Tag Archives: zero-knowledge

EFF Recognizes SpiderOak For Having Your Back

The Electronic Frontier Foundation (EFF) just released it’s annual “Who Has Your Back?” report honoring our efforts – and others – on the legal and privacy front of protecting our users.

Of the six criteria used to assess a company’s practices and polices, SpiderOak received five of the six. According to the EFF, “SpiderOak earns 5 stars in this year’s report. It has demonstrated a strong commitment to transparency around government data requests and respect for its users’ privacy. Specifically, SpiderOak requires a warrant for access to content, gives notice to users when their data is sought by the government, publishes a transparency report detailing government data requests, and publishes its law enforcement guides. In addition, it has publicly opposed mass surveillance.”

It goes on to say, “While SpiderOak does not receive a star for fighting for user privacy in courts, this does not reflect badly on the company: Many companies do not have an opportunity to challenge an overbroad government demand or may be barred from discussing their legal challenges.”

Who has your back 2014

We have not had the occasion to defend any of our users’ rights in court. We have not been bound by secrecy of gag orders, nor imposed by court orders. In any of these cases, we would comply with the law. As our users know however, we do not have access to our users’ plaintext data. Furthermore, should we ever get the opportunity to fight for our users’ privacy in court, we would – without hesitation – do so.

Here is the complete report.

Privacy: The Year and the Word

You can imagine how tickled we were yesterday when Dictionary.com named ‘Privacy’ the word of the year. They wrote, “The discussion of privacy – what it is and what it isn’t – embodies the preeminent concerns of 2013.”

Word of the year

Not to toot our own horn but at the beginning of this year, our executives, marketing team and PR firm sat around a table and got very clear on our message. As a result, we released this on January, 28th, calling 2013 The Year of Privacy.

Of course we couldn’t predict the Snowden disclosures about the NSA surveillance, the Google Glass release, all the changes in privacy policies that got users in a tizzy, or the Snapchat snafu, but what we have known for some time now is privacy is the best form of security.

Check out this cool info-graphic on The Year in Privacy.

Privacy in a digital world is not easy and it certainly poses some interesting challenges and contradictions. Look no further than the immediate criticism Dictionary.com received due to naming ‘Privacy’ the word of the year…

“Today, just visiting the homepage of Dictionary.com sets 90 cookies and replicating the method from the Wall Street Journal investigation (including reading the blogpost on ‘privacy’ being the word of the day) yields 198 cookies, according to The Washington Post’s research.” — Click here to read more.

As we look to 2014, it is our mission to continue protecting our users’ privacy, developing more ‘Zero-Knowledge’ cloud technologies, and pushing privacy further and further into the web.

Happy holidays and cheers to privacy!

12 Days of Privacy: 25% Off!

12 Days of Privacy

On the fifth day of Privacy

SpiderOak gave to me:

25% off!!

On December 13, we introduced the 12 Days of Privacy* – sung to the tune of the 12 Days of Christmas. We hope to share with you what the 12 Days of Privacy means to us with this little holiday spin off.

Today is the 5th day of our 12 Days of Privacy which means you can enjoy “Twenty-fiiiiiive percent off!” all yearly plans!

Current Users:

  1. Login to your account online.
  2. Go to your ‘Account‘ tab at the top
  3. Click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’
  4. Plug in the promo code 12DaysofPrivacy, and choose which plan you want under Yearly Billing.

New Users (Welcome!):

  1.  Sign up here
  2. Download and install the client
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘)
  4. Use the promo code 12DaysofPrivacy and choose which plan you want under Yearly Billing.
What do you think the 6th Day of Privacy will bring?

*We do know that the original 12 days of Christmas begins on Christmas day, but we wanted to do our own spin off before the holidays. 

12 Days of Privacy: 4 ‘Zero-Knowledge’



12 Days of Privacy

On the fourth day of Privacy

SpiderOak gave to me:

4 ‘Zero-Knowledge’ 

On December 13, we introduced the 12 Days of Privacy* – sung to the tune of the 12 Days of Christmas. We hope to share with you what the 12 Days of Privacy means to us with this little holiday spin off.

You can join in too!

We don’t want to have all the fun so we invite you to submit your own lyrics. Share them with us on Facebook, Twitter, or in the comments section, and we’ll promote them throughout the week! We can’t wait to see what the 12 Days of Privacy means to you. To find out what the SpiderOak staff and fans come up with, follow #12DaysOfPrivacy.

Tis the season of Privacy!

*We do know that the original 12 days of Christmas begins on Christmas day, but we wanted to do our own spin off before the holidays. 

No Knowing November

No matter where you consume the news, there is no escaping the revelations continually coming out of PRISM and MUSCULAR and their impact around the globe. At its root, it uncovered a dangerous problem – privacy online is indeed threatened at every level.

Since its inception in 2007, SpiderOak has been focused on preserving our users’ privacy through the implementation of ‘Zero-Knowledge’ technologies – the privacy-first orientation that ensures the server never knows what data it is storing. How is this accomplished? By never storing the encryption keys and therefore never having plaintext access to the data. Ultimately, this is the only way to give ownership and control back to the user and – thus – ensure privacy throughout the process.

Back in January – when everyone was talking about the importance of security – we had the foresight to call 2013 the Year of Privacy. As we have seen, security only solves half of the problem. When a company retains the keys to the data, it also maintains the ability to access it. The access can then be used in a number of damaging ways as has been exposed back in June.

SpiderOak, Zero Knowledge, Privacy, No

Help us make this month NO KNOWING NOVEMBER by sharing this critical message on privacy through ‘No Knowing!’


  • Promote privacy through #NoKnowing
  • Use any of our ‘No Knowing’ images

Download The Newest Version of SpiderOak

Today we are proud to release our newest version – SpiderOak 5.0.


The most significant addition is SpiderOak Hive – a simple drag and drop folder that allows you to sync files across all your devices. For more information on Hive, feel free to visit https://spideroak.com/hive/.


You can read about several other new features, enhancements and bug fixes at SpiderOak Launches 5.0 Beta.

Please reach out with any thoughts or questions. We look forward to continuing development and making SpiderOak the best it can be.

Why Privacy Matters

Why does privacy matter?

To begin breaking down the subject of privacy, we created an explainer, recently published in IT Briefcase, to answer the following questions:

  • What is the difference between privacy and security?
  • Should you care about privacy if you have nothing to hide?
  • What does privacy mean in the digital age?

Want to help spread the message of privacy? Share this explainer and get people thinking about Why Privacy Matters.

A Great Evening Focused on Privacy

We’re just starting to see the dust settle after hosting the first annual Penetralia Event and wanted to thank all the attendees for their attendance as well as the folks over at Silent Circle for co-hosting and making the evening so special. It is our hope that you had as much fun as we did and left feeling more understanding and passionate about privacy.

The event was intended to coincide with the first day of the RSA Conference in order to help further draw the important distinction between security on the one hand and privacy on the other. A physical way to explain this technical difference would be to think of your house or apartment:

Security relates to the lock on your door and/or your alarm system — the measures you put in place to keep out unwanted visitors or intruders.

Privacy represents the blinds on your windows. Most of us don’t like the idea of a passersby peering inside at all hours even if we aren’t doing anything of particular note. This is why we we draw the blinds.

Hence – it is through the existence of both security and privacy that we can fully enjoy peace of mind. And of course the same should exist in our digital / online lives as well.

To illustrate this point, we created ‘Secure’ and ‘Private’ boxes which were on display and available for attendees to experience. We invited people to step inside each box, feel the difference and ponder how the experience translated to putting their data in the cloud.

On Monday we also announced the launch of our newest product, Crypton. Penetralia attendees had the opportunity to see and discuss directly with the developers responsible for building this world’s first ‘Zero-Knowledge’ application framework. The level of interest was overwhelming and thus incredibly encouraging. We look forward to working with the community at large and supporting their efforts around various Crypton implementations.

For those who couldn’t attend, don’t you worry. Several privacy-focused companies asked how they could help sponsor our event next year. Penetralia 2014 is already in the works!


Announcing Penetralia: Launch of First-Ever Open Source ‘Zero-Knowledge’ Application Framework

The RSA Conference in San Francisco takes place next week and we will be sponsoring the first annual Penetralia Event with our friends over at Silent Circle, the global encrypted communications service provider.

What is Penetralia? The definition reads:

1. The innermost part of a building, especially the sanctuary of a temple.

2. The most private or secret parts; the recesses; the penetralia of the soul.

Taking place on Monday, the 25th, from 7pm-10pm, the goal of Penetralia is to gather folks from across industries to further the privacy-in-technology conversation. “The underlying premise behind the cloud is that all data is stored or available in plaintext. From an end user perspective, this means everything you upload – from financial documents to family photos to vital company information – exists in a readable format by someone other than you. The ‘Zero-Knowledge’ concept propels the dialogue forward by enabling something previously not possible – maintaining privacy in a cloud environment,” said CEO and Co-Founder Ethan Oberman.

Penetralia is an invite-only event. If you would like to attend, please visit https://penetraliaevent.com/.

Also, this Monday at RSA we will formally announce a first-ever open source ‘Zero-Knowledge’ application framework. This framework will empower both companies and developers alike to take full advantage of ‘Zero-Knowledge’ cryptography and encryption standards through a lightweight utility that runs via the browser.

We believe this framework will deepen the divide between companies that need access to your data as part of their business model, such as Google or Facebook, as opposed to those who don’t, like Evernote or 37signals. With this advancement we ask, “Why would companies choose to store data in plaintext when there is no financial benefit in doing so?”

“How can we turn privacy into a tangible?”

In stride with 2013 as ‘The Year of Privacy’, SpiderOak launched a ‘Zero-Knowledge’ Privacy Ambassador (ZKPA) program.

We have nine ZKPAs from around the world who we will introduce you to in the coming weeks. Our ZKPAs will help inform and educate people on the importance of preserving privacy in everyday online life. Please lend them a warm welcome as they lead the change in advocating for privacy…

Meet Rob

Rob Simmons is a SpiderOak ZKPA hailing from St. Louis, MO. He has been working with computers professionally for the past 16 years. His day job includes management of NetApp, EMC, and Oracle disk and tape storage systems. His evenings and weekends include running Wycombe, LLC, (@WycombeLLC) which provides IT consulting solely to small businesses. While serving in the US Air Force he had the distinct honor of being stationed in an English sheep field. After his Honorable Discharge, Rob helped build a small telecom startup and obtained a Bachelor’s of Computer Science with an emphasis on Information Technology in 2009.

Why are you so passionate about privacy?

RS: We are in the ‘Share It All’ age. I think this is horrible. It is not necessary to share every aspect of your life, where you are this very moment, what you’re doing, where you’ve been, or what you plan. There are consequences for sharing it all. Namely, a complete loss of privacy. By sharing everything going on in your life, you give other people (sometimes malicious, sometimes not) the ability to rebroadcast your life any way they please without your permission.

Ensuring privacy is essential in navigating our online lives where every click we perform, every post we make, every picture we upload is replicated hundreds, maybe thousands of times. At that point a person has lost control of their privacy. It also lowers the excitement in meeting a new person, in making friends, or even developing a romantic relationship. The ability to learn something new about someone is eliminated when that person has given up his privacy. I’m passionate about privacy because I want all people to be able to selectively control the way their personal data is released.

What did you find most interesting about SpiderOak?

RS: Honestly, until the spring of 2012 I never heard of SpiderOak. Nor did I have any sort of backup solution for my computer. I got away with “winging it” for all these years. As part of my duties with my employer, I was tasked to research online cloud backup, sync, and recovery companies and their offerings. Among all companies and products I researched, not one came close to offering the critical level of digital security and personal privacy that SpiderOak offers. Others do a good job, but SpiderOak’s security structure is as near bulletproof as you can get. I was truly impressed. So impressed that I signed up for an account. After seeing how well SpiderOak worked for me I signed up my mother, two brothers, grandmother, grandfather, and my wife. My entire family is now a SpiderOak family.

What are some of the biggest challenges you see for advocating privacy?

RS: Privacy is not something that people actively think about. They think about seemingly more pressing items such as finances, car maintenance, home maintenance, work-related tasks, and family issues. These are all tangible items in their life. Things they experience, perform, or feel emotionally. Privacy, and especially online privacy, is an intangible item. How can we turn privacy into a tangible? Something a person can feel, touch, and understand? Once it’s turned into a tangible it will remain at the front of people’s minds along with all their other concerns.

Where do you see the online cloud industry in 5 years?

RS: It’s going to get bigger. Exponentially larger. Data center and data warehouse architects should be quite busy. I see a massive consolidation of disparate online items. Microsoft is going forth in a way I think will be the future. Microsoft is consolidating their desktop, mobile, and gaming platforms into one common system. And it’s all interfacing with Microsoft’s painfully non-private cloud storage: SkyDrive.

But it’s not just desktop, mobile, and gaming I see as part of the consolidation. I can see medical records, academic records, purchase histories, ebooks, music, accounts (online credentials), recorded VoIP calls, and who knows what else to be stored in a personal cloud. You could tell the doctor to just send your medical records to your personal SpiderOak storage. You’ll tell your VoIP service provider to record and send all calls to your SpiderOak storage. Receipts? Send it to storage. Ebook delivery? Not to a particular device, to storage. I think online cloud companies are going to have to look far ahead and see how they can become a person’s “personal storage” company that the user can access from any device, any location, at any time.

What do you hope to accomplish as a ZKPA?

RS: I’d like to get computer users to begin to think critically about their privacy and security of their personal files.

I’m sure many folks will brush off privacy with the statement they have nothing to hide. Well, truth be told, I don’t either. If you’ve nothing to hide, why close your drapes in the evening, why drop your blinds, and why close your outside door? People instinctively like their privacy even if they don’t know it. It just feels better knowing others aren’t looking in on you. Personal privacy is a natural thing for humans to enjoy. I want computer users to realize they should treat their files the same way. Make them private and share them only if they choose to do so. By stressing the ability users will have in selecting who has access to their files, I’ll be strengthening their freedom of choice. People would much rather be able to choose among a set of choices than none at all.

We are proud to have Rob aboard! If you have any questions for Rob, please feel free to write in the comments or find him on Twitter.

Next week, we’ll introduce another ZKPA…