January 28, 2013

Secure & private storage API on the horizon?

by with 5 comments

We wanted to share our announcement that just hit the wire today:

2013: The Year of Privacy

SpiderOak Bringing Privacy to the Cloud Through Open Source ‘Zero-Knowledge’ Application Framework

SAN FRANCISCO, CA–(Marketwire – Jan 28, 2013)– SpiderOak, the ‘zero-knowledge’ privacy cloud technologies provider, revealed today that the company will release an open source ‘zero-knowledge’ application framework (ZKAF) to push privacy further into the web than previously possible. The official launch will come at the RSA Conference in San Francisco and will further signify the evolution from Internet security to cloud privacy.

The ZKAF open source code will be made available on February 25. Additional details leading up to the announcement will be available at the SpiderOak website: spideroak.com.

2013 – The Year Privacy was Found

As the cloud has gone mainstream, so too has the conversation around security. With more data being pushed to cloud servers throughout the world — the need to ensure the data is safe grows. Amidst this dialogue, the concept of ‘privacy’ has been drowned out as it was previously thought not possible to both preserve the privacy of data and also benefit from the advantages of the Internet. This is now all changing.

SpiderOak’s launch of its ZKAF will enable companies and/or developers to apply this framework on top of their application and enjoy all the benefits of ‘zero-knowledge’ privacy without having to understand the detailed specifics around cryptography and encryption. In practical terms, this means that any data generated by an application will never be readable on the server it is stored and, henceforth, remains private and in full control of the end user.

SpiderOak: Privacy Built Into the Technology

From the ground up, SpiderOak was designed with privacy at the core. The company’s industry-leading ‘zero-knowledge’ privacy standard protects user data by encrypting file backup, synchronization and storage throughout every stage. SpiderOak servers never store the plaintext version of a user’s encryption keys (or password). As a result, nobody can view any portion of a user’s content including filenames, file types, folder names, etc. Even the members of the SpiderOak staff with physical access to the servers can never view plaintext user information.

With SpiderOak Blue, the company brings the ‘zero-knowledge’ privacy environment to the enterprise. Through a virtual machine running behind a company’s firewall, SpiderOak Blue connects to LDAP / ActiveDirectory to provide consistent authentication procedures. IT departments have the flexibility and control to create and deploy specific end-device builds depending on the user — managing how and when individual files should be backed up and/or synced. A private cloud offering is also available such that the entire solution is contained behind the company’s firewall or within their server environments.

For more information on SpiderOak Private Cloud and other enterprise products, please visit: spideroak.com/business.

Media Contact:
Ethan Parker, BOCA Communications: (415) 377-0978

  1. Good job at grabbing the moment. The first thing I thought about with the Mega launch was Spideroak.

  2. I hope you'll release the client program code on all platforms as open source and allow people to build it themselves. Without that, all your claims about Zero Knowledge remain just claims as there is no way for anyone to really verify them. Or did I miss an announcement that they're already open source?

  3. If SpiderOak were like Cyphertite, it would add more credibility to the claims made since SpiderOak has a longer history of providing this service. I hope you would open source your application code and have ZK be Zero Knowledge in letter and spirit…not just your users having Zero Knowledge about what exactly your client programs do. :)

  4. I will echo the "Open Source Your Client" message as well.

    Please put that action behind your word, and do please explain why you have yet to do so. Transparency and Truth speak for themselves. The work on ZK is critical, we will all agree, so let's remove the boundaries from where we will apply ZK and where it is not.