May 14, 2010
Feeling disconnected? This is why.
If you’re having connection problems from the SpiderOak client, the solution is to upgrade to version 3.6.9658 or later.
… because 3 years ago when we launched SpiderOak I generated the SpiderOak SSL certificates that the SpiderOak client uses to verify the identify of the storage server. This is to protect against DNS poisoning attacks (i.e. otherwise an attacker that controlled DNS could attempt to convince your SpiderOak client to upload data to a different server.) These are not the same certificates as for the SpiderOak website.
I thought I generated certificates for 10 years, but they were only for the default of 3 years, and thus connections began expiring en masse about an hour ago. Most mistakes you should only make one time, and clearly this would fall under that category.
The verification for the cert is embedded along with the new SpiderOak client. We generated new certs, and fast tracked new builds through testing and release, so please visit the direct download link and all will be well again.
Please accept my deepest apologies; I’ve requested my flogging to be scheduled tomorrow at sunrise.