An old saying states that “security is inversely proportional to convenience.” This explains the slow adoption of many important security technologies. HTTPS, the secure version of the HTTP protocol used to browse the world wide web, has been around for more than two decades, but it’s only been in the last couple of years that it has been enabled by default on many major websites.
Back when we sucked down email from our ISPs over POP3 connections, all your data was, literally, yours: it was under your control more often than it wasn’t. If someone wanted access to your data, they had to access (or attack) your computer. As more and more of today’s data lives “in the cloud”, security becomes more and more important. If someone wants to access your data, you might never know about it as the attacks (or subpoenas) would be executed against the various cloud services you use.
Unlike Dropbox and similar services, which make it clear that they can access your data if they need to do so, SpiderOak employees can’t even see the names of the files you upload. And yet, SpiderOak hasn’t enjoyed quite the same level of success as Dropbox, in part because the security implementation makes it a little harder to use.
SpiderOak has made some great strides in making a friendlier product for casual users. They’ve revamped the sign-up process to make it easier and less intimidating, without compromising security. And they’ve just unleashed their new Hive addition, which makes multi-device synchronization easier than ever.
Historically, SpiderOak required users to explicitly share specific folders with specific devices. That’s a great feature, allowing you to ensure that your personal stuff doesn’t ever get synchronized to a work laptop, for example. But not everyone wants to explicitly decide which data can reside on which devices. Hive, available now, provides a pre-configured folder that is automatically synchronized with all devices linked to your account. This brings more Dropbox-like functionality to SpiderOak users, allowing them to enjoy secure cloud-based storage without manually configuring every device.
As Dropbox’s success has made abundantly clear, though, file storage and synchronization is so last year. The new hotness is service integration and automation. Things like IFTTT and all the other automation built atop it are making Dropbox the filesystem of the Internet. SpiderOak wants to be the private filesystem of the Internet. In order to support a rich ecosystem of third-party applications while still enforcing a commitment to zero-knowledge privacy, SpiderOak is working on Crypton, “a framework for building cryptographically secure cloud applications.”
SpiderOak has a couple of other tricks up their sleeve, too. While Dropbox and its ilk are strictly hosted solutions, SpiderOak has worked with a number of different corporate clients to deploy zero-knowledge privacy behind those companies’ firewalls. For various government and military agencies, this kind of on-premise secure storage is a requirement that Dropbox can’t easily provide.
Finally, SpiderOak has a few PSAs about the distinction between security and privacy available at zeroknowledgeprivacy.org. “Why Privacy Matters” and “The Fine Print of Privacy” are easy to read primers on some of the issues surrounding privacy online today. Even if you’re happy with Dropbox — or any of the cloud services that are quickly becoming indispensable — it’s worth spending a few minutes to read these primers.