![]() ![]() Although it uses proprietary code and it is based in the US, the company has a solid reputation as a reliable solution and so far, there hasn’t been any evidence showing that it has been compromised by the NSA. In spite of some minor flaws, SpiderOak is an excellent service that supports convenient features. Although SpiderOak supported Bitcoin as a method of payment for a while, it doesn’t offer this option anymore. Still, many people won’t consider this as a major deal, particularly since being able to access files on the go and from any location is very convenient. If you access your files outside the SpiderOak app, your password has to be provided to their servers for authentication and in order to be directed to the data. However, the company has acknowledge this as an issue and it states that the data is never written to a disk. The first thing to keep in mind is that only the SpiderOak client is zero knowledge and if you access your account via the web interface, your password is provided to the SpiderOak servers. What are the downsides?Īlthough SpiderOak offers many advantages, there are some issues that should be considered. However, it should be noted that the provider has shared many of its own tools and resources with the open source community and it even aims to making its client code open source at some stage. As previously mentioned in our review, SpiderOak has proprietary software, meaning that it can’t be independently audited to confirm that it hasn’t been compromised by the NSA or other organization. This government organization is known for targeting internet services that operate in the US and many companies are forced to hand over data, or do it willingly. However, since the company is based in the United States, it is more vulnerable to surveillance by the NSA. SpiderOak overviewĪlthough SpiderOak is a relatively small provider, it has gained recognition thanks to its secure online storage service. A 3072-but RSA key pair is included with every account and SpiderOak has plans to use it for multi-user private collaborative and sharing functionality in the future. All the keys are encrypted with 256-bit AES using a key created from your password by PBKDF”, a key derivation/strengthening algorithm using sha256. The provider uses 256-bit AES in CFB mode with HMAC-SHA256 encryption. If you lose them, SpiderOak can’t help you to recover them. One thing to keep in mind is that when it comes to zero-knowledge services, it is your responsibility to look after your password and encryption keys since only you have access to them. This are convenient features that you don’t get if you only use TrueCrypt. SpiderOak also supports easy syncing across multiple devices, as well as file versioning. ![]() For instance, you can encrypt and decrypt files individually. Still, it should be mentioned that SpiderOak offers practical functionality that TrueCrypt doesn’t support. Before uploading your files to the cloud, it is advisable to encrypt them using an open source tool like TrueCrypt. ![]() However, if you don’t want to take any chances, it is important to consider additional steps to ensure that your data is protected. You’ll just have to take their word when they say that their service is secure. ![]() As such, users will need to trust that SpiderOak’s proprietary solution is truly safe as it is not possible to confirm that there are no back-doors installed into the code. SpiderOak uses its own encryption method so unlike the case of open source technology, the code can’t be inspected by independent parties. We’ll take a closer look at the security offered by SpiderOak. This makes SpiderOak an appealing solution for security conscious users because it implies that the provider doesn’t have access to their passwords or encryption keys and would not be able to check their data. They offer end-to-end encryption, which means that users encrypt and decrypt their data on their own devices. When Wuala was shut down in 2015, many users started looking for alternatives and SpiderOak is one of the best ones, thanks to the fact that it is a zero-knowledge cloud. SpiderOak is a well-established provider and along with the now defunct Wuala, it has focused on offering a secure cloud storage solution. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |