June 17, 2013

Our Android 2.0 App Release & Testimonial Winners Announced Wednesday

by with 8 comments

Because of the enormous response we received during last week’s testimonial-100GB giveaway, the five winners will be announced on Wednesday instead of today. Thanks again to everyone who participated! We were so grateful for all of the positive feedback.

If you missed it, we wanted to draw special attention to our new open-source HTML5 Android app that went live last week. Here is Ars Technica’s write up about it, or you can read the June 11 press release:

SpiderOak Launches Open-Source HTML5 Android App

Functions Like a Native App, Provides the Foundation for Enterprise-Grade, ‘Zero-Knowledge’ Mobile Apps

SAN FRANCISCO, CA–(Marketwired – Jun 11, 2013) – SpiderOak, the ‘Zero-Knowledge’ privacy cloud technologies provider, today announced the new SpiderOak Android 2.0 application. Redesigned from the ground up using HTML5 and fully compatible with the brand-new SpiderOak Hive, the Android app is setting the standard for mobile privacy in the cloud. The newly available app enables users to view the data located in the Hive folder as well as any folders or files across their SpiderOak devices. It sets a new precedent for the development of open-source, HTML5 mobile applications.

“Our new Android app bucks the prevailing trends,” said Ethan Oberman, CEO of SpiderOak. “We have proven the capabilities of HTML5 and the success of producing open source mobile software. Our Android 2.0 app further sets the groundwork for bringing full ‘Zero-Knowledge’ read/write to mobile devices — leveraging our new Crypton framework. After all, privacy must expand beyond the computer to include the rapidly evolving mobile platform.”

HTML5 and Open Source

SpiderOak has a strong commitment to open source software and expounds on this belief with SpiderOak Mobile 2.0. The company also believes in leveraging the HTML5 platform as a viable solution to building mobile apps, despite recent companies moving in the other direction — most notably Facebook.

Newly hired lead mobile developer Tommy-Carlos Williams is a renowned expert in HTML5 and PhoneGap, an industry-leading open-source framework for developing apps using HTML5. “With SpiderOak 2.0 for Android, we’re really leveraging the HTML5 platform in its truest nature,” said Williams. “I’m excited at the direction SpiderOak is taking in mobile. We’re breaking new ground for ‘Zero-Knowledge’ privacy, as well as for the evolution of HTML5 itself. It is for these reasons I moved to SpiderOak and look forward to continuing our progress in these areas and more.”

SpiderOak applied styling to make the new app match Android 4.0 and above, and has devised features that behave in a native manner. The goal of the new app is not just to increase overall functionality and usability, but also appeal to the more stringent privacy and security demands of the enterprise.

Designed for Simplicity and Ease of Use

SpiderOak 2.0 for Android also includes significant usability enhancements, such as a higher level of app performance and easier navigation. Through the updated Android app, users can log in and easily see the data in their Hive folder or across any other device that is running SpiderOak. In addition to immediately accessing and viewing all of the data inside an account, a user can download and share files via email or social media.

Devices running Android 2.3 and newer versions can download the app in the Google Play Store.

To learn more about SpiderOak Hive, please visit: https://spideroak.com/hive/

  1. Very neat! Is all of the crypto still down client-side or does this require sharing the password/key with the SpiderOak servers?

    • Hi SalusaSecondus & Brandan,

      Thanks for the question. We recently created a place dedicated to our mobile products so users can locate information quickly. Check it out when you have a chance:

      As it relates to mobile and Zero Knowledge, when accessing your data via the SpiderOak website or on a mobile device you must enter your password. The password will then exist in the SpiderOak server memory for the duration of your browsing session. For this amount of time your password is stored in encrypted memory and never written to an unencrypted disk. The moment your browsing session ends your password is destroyed and no further trace is left. The instance above represents the only situation where your data could potentially be readable to someone with access to the SpiderOak servers. That said, no one except a select number of SpiderOak employees will ever have access to the SpiderOak servers. To fully retain our ‘zero-knowledge’ privacy, we recommend you always access your data via the SpiderOak desktop application which downloads your data before decrypting it locally.

  2. It would be awesome if you guys could bring uploading abilities to Android.

    Even more awesome if you could have sync folders on Android.

  3. This is missing the most useful feature still!

    Users can NOT upload from mobile devices.

    I should have read the fine print. Still can’t upload files from and andorid device. I even paid for extra space because i wanted to support this companies efforts. Now i wish i had not.

    Also, the android version can’t handle long passwords or ones with special characters. this sucks! I tested 12 diffrent passwords of varing complexity.


    P.S. The html5 version of the app is very laggy (SGS3, freash out-of-box, no other apps installed). Please make a native app.

    • Hi, Brandan! I’m one of the developers of the hybrid HTML5 app, and the Android client on which it is built.

      I have just recently implemented some fixes for problems with non-basic multilingual plane (UTF-8) password characters that is due to surface in our next production release, possibly in a few weeks. We plan to release a beta test of these fixes, hopefully within the next day, and would appreciate it to have you join the beta to see whether it addresses any of your long password problems. If it doesn’t, we would want to get more specific details about those problems, to see about resolving them.

      About the lags of the HTML5 version, if you have access to an iOS device (iPhone, iPad, iPod Touch) you can compare the behavior with a native iOS implementation available from the iOS App Store. I think you’ll find, as we do, that the implementations perform, on the average, very similarly. They both vary from moment to moment, but that is due to network and server pragmatics, and those mostly account for the lags.

      There are things we are exploring to mitigate that, primarily in reducing the dependencies on the server. Likewise, we’re looking towards client write, like uploading, etc. But those kinds of things are long range aims, and will depend on practicalities we will have to settle along the way.

      Please indicate if you would like to participate in the beta, to help us work on the password problems.

  4. Is there a timeline for when we will have “full ‘Zero-Knowledge’ read/write on mobile devices” ? That is, no sending the encryption password to the server anymore?

    • Hi! Thanks for your post! Re support for uploading data from mobile devices, given our focus on privacy, this has some special obstacles for SpiderOak that other companies don’t face. That said, pushing Zero-Knowledge privacy to mobile and the web in general have been very much on our radar. It’s the principle reason behind our development of Crypton, our new open source application cryptography framework – http://crypton.io. Once complete, we will use Crypton internally across all SpiderOak facilities to ensure privacy while providing read/write to both mobile and various other web tools. Our plan is to fully launch the Crypton platform in August and hopefully apply this technology to mobile toward the late fall / early winter.

      Hope this helps!