SO you mean they are knowingly lying here and we should bring a class action suit against them or is there some stupid legal loophole I donât understand.
Iâve been using SpiderOak for a few years now. SpiderOak is structured as a cloud backup service with file syncing and sharing built upon that, and I use it both for file backups and for syncing. It has its strengths and weaknesses.
SpiderOakâs commitment to end-user privacy is very strong, and Iâve never heard its security features faulted. Theyâre in the small set of organizations that has been willing to go to court to protect the privacy of their end users. SpiderOak is available for all major platforms, and there are RPM and DEB repositories to keep it up-to-date in Linux. Thereâs a free plan where you get 5 GB of storage, which is typical for file syncing services; you can get additional storage, in increments of 100 GB, for about $100/year, which youâd want if you intend to use it for backing up your files. It keeps multiple versions of a file. The encryption is all done client-side.
On the other hand, file transfer rates can be erratic, and often very slow. My partner tried to restore her entire Documents folder hierarchy from her SpiderOak backup through the client, less than ten gigabytes of files, and after several days, it hadnât completed; she eventually gave up trying to use the client and used the Web interface instead; she was so frustrated by the experience that she immediately abandoned use of SpiderOak. SpiderOak isnât quite as easy to use for basic file syncing, partly because the security considerations of SpiderOak make it a little more complicated to set up, partly because the client is not so polished as that of DropBox. File sharing is harder to set up and use. And while thereâs an Android client, it doesnât allow syncing, only downloading files to Android, which SpiderOak users have been complaining about for several years.
I find SpiderOak is adequate for my purposes â I sync a few documents between different computers I use, and I can restore the occasional deleted file or overwritten prior version. And I want to support SpiderOak for taking a principled stand in support of its users. But not everyone will be happy with it, and it will be hard to convince someone to use it if they are not already concerned about privacy and security and arenât willing to put up with a less-polished interface.
They say that the use 256-bit AES: this is a strong cipher, if implemented correctly; and 256 bits is generally believed to be beyond the reach of any current or expected near to medium term attacks (if not substantially more; barring some serious advances in factorization algorithms or quantum computers or something the time required to brute force with even several factors of ten more power than currently available across the planet just gets ludicrious).
However: Notice how they only specify the cipher and key length, not anything about where the keys are stored, who has access to them, whether they are unique per-subscriber or shared, whether they âsecure your filesâ in transit, at rest, or both, and so on.
Aside from Dropboxâs pitiful security track record, there are several reasons to suspect that the key management story is where this all goes off the rails:
-
Unless dropbox can decrypt the files, they cannot offer such (undeniably popular) features as âaccess your files just by logging in in-browserâ and âsynchronize your files to a new device just by installing the client and logging inâ. If they donât have the key, all they could do is provide the ciphertext and tell you to work it out. There is an intermediate step (one it appears that spideroak uses), where the keys are encrypted with a key derived from your password, so that you donât have to manually key-fill a new device, just provide the credentials; but the service provider need never have access to them. Unfortunately, this means that it is impossible to reset a password (since, without the password you canât decrypt the keys that decrypt the files. You can overwrite the password hash to allow logins with a new password; but the keys are toast, period).
-
Given the fairly thin margins in bulk file storage, deduplication is extremely popular: eliminate redundancy (whether at the block or the file level), accrue significant reductions in real disk space use for duplicate-heavy storage loads. However, unless the same key is used across users, deduplication will fail: exactly as intended, even identical plaintexts will produce wholly different ciphertexts if different keys are used. Unless they specifically assert that they are foregoing the benefits of deduplication between accounts, this is a tempting reason to share keys between accounts.
-
Customers, especially non-technical customers whoâve come to âthe cloudâ to solve the data transfer and retention problems they have, hate losing data. However, unless the service provider can decrypt your files, they canât really help you with data loss. You lose your key? Game over. Very spartan. The issue of password resets falls under this heading as well. You canât have zero-knowledge on the part of the provider and password resets that donât destroy all prior data.
TL;DR, Iâd be very surprised if DropBox Legal lets them say anything that isnât technically true anywhere that might be construed to constitute a legally binding obligation; but they omit more than enough to compromise the cryptosystem utterly; and their feature set suggests that they do, in fact, engage in at least some of this behavior (in fairness, these cryptographic shortcuts do offer financial and user convenience advantages, one need not suppose that malice motivated them; but once you know something you are just a subpoena or NSL away from the feds knowing it, so your initial intentions arenât terribly relevant to the outcome. Only rigorously enforced ignorance can protect you from being forced to compromise your customers; because you canât be made to divulge what you do not know.)
@FF I have not read or heard such an interesting comment in a very long time. Would I be in the ballpark by drawing the conclusion that theyâre just too stupid? Hear Hear
Personally I use Tresorit. Why? Because theyâre not based in the US, and therefore should be safe from National Security Letters.
Like Spideroak they use AES-256 clientside encryption, so thereâs nothing lacking there. They also offer clients for many devices/OSs (which is another big requirement for me).
I can easily see Spideroak going through similar dramas to Lavabit.
Hi, Iâm a programmer at SpiderOak (since 2008). BoingBoing readers may be interested in more detail. Try this: https://spideroak.com/engineering_matters.
I couldnât help thinking part of the reason she turned out so screwed up is that creepy name.
Condi Rice
âŚSo I donât think we should extend the usual courtesy of familiarising somebodyâs name for them in this case.
C.o.n.d.o.l.e.e.z.aâŚ
C.o.n.d.o.l.e.e.z.aâŚ
C.o.n.d.o.l.e.e.z.a. Weird and creepy.
How is the syncing on tresorit? The reason I ask is that I stopped using (and paying for) SpiderOak because their sync would get âwedgedâ â that is, it would just stop syncing, and the only way to fix it was to contact customer support and have them unwedge whatever process got wedged. Although now I understand that theyâve published command lines that can be used on the client side when that happens.
@doug_fort looks really neat - does your company have a âwarrant canaryâ page to let us know that youâre FISA free?
Iâve been using SpiderOak off and on for a few years. Finally came to my senses and dropped Dropbox entirely earlier this year. I currently have ~94GB of data stored in my SpiderOak account, mostly backups.
I havenât had a problem with transferring large files or data sets to/from PCs (though the first time backup of large files can take a few minutes to initialize). Where I have seen speed issues is with the Android client. The UI is often not very responsive, and transferring files as small as 80-90MB is slow and hit or miss. Sometimes the UI takes rather a while to acknowledge that youâve requested a download and other times it just silently fails.
If they fix the speed/reliability issues of the Android client (and allow you to sync from Android devices), Iâd say that itâs easily recommendable for the general public. As is, itâs unlikely that someone who doesnât take data security seriously would be willing to put up with the mobile clientâs gotchas.
I think thereâs a story behind the name. I donât remember, but I recall it was kind of classy. If youâre going to oppose her do it on moral and political grounds, not by calling her fatty on the playground.
What a crazy conspiracy theory! Dropbox an NSA target?! I mean, whoever would have thunk it. What crazy paranoia!
Damn, if only someone warned us all about such things happening 10 years ago but who wasnât a crazy paranoid conspiracy theorist. Maybe we could have done something about it then! Why is it that only crazy paranoid conspiracy theorists talk about such things before they become fait accompli? Why do we always have to wait for legitimate heroic whistleblowers to come out but they always seem to arrive too late to change anything? I wonderâŚ
I havenât had an issue, but to be honest, I havenât used much space yet. I mainly use it to access my KeePass 2 databases and a few other smaller files that get the paranoid treatment (financials, etc).
Why not just, you know, not store sensitive unencrypted data in the Cloud?
I like Dropbox primarily because it provides an easy means of uploading something to which I can post public links.
Pff, opposing scumbags on moral and political grounds really gets us far, doesnât it?
Perhaps some good can come of sinking to their idiot level.
Anyway, there might be some substance to my comment; I recall coming across this relevant factoid: if you name your son with something unusual, you increase his chance of mental illness by 30%. Although it supposedly doesnât apply to girls, Iâm not sure Condoleeza isnât a bloke in drag.
Dropboxâs security record suggests a certain amount of incompetence and/or apathy (I adore the one where they just accidentally turned off password access control for a few hours at one point); but Iâd suspect that they arenât âstupidâ in any larger sense: theyâve quite successfully delivered, on a large scale, a cheap, easy, multiplatform, secure-enough-that-not-too-many-scary-stories-of-peopleâs-lives-being-destroyed-by-criminals-are-published, product.
Very popular with home users, so convenient that even people in corporate and institutional environments with IT departments and file servers pre-configured, and so on, often try to sneak it onto the network, practically the de-facto replacement for the filesystem that the iDevices hide from you.
Unfortunately, any sort of offsite storage is (in practice, Iâd argue unconstitutionally; but people who matter havenât) treated as a 4th-amendment-free zone. Anyone who builds their security against a non-state threat model, even if they were to achieve perfection in that area, is focusing on a substantially different set of security risks than someone building their security against a state actor threat model. Itâs not that Dropbox has tried and failed to be secure against the state, they just havenât tried (whether because doing so would raise costs and decrease customer satisfaction, which it probably would, or because they are actively collaborators is unknown to me; but not really relevant when the state can force even unwilling parties to hand over information).
Not really. There are plenty of online forums in which the participants do little more than name-calling and invective, and it doesnât make for a useful discussion. Worse, often that name-calling ends up insulting and alienating allies and oppressed minorities.
Like so. Donât do that.
I kind of like owncloud for shared projects - just set it up to only use https, and everything lives on your own server rather than some random companyâs server. As an added bonus, 500 gig costs whatever a 500 gig hard drive costs these days, with no montly fees.
See, hereâs the thing - the unwashed masses couldnât give a flying fuck for the alienating moral superiority and overriding concern for relevance of the liberal set; theyâre too busy having their hindbrain buttons pressed and apathy encouraged by cycnical scumbag arseholes.
Throwing shit is actually a semi-serious suggestion; if for some reason it doesnât work as well as when the bad guys do it, what the hell - at least itâs a chance to blow some steam off.