CUSTOMER. FOR PURPOSES OF THIS 

PARAGRAPH, THE TERM "LIFE-CRITICAL APPLICATION" MEANS AN APPLICATION IN 

WHICH THE FUNCTIONING OR MALFUNCTIONING OF THE SOFTWARE MAY RESULT 

DIRECTLY OR INDIRECTLY IN PHYSICAL INJURY OR LOSS OF HUMAN LIFE. THIS 

DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE.

NO USE OF ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS 

DISCLAIMER.

8. INFRINGEMENT INDEMNITY.

Genivia will defend at its expense any suit brought against Customer and will pay all damages 

finally awarded in such suit insofar as such suit is based on a claim that the Software as 

provided to Customer infringes a previously issued patent, trademark, trade secret or 

copyright, provided that Genivia is notified promptly of such claim and is given full and 

complete authority (including settlement authority consistent with the other terms and 

conditions of this Agreement), information and assistance by Customer for such defense. In 

the event that the Software is held in any such suit to infringe such a right and its use is 

enjoined, or if in the opinion of Genivia the Software is likely to become the subject of such a 

claim, Genivia at its own election and expense will either (i) procure for Customer the right to 

continue using the Software or (ii) modify or replace the Software so that it becomes noninfringing 

while giving substantially equivalent performance. In the event that (i) or (ii) above 

are not, in Genivia’s sole determination, obtainable using reasonable commercial efforts, then 

Genivia may terminate this Agreement and refund amount Customer paid Genivia under this 

Agreement for the Software which is the subject of such claim. The indemnification obligation 

shall not apply to infringement actions or claims to the extent that such actions or claims are 

caused solely by: (i) modifications made to the Software by a party other than Genivia; and (ii) 

the combination of the Software with items not supplied by Genivia or which Genivia has 

specifically not approved for combination with the Software. 

9. GENERAL.

Neither party shall be liable hereunder by reason of any failure or delay in the performance of 

its obligations hereunder (except for the payment of money) on account of strikes, shortages, 

riots, insurrection, fires, flood, storm, explosions, acts of God, war, governmental action, labor 

conditions, earthquakes, material shortages or any other cause which is beyond the 

reasonable control of such party. 

GENIVIA INC. STANDARD EDITION LICENSE AGREEMENT FOR COMMERCIAL USE 6 of 8

The Software is a "commercial item" as that term is defined at 48 C.F.R. 2.101, consisting of 

"commercial computer software" and "commercial computer software documentation" as such 

terms are used in 48 C.F.R. 12.212. Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 

227.7202-1 through 227.7202-4, Customer will provide the Software to U.S. Government End 

Users only pursuant to the terms and conditions therein.

Customer may not delegate, assign or transfer this Agreement, the license(s) granted or any of 

Customer’s rights or duties hereunder without Genivia's express prior written consent, except 

by way of merger or acquisition of the business of Customer, and any attempt to do so shall be 

void. Genivia may assign this Agreement, and its rights and obligations hereunder, in its sole 

discretion.

All Software and technical information delivered under this Agreement are subject to U.S. 

export control laws and may be subject to export or import regulations in other countries. 

Customer agrees to strictly comply with all such laws and regulations. The ECCN for the 

Software is 5D002.

This Agreement is governed by New York law, excluding any principle or provision that would 

call for the application of the law of any jurisdiction other than New York. Any action regarding 

this Agreement shall be brought in a court of competent jurisdiction, federal or state, in the 

County of New York, New York, and Genivia consents to venue and jurisdiction in and service 

of process from such court. 

10. DISCLOSURE OF CUSTOMER IDENTITY.

Genivia, Inc., will not disclose the identity of the Customer on its Web site, advertising, press 

releases, or other publicly released publicity without the Customers' prior written consent. 





OSXFUSE



OSXFUSE is a software developed by the OSXFUSE project and is covered under the 

following BSD-style license:


  Copyright (c) 2011-2013 Benjamin Fleischer

  Copyright (c) 2011-2012 Erik Larsson

  All rights reserved.


  Redistribution  and  use  in  source  and  binary  forms,  with   or   without

  modification, are permitted provided that the following conditions are met:


  1. Redistributions of source code must retain the above copyright notice, this

     list of conditions and the following disclaimer.

  2. Redistributions in binary form must reproduce the above  copyright  notice,

     this list of conditions and the following disclaimer in  the  documentation

     and/or other materials provided with the distribution.

  3. Neither the name of OSXFUSE nor the names of its contributors may  be  used

     to endorse or promote products derived from this software without  specific

     prior written permission.


  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND  CONTRIBUTORS  "AS  IS"

  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,  BUT  NOT  LIMITED  TO,  THE

  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS  FOR  A  PARTICULAR  PURPOSE

  ARE DISCLAIMED.  IN NO EVENT SHALL THE  COPYRIGHT  OWNER  OR  CONTRIBUTORS  BE

  LIABLE  FOR  ANY  DIRECT,  INDIRECT,  INCIDENTAL,   SPECIAL,   EXEMPLARY,   OR

  CONSEQUENTIAL  DAMAGES  (INCLUDING,  BUT  NOT  LIMITED  TO,   PROCUREMENT   OF

  SUBSTITUTE GOODS OR SERVICES; LOSS OF  USE,  DATA,  OR  PROFITS;  OR  BUSINESS

  INTERRUPTION) HOWEVER CAUSED AND  ON  ANY  THEORY  OF  LIABILITY,  WHETHER  IN

  CONTRACT, STRICT  LIABILITY,  OR  TORT  (INCLUDING  NEGLIGENCE  OR  OTHERWISE)

  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN  IF  ADVISED  OF  THE

  POSSIBILITY OF SUCH DAMAGE.


Note that the patches to the FUSE user space library and to the SSHFS 

user-space program are also released under the BSD license.


OSXFUSE is a fork of MacFUSE. MacFUSE has been developed by Amit Singh/Google

Inc.. Additional information and the original source of MacFUSE are available on 

http://code.google.com/p/macfuse/. MacFUSE is covered under the following 

BSD-style license:


  Copyright (c) 2007—2009 Google Inc.

  All rights reserved.


  Redistribution  and  use  in  source  and  binary  forms,  with   or   without

  modification, are permitted provided that the following conditions are met:


  1. Redistributions of source code must retain the above copyright notice, this

     list of conditions and the following disclaimer.

  2. Redistributions in binary form must reproduce the above  copyright  notice,

     this list of conditions and the following disclaimer in  the  documentation

     and/or other materials provided with the distribution.

  3. Neither the name of Google Inc.  nor the names of its contributors  may  be

     used to endorse or promote products  derived  from  this  software  without

     specific prior written permission.


  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND  CONTRIBUTORS  "AS  IS"

  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,  BUT  NOT  LIMITED  TO,  THE

  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS  FOR  A  PARTICULAR  PURPOSE

  ARE DISCLAIMED.  IN NO EVENT SHALL THE  COPYRIGHT  OWNER  OR  CONTRIBUTORS  BE

  LIABLE  FOR  ANY  DIRECT,  INDIRECT,  INCIDENTAL,   SPECIAL,   EXEMPLARY,   OR

  CONSEQUENTIAL  DAMAGES  (INCLUDING,  BUT  NOT  LIMITED  TO,   PROCUREMENT   OF

  SUBSTITUTE GOODS OR SERVICES; LOSS OF  USE,  DATA,  OR  PROFITS;  OR  BUSINESS

  INTERRUPTION) HOWEVER CAUSED AND  ON  ANY  THEORY  OF  LIABILITY,  WHETHER  IN

  CONTRACT, STRICT  LIABILITY,  OR  TORT  (INCLUDING  NEGLIGENCE  OR  OTHERWISE)

  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN  IF  ADVISED  OF  THE

  POSSIBILITY OF SUCH DAMAGE.


  NOTE THAT THIS SOFTWARE ATTEMPTS TO INSTALL THE LATEST VERSION  OF  ITSELF  BY

  CHECKING FOR UPDATES DURING INSTALLATION.  THE INSTALLED VERSION MAY BE  NEWER

  THAN THE VERSION EMBEDDED IN THIS PACKAGE.


Note that Google's patches to the FUSE library (libfuse/*.patch in the MacFUSE 

source repository) and to the SSHFS user-space program 

(filesystems/sshfs/*.patch in the MacFUSE source repository) are also released 

under the BSD license.


Portions of this package were derived from code developed by other authors. 

Please read further for specific details.


* kext/fuse_kernel.h is an unmodified copy of the interface header from the

  Linux FUSE distribution (http://fuse.sourceforge.net). fuse_kernel.h can be 

  redistributed either under the GPL or under the BSD license. It is being 

  redistributed here under the BSD license.


* Unless otherwise noted, parts of MacFUSE (multiple files in kext/) contain 

  code derived from the FreeBSD version of FUSE (http://fuse4bsd.creo.hu), 

  which is covered by the following BSD-style license:


    Copyright (C) 2005 Csaba Henk. All rights reserved.


    Redistribution  and  use  in  source  and  binary  forms,  with  or  without

    modification, are permitted provided that the following conditions are met:

    

    1. Redistributions of source code must retain the  above  copyright  notice,

       this list of conditions and the following disclaimer.

    2. Redistributions  in  binary  form  must  reproduce  the  above  copyright

       notice, this list of conditions  and  the  following  disclaimer  in  the

       documentation and/or other materials provided with the distribution.

   

    THIS SOFTWARE IS PROVIDED BY AUTHOR  AND  CONTRIBUTORS  ``AS  IS''  AND  ANY

    EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED  TO,  THE  IMPLIED

    WARRANTIES OF MERCHANTABILITY AND  FITNESS  FOR  A  PARTICULAR  PURPOSE  ARE

    DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR  CONTRIBUTORS  BE  LIABLE  FOR  ANY

    DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR  CONSEQUENTIAL  DAMAGES

    (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

    LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED  AND

    ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,  OR  TORT

    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT  OF  THE  USE  OF

    THIS  SOFTWARE,  EVEN  IF  ADVISED  OF  THE  POSSIBILITY  OF  SUCH   DAMAGE.


* kext/fuse_nodehash.c is a slightly modified version of HashNode.c from an 

  Apple Developer Technical Support (DTS) sample code example. The original 

  source, which is available on 

  http://developer.apple.com/library/mac/#samplecode/MFSLives/, has the 

  following disclaimer:


    Disclaimer: IMPORTANT: This Apple software  is  supplied  to  you  by  Apple

    Computer, Inc.  Apple") in consideration of your agreement to the  following

    terms, and your use, installation, modification or  redistribution  of  this

    Apple software constitutes acceptance of these terms.  If you do  not  agree

    with these terms, please do not use, install, modify  or  redistribute  this

    Apple software.


    In consideration of your agreement to abide  by  the  following  terms,  and

    subject to these terms, Apple grants you a personal, non-exclusive  license,

    under Apple's  copyrights  in  this  original  Apple  software  (the  "Apple

    Software"), to use, reproduce, modify and redistribute the  Apple  Software,

    with or without modifications, in source and/or binary forms; provided  that

    if  you  redistribute  the  Apple  Software  in  its  entirety  and  without

    modifications, you must retain  this  notice  and  the  following  text  and

    disclaimers in all such redistributions of the Apple Software.  Neither  the

    name, trademarks, service marks or logos of Apple Computer, Inc. may be used

    to endorse or promote products  derived  from  the  Apple  Software  without

    specific prior written permission from Apple. Except as expressly  stated in

    this notice, no other rights or licenses, express or implied, are granted by

    Apple herein, including but not limited to any patent  rights  that  may  be

    infringed by your derivative works or by other  works  in  which  the  Apple

    Software may be incorporated.


    The Apple Software is provided by Apple on an "AS IS" basis. APPLE MAKES  NO

    WARRANTIES, EXPRESS OR IMPLIED, INCLUDING  WITHOUT  LIMITATION  THE  IMPLIED

    WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR

    PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND OPERATION ALONE  OR  IN

    COMBINATION WITH YOUR PRODUCTS.


    IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT,  INCIDENTAL  OR

    CONSEQUENTIAL  DAMAGES  (INCLUDING,  BUT  NOT  LIMITED  TO,  PROCUREMENT  OF

    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,  OR  PROFITS;  OR  BUSINESS

    INTERRUPTION) ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION,  MODIFICATION

    AND/OR DISTRIBUTION OF THE APPLE SOFTWARE, HOWEVER CAUSED AND WHETHER  UNDER

    THEORY  OF  CONTRACT,  TORT  (INCLUDING  NEGLIGENCE),  STRICT  LIABILITY  OR

    OTHERWISE, EVEN IF APPLE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.


* Parts of the mount_osxfusefs and the load_osxfusefs command-line programs 

  (implemented in kext/mount/ and kext/load/, respectively) come from Apple's 

  Darwin sources and are covered under the Apple Public Source License (APSL). 

  You can read the APSL at:


    http://www.opensource.apple.com/license/apsl/


* Parts of the OSXFUSE kernel extension (locking mechanism for 64 bit kernel) 

  come from Tuxera Inc.'s MacFUSE "rebel" branch. The original source of the

  "rebel" branch is available on https://github.com/tuxera. These modifications

  are covered under the following BSD-style license:


    Copyright (c) 2010 Tuxera Inc.

    All rights reserved.


    Redistribution  and  use  in  source  and  binary  forms,  with  or  without

    modification, are permitted provided that the following conditions are met:


    1. Redistributions of source code must retain the  above  copyright  notice,

       this list of conditions and the following disclaimer.

    2. Redistributions  in  binary  form  must  reproduce  the  above  copyright

       notice, this list of conditions  and  the  following  disclaimer  in  the

       documentation and/or other materials provided with the distribution.

    3. Neither the name of Tuxera Inc. nor the names of its contributors may  be

       used to endorse or promote products derived from  this  software  without

       specific prior written permission.


    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS  IS"

    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT  LIMITED  TO,  THE

    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A  PARTICULAR  PURPOSE

    ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER  OR  CONTRIBUTORS  BE

    LIABLE  FOR  ANY  DIRECT,  INDIRECT,  INCIDENTAL,  SPECIAL,  EXEMPLARY,   OR

    CONSEQUENTIAL  DAMAGES  (INCLUDING,  BUT  NOT  LIMITED  TO,  PROCUREMENT  OF

    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,  OR  PROFITS;  OR  BUSINESS

    INTERRUPTION) HOWEVER CAUSED AND ON ANY  THEORY  OF  LIABILITY,  WHETHER  IN

    CONTRACT, STRICT LIABILITY, OR  TORT  (INCLUDING  NEGLIGENCE  OR  OTHERWISE)

    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED  OF  THE  

* Parts of OSXFUSE come from the Fuse4X project which itself is a MacFUSE fork.

  Additional information and the original source of Fuse4X are available on 

  http://fuse4x.org. Fuse4X is covered under the following BSD-style license:


    Copyright (c) 2011 Anatol Pomozov

    All rights reserved.


    Redistribution  and  use  in  source  and  binary  forms,  with  or  without

    modification, are permitted provided that the following conditions are met:


    1. Redistributions of source code must retain the  above  copyright  notice,

       this list of conditions and the following disclaimer.

    2. Redistributions  in  binary  form  must  reproduce  the  above  copyright

       notice, this list of conditions  and  the  following  disclaimer  in  the

       documentation and/or other materials provided with the distribution.


    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS  IS"

    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT  LIMITED  TO,  THE

    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A  PARTICULAR  PURPOSE

    ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER  OR  CONTRIBUTORS  BE

    LIABLE  FOR  ANY  DIRECT,  INDIRECT,  INCIDENTAL,  SPECIAL,  EXEMPLARY,   OR

    CONSEQUENTIAL  DAMAGES  (INCLUDING,  BUT  NOT  LIMITED  TO,  PROCUREMENT  OF

    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,  OR  PROFITS;  OR  BUSINESS

    INTERRUPTION) HOWEVER CAUSED AND ON ANY  THEORY  OF  LIABILITY,  WHETHER  IN

    CONTRACT, STRICT LIABILITY, OR  TORT  (INCLUDING  NEGLIGENCE  OR  OTHERWISE)

    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED  OF  THE

    POSSIBILITY OF SUCH DAMAGE.


This binary package contains the following open-source software that is 

available under the GNU Lesser General Public License.


* FUSE user space library (http://fuse.sourceforge.net/)