Identify Critical Assets and Maintain Clear Communication to Reduce the Impact of Data Breaches

Cloud computing has become an integral part of today’s IT market; however, the security of data in the cloud has always remained in question. Organizations tend to outsource almost 50% of their resources to cloud-based services because of their flexibility and cost effectiveness. Since huge amounts of corporate data rest in the cloud, they have […]

Read More

Cryptowall Ransomware Spreading through Malicious Advertisements

As predicted by security researchers, 2014 is really turning out to be the year for new forms of ransomware attacks. Ransomware is a form of malware that takes over your system and restricts access to your files and folders until you pay the ransom amount to the malware author. Without the knowledge of the victim, the malware […]

Read More

Supporting Reset the Net & Free Software for End-to-End Encryption

Today, June 5, just a year after one of the most significant leaks in U.S. history by Edward Snowden, SpiderOak joins Reset the Net and hundreds of thousands of others to protect our privacy and freedom from government mass surveillance. Our CEO, Ethan Oberman, had this to say about Snowden and the campaign: The Snowden revelations […]

Read More

Lessons to Be Gained from the Recent eBay Data Breach

The occurrence of security breaches at large companies appears to be on the rise. Last year, we saw massive data breaches at Target and Adobe affecting millions of customers. The personal data of many people were at stake as a result of the incidents. Data breaches are the stuff of nightmares for any enterprise. They not only suffer […]

Read More

Usability challenges on privacy-preserving systems (Part 3)

As we talked in here and in here, about the challenges of creating good usability/UX in a privacy-preserving system, password handling and processing is hard. What can we do to avoid having to worry about it? Third-party authentication systems Some of the big names in the internet have implemented this authentication thing for us. Twitter, for […]

Read More

Examining Lavaboom’s Email Service Security Against NSA Surveillance

In light of NSA surveillance, finding a truly secure email service presents a challenge. The PRISM revelations have made us aware of government surveillance programs targeting the email communications of millions of Americans for mass data collection, and as a result, many of us are more concerned about the privacy and security of our data in the […]

Read More

Usability challenges on privacy-preserving systems (Part 2)

In the previous post we started the first of several posts explaining the usability challenges when developing a privacy preserving service. Today we will continue with passwords and how they are processed. Password strength The main problem with making a system’s security depend on a password is that good ones are really hard to remember (or are […]

Read More

Protecting Data Against SQL Injection Attacks

Data attacks have unfortunately become commonplace these days, with new reports of penetrated security systems being reported on a seemingly regular basis. SQL injection is the most commonly used form of attack by intruders to compromise enterprise data, as it is highly effective and successful in gaining access. The SQL injection vulnerability has been around […]

Read More

Welcome Firefox Sync to the ‘Zero-Knowledge’ set of applications!

As a company, SpiderOak would of course benefit from being the only provider of privacy services. But there’s more to it than just money. We don’t want to be the only company in the privacy field because society benefits from variety in this case. So we embrace this, and our goal is to conquer markets where […]

Read More

NSA Surveillance Spurred Tech Firms to Tighten Security- Examining the EFF Survey Report

The PRISM revelations served as a wake-up call for tech firms in terms of privacy, security, and NSA surveillance. The documents leaked by Edward Snowden indicates that the NSA has left no stone unturned in getting access to a huge amount of sensitive user data. They have been successful in circumventing the majority of encryption technologies over […]

Read More