January 9, 2011

FBI Wants Your Data, part Deux

by with 8 comments

In a previous post, Chip discussed a recent FBI drive for encryption backdoors. It looks like they’re at it again.

Basically, the WSJ article linked to above details how in the New Information Society information is power, and many countries are either attempting to have their own power over information (such as Saudi Arabia’s wanting a backdoor into RIM’s BlackBerry services). Others are afraid of US government influence and intervention in software, which is most likely the driving force behind Russia’s new push for open-source software. The reason for the worry on the latter point is that recently the FBI directory has been touring Silicon Valley companies, trying to get them to give him back doors into customer data, possibly trying to avoid normal governmental oversight on such things.

This, again, is something we care a great deal about. The whole concept that if you have nothing to hide, you have nothing to fear is a fallacy. Something the Computer Weekly article missed is that the “Nothing-To-Hide, Nothing-To-Fear” (NTH,NTF) concept assumes that a theoretical “nothing to hide” lifestyle coincides with the authority’s concept of “nothing to hide.” Political leanings, sexual orientation, love affairs with those of the “other” group, religious views, reporting abusive members of an otherwise benign government, or even holding governments up to the same NTH,NTF concept can bring severe problems upon an individual.

At SpiderOak, we’ve created a system that makes it impossible to for us to reveal your data to anyone; when you create an account, your client creates private encryption keys that we cannot get. If there was a massive SO data breach, either by accident or interference by a third party, all that The Bad Guys would get would be a mass of encrypted blocks- statistically, little more than random noise. Your data at SpiderOak is safe and is a crypto-nerd’s dream by virtue of being started by a bunch of crypto-nerds. That said there’s always the more likely scenario anyway.

  1. True, but you can't forget the hushmail case where Hushmail was compelled by a court to serve malware to users to steal their encryption data. Which means that SO could still run into trouble due to the auto-update mechanism or web interface being compelled to push malware. Another reason you guys should open source when you can;) that won't eliminate the possibility but it sure would make it a lot less likely.

  2. Should users back up their encryption keys, or is this not necessary (if the user has their userid / password / machine name)

  3. Trying to dedide if I will use spideroak, I'm reading the blog and found this entry. I really appreciate that you refer to the xkcd webcomic. I do agree with the earlier comment that your software would be most trustworthy if it became open source. In that case I would not only trust it my data, but also not hesitate to pay for your server space even if I'm using less than the free account maximum, just to support having access to a cloud space I can really trust.

  4. To really protect your users, your client should not do auto-update. I heard that the EFF coached Slingbox (an unrelated product, but also potentially subject to court-order-type actions) so Slingbox wrote their client to not use auto-update, exactly to prevent the scenario Alex mentioned.

  5. I wonder if auto-update is an issue. SpiderOak (with all my respect) could issue a new general/beta release with a spy inside after a court order, without warning any users.

    How SpiderOak will react if such court order is issued ? Close their business ?

  6. I guess it all comes down to how much you trust the software developer. Hopefully one day SpiderOak will release an open-source client and put such fears to rest, permanently.

    After reading information about SpiderOak's encryption process and 'zero knowledge' policy on their well documented website, I feel more at ease. This blog posting helps too.

    Keep up the great work!

  7. Hello SpiderOak Team,

    I’d like to know if there is more detailed information about the security solution/implementation for SpiderOak available? On your website I only found buzzwords like ‘zero-knowledge’, and ‘layered approach’ of ‘RSA’ and ‘AES’. However, this does not reveal any information how these technologies are wired together. Where is encryption of data really happening? On the client side? Or is only the key-generation happening on the client side, but the actual data encryption on the server side?

  8. Without open-source client, SpiderOak looks like kind of "surveillance for advanced users".
    In a government database, your data will be marked as more valuable — because you care about encryption, huh.