Conversations about life & privacy in the digital age

#AskSpiderOak October: Strong Password Tips & the Meaning of Life

The first Thursday of every month, we want you to ask us @SpiderOak anything you want to know. Just use the hashtag #AskSpiderOak on Twitter. We’ll respond via video to some of your questions.

For our first edition, Alli from Customer Support answers Greg and Lenin’s questions:

  1. What constitutes a strong password in these days of NSA surveillance?
  2. What is the meaning of life?

You will learn how SpiderOak employees handle internal password creation, strong password tips for yourself, and how to bring our developers into an unresolved debate.

That’s all Spiderfolks. Thanks for watching! Join us on Thursday Nov. 5 for our next round of #AskSpiderOak.

Giving Privacy to the Internet: Developers Meet Crypton

We believe privacy doesn’t have to be a pain. So we’ve been working hard on Crypton. Now, anyone can easily build cyptographically secure cloud applications with Crypton, a Zero-knowledge framework for Javascript.

Last week in The New Yorker, our CEO Ethan Oberman talked to cyberculture journalist Joshua Kopstein about Crypton’s potential:

“I can tell you from firsthand experience that privacy is now at the forefront of how all these companies are thinking about their strategies moving forward,” Ethan Oberman, the C.E.O. of SpiderOak, told me. His company is one of many whose notoriety has spiked since the Snowden leaks. Its latest project, Crypton, is an open-source framework for “zero knowledge” privacy systems—that is, systems where user data is encrypted locally before traveling to cloud servers, leaving the company with nothing to hand over to authorities but jumbled ciphertext and a few pieces of metadata. “It makes it so that users don’t have to trust the company in the middle,” said Higgins. “In the long run, that leads to a better relationship with that company, and, ultimately, I think it does lead to trust.”

“Both Higgins and Oberman said that demanding transparency is an important first step in a much longer process, and they admit that many companies may not be willing to go the extra mile just yet. But Oberman said that once transparency measures are in place, users can start to make more informed decisions about how much they value their privacy and what information is important to them. He predicts that this could create an incentive for services to offer multiple levels of privacy, storing sensitive data in secure containers while allowing less-sensitive bits to be available for ad-targeting purposes. “We’re engaged with a lot of companies that are starting to think about data along those terms,” he said. “I think they’re all now taking a deep breath and considering what they can do to rebuild trust.”

Bringing Privacy to the Internet with Crypton

SpiderOak just hired David Dahl to supercharge Crypton development. David is a veteran software privacy engineer with more than 15 years at Mozilla Corporation, and is also one of the founding members of the W3C Web Cryptography Working Group. On Monday, he wrote on our blog about how he will be pushing Crypton forward, and details on how you can join weekly Crypton calls.

Companies can also leverage Crypton and give privacy back to their users.

Here are the basics on this first ever privacy-first platform:


Crypton is for developers who want to build privacy into their apps. Crypton allows developers to provide customers a truly private storage and collaboration environment with no access to unencrypted customer data, without having to rely on 3rd party security layers or post development hacks.


More people are becoming “privacy aware.” Enterprises refuse to adopt solutions where the developer and service provider can access critical internal data. Crypton is the first application framework that provides a foundation for building zero-knowledge cloud products.


Built on PostgreSQL and node.js, Crypton was built with the intention of being horizontally scalable. Privacy doesn’t have to be a pain.

View the developer guide, and get started.

Please share with the developers you know. Let’s give privacy to the internet, together.

Bringing Privacy to the Internet with Crypton

State of Online Privacy Survey Results & Discounted GBs

The results are in!

We’d like to send a big thanks to the 7,883 respondents of our 2013 State of Privacy survey. We were thrilled to get such a great response.

Participants spoke loud and clear. The National Security Agency’s spying program has made users feel less secure. They consider the government the biggest threat to their online privacy. Corporations such as Google, Facebook and Apple came in second.

Nearly 90% said companies should prioritize privacy in their offerings. We agree!

To read the full report of our findings, click here.

To promote more privacy, share and take advantage of this unique offer that runs for the next four days only.

25GBs for $30
- or -
50GBs for $60

Use the code privacyfirst before October.

Typically, the smallest amount of storage you can buy with SpiderOak is 100GB for $100 a year but we recognize not everyone needs or wants that much space. This is why for the end of September, we’re happy to offer 25 or 50 GBs at a discounted rate.

SpiderOak Users:

Login to your account online. Once you’re in, go into your ‘Account‘ tab at the top, and then click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’ Plug in the promo code privacyfirst, and choose which plan you want under Yearly Billing. There you go!

New User to-be:

Quickly 1) sign up here, 2) download and install the client, then 3) click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘) Simply use the promo code privacyfirst and choose which plan you want under Yearly Billing.

Be sure to let your friends know about this deal so they can put privacy first too.

Also, survey winners of the iPad, iPod Touch, 100GBs and 50GBs accounts are currently being notified. Let us know if you have any questions!

Thank you again to everyone who participated and validated the importance of privacy.


SpiderOak University & Interview with a Cybersecurity Expert

This week we opened the doors to SpiderOak University. Anyone can participate and earn extra GBs.

We were honored to talk to Richard F. Forno, Ph.D., who has more than 20 years of experience in the cybersecurity field. Dr. Forno helped build the first formal cybersecurity program for the U.S. House of Representatives as the first Chief Security Officer for at Network Solutions (operator of the InterNIC), and is considered one of the early thought leaders on the subject of “information warfare.” Today, he is the Assistant Director of the UMBC Center for Cybersecurity, an honors college in Maryland, as well as the director of its cybersecurity graduate program. Dr. Forno is also a SpiderOak fan.

1. How have you seen cybersecurity evolve since you’ve been in the field, and how would you describe where it is right now?

RF: Cybersecurity these days means much more than just people at computers guarding data and network resources. Yes, that’s where it started off decades ago when it was known as ‘computer security’ and existed as a small function of the IT department and treated as an administrative overhead budget item — but with technology, data, and networking permeating nearly every aspect of society, it’s taken on a much broader meaning and become a critical corporate function. Now, ‘cybersecurity’ can refer to nearly anything related to ensuring the security, availability, integrity, and resilience of the many systems and sources of data that form the foundation of modern existence — from protecting company (or national) secrets to personal health care and financial records, from the systems controlling water and power distribution in our cities to the widgets in our televisions, toasters, and electronic devices they all require some degree of security, assurance, and resilience since our lives and much of society depends on them.  That said, I still believe cybersecurity — and by extension, privacy — is a state of mind and very much dependent on the context of any given situation to be effective.

2. Are you seeing more students that care about privacy and cybersecurity, or is it harder to attract people to your program?

RF: The former, absolutely. There remains a sizable global interest in cybersecurity education, from high schools and community colleges all the way through 4-year and postgraduate study. Recurring news reports of data breaches, website defacements, and denial of service attacks certainly help generate interest in the subject both personally and professionally.

That said, given the strong interest in cybersecurity, it’s important to set and manage student (or prospective student) expectations appropriately.  Despite glorified portrayals of cybersecurity in the media, one can’t simply “wave a magic wand” and become a “cyber warrior” exclusively by a single college degree or certification exam … it’s a combination of fundamental and applied technical knowledge, social acumen, and the ability to understand the ‘big picture’ while exercising common sense that makes for an effective cybersecurity professional.  Cybersecurity in 2013 is far more than just working with the bits and bytes….and by contrast, you can work in some areas of cybersecurity and not necessarily need a deep technical background to be successful or make a difference.

3. Are there any trends in cybersecurity or privacy that you are excited about or think are the future?

RF: I think the ongoing revelations from Edward Snowden are giving people and organisations around the world a useful opportunity to reassess how much they share online and/or what third-party services they use to store information and communicate, which naturally includes both privacy and cybersecurity considerations.  That public discussion, in my view, is long overdue — normally folks rush to embrace new technologies first and then figure out if or how they’re dangerous, and usually only after something bad has happened. So in terms of privacy I am quietly optimistic that the pendulum may begin shifting towards people doing ‘less sharing’  – or, perhaps more accurately, leaving ‘less footprints’ around the Internet.  At least they might start doing homework and determining what level of exposure (and to whom) they’re willing to live with and under what circumstances.

The last time I saw such heated public discussion about government intrusion into online privacy was back in the 1990s — first when the US government tried (and failed) to criminalise the distribution of PGP encryption software and then when the Communications Assistance for Law Enforcement Act (CALEA) was enacted by Congress to provide US law enforcement wiretapping capabilities on Internet devices — which was a faint foreshadowing of things-to-come under the ‘Patriot’ Act of 2001 and subsequent legislative proposals.

However, I’m encouraged to see security and privacy capabilities being brought to market and/or incorporated into software and devices.  To many users, security and privacy technologies are hard to understand and implement — so I am pleased that more user-friendly products and services are making it easier for people to understand and manage their privacy and security exposure if they choose to do so.  But by contrast, I worry about our obsession with creating the ‘Internet of Things’ — do we really need to have our home appliances, air conditioners, baby monitors, and automobiles constantly connected to the Internet? While convenient and perhaps fun or useful at times, what risks do they present to our security and privacy?

4. Tell us about how you came to your current role at UMBC, and what this graduate program is about?

RF: At UMBC I wear many hats. My primary role is directing our graduate programs in cybersecurity, which now is entering its third successful year of educating cybersecurity professionals to assume more senior leadership positions in the technology and cybersecurity industry.  I’m also the assistant director of our Center for Cybersecurity, which serves as the University’s central coordination and outreach entity on cybersecurity education, research, and related activities to allow us to better interact with our many partners, prospective collaborators, and the public.  And, through UMBC, I am co-founder of the annual Maryland Cyber Challenge — our state’s official cyber-competition.

As to how I got here?  My cybersecurity career began in the early 1990s before the Dot Com Boom. Over that next 20 years I worked for a variety of government, military, and private organisations and thus not only was an ‘eyewitness to history’ in terms of cybersecurity and the Internet Revolution, but worked for some of the entities that helped shape it.  Along the way, I remained interested in Internet policy, cyberculture, and how Internet technology influences modern society — which, obviously includes many cybersecurity and privacy issues.

After a while, my interests turned toward “giving back” to the professional community and sharing my lessons learned with the next generation of cybersecurity practitioners to help them improve the future and perhaps learn from our collective past.  And thus I landed at UMBC in 2010 — certainly the right place at the right time to be working on this very timely global topic!

5. How long have you been a SpiderOak user?

RF: I learned about SpiderOak in early 2012 from a fellow academic down in Australia and signed up for the free personal account out of curiosity.  Now, with the SpiderOak Hive capability, I expect to increase my account size and replace another popular realtime sync service I’ve used for years with one that places great emphasis on addressing modern privacy concerns for its users in a meaningful way.

We’re grateful to Dr. Forno for sharing his time and expertise with us.

Be sure to check out SpiderOak University so you can participate and earn extra GBs for your account.

AMA: Interview with International Privacy Consultant JJ Luna

After our popular interview with cryptographer and computer security expert Jon Callas earlier this summer, we wanted to talk to more experts who were publicly passionate about privacy.

Meet JJ Luna – an international privacy consultant and author of the best-selling book How to Be Invisible. He’s spent more than five decades living off the grid, and helps his clients on topics such as home security, senior self defense, making money and living a truly private life. If you’re interested, you can read specific examples of his consulting work and the kinds of people he has helped here.

We were honored to have JJ Luna (aka Jack) answer a few questions about why he had to live a double life and protect his identity and his family’s safety, his views on U.S. current events regarding privacy and security, and his advice for average citizens.

How did you come to care so much about privacy? What put you on this path? Have you always valued privacy, or was there an incident that led you to be become so knowledgable and immersed in privacy?

JJL: Under the direction of an international Bible and Tract Society, I volunteered to move overseas. In 1959, therefore I moved to Spain’s Canary Islands with my wife and small children via a Norwegian freighter. At this time Spain was ruled by the dictator Francisco Franco and Catholicism was the state religion. All others were illegal. For that reason I had to live a double life. Openly, I was a commercial photographer. Secretly, under another name, I helped hold illegal meetings in private homes and VERY illegal assemblies deep in  pine forests. Eleven years later, Franco was pressured into allowing other religions in Spain, so I was then free to come in from the cold. However, I had gotten to enjoy hiding information so I continued, to a large extent, to stay private.

What are some simple precautions you would encourage the average US citizen to take (and why), for those who might not know a lot about privacy and why it is important?

JJL: It is not “simple.” I wrote an entire book on that subject, How to be Invisible.  The theme is basically to hide your home address. That way, if for any reason someone decides to go after you (this happens all the time!), they will have a hard time finding you. The benefit? You sleep well at night!

But essentially:

  1. Stop using credit cards. Pay cash.
  2. Never borrow money. Rent if you cannot buy.
  3. Never use a driver’s license for ID–use only a passport.
  4. If you are wealthy, hide that fact!*

For many of us, privacy in important because of what we own, where we live, and what we do – this is no one else’s business. Further, anyone can sue anyone in the [Canary Islands]. The ones chosen to be sued have “deep pockets.” Why advertise that fact?

*For more on hiding your wealth, you can buy JJ’s ebook, Invisible Money, Hidden Assets, Secret Accounts. Special SpiderOakian offer – get 75% off the Premium ebook with code: Jack15. You will receive $15 off, for a net of $4.99. This code will only work for 15 days after this post is published. If you have any trouble, please email JJ Luna directly at jack[at]jjluna[dot]com. (Unfortunately the Kindle price cannot be discounted.)

As an expert in this area, how have you seen the public conversation and awareness around privacy change over the past few decades? How has it also physically changed for you, with technology, etc.

JJL: Since 9/11, there is an increasing desire for privacy but it is harder and harder to accomplish. I find it increasingly difficult to keep information about me out of the internet.

Would you weigh in on the current Snowden/NSA/Prism situation and the ‘state of the nation’ in general, where it pertains to online and offline privacy?

JJL: Snowden? Mixed emotions. The government does need to know what the enemy is doing. I doubt that WWII could have been won without the allies reading both German and Japanese communications. However, I do not trust this present administration in any way, shape or form. In many ways, life under Franco was better than this!

What is something that surprises you, or that you continue to learn, in your line of work and its role in our world?

JJL: I am increasingly surprised that nothing can remain secret from the United States government. The government keeps secrets but the citizens are not allowed to do so?

A huge thanks to Jack for sharing his time and expertise with us. Stay up to date by following his blog and tweets. And you can learn How to Be Invisible (which has been read and enjoyed by many people within SpiderOak) too.


It’s SysAdmin Day: Your Top 10 Linux Hacks for SpiderOak

Photo credit

Be sure to thank and lavish gifts upon your SysAdmin today.

Last week, we asked the Linux community to submit their favorite Linux tips and tricks to share with their fellow SpiderOak users.

In honor of sysadmin everywhere, this is the Top 10 list of hacks (in no particular order):

  1.  SpiderOak here’s a hack. I wrote SysV init and systemd scripts for you:
  2. Long time ago I created a post in my blog about howto backup my cpanel accout first locally and then to SpiderOak. Here you are:
  3. I made the SpiderOak sync with my home bin dir and point the PATH to the bin. Since I have many self made Bash and Ruby codes, I know that if I write one and save it, all my servers will have latest copies of code and immediately accessible. I also sync git repository this way(and the normal commit method), I can restore via git or from the SpiderOak when I need to do a rollback, knowing that I still have copies of code on other machines not just on the clouds gives me peace of mind.
  4. Stop spideroak eating all my 3G data when I’m on the road: In crontab:
    $ cat /home/joel/Dropbox/bin/
    if (nm-tool | grep -A 4 Bigpond | grep connected 2>1 >/dev/null) ||
    (nm-tool | grep -A 4 Ultimate | grep connected 2>1 >/dev/null); then
    SPIDEROAK_PID=`ps aux | grep ‘SpiderOak$’ | sed ‘s/\s\+/ /g’ | cut -d’ ‘ -f2`
  5. # SpiderOak completion
    # This should be placed in the /etc/bash_completion.d/ directory_SpiderOak()
      local cur prev opts
      opts=”–help –version –verbose –redirect –device –output –enable-schedule –disable-schedule –scan –scan-only –build –scan-and-build-only –sync –backup –restore –batchmode –headless –merge –purge –userinfo –user-info –shelved-x –print-shelved-x –space –tree –fulllist –tree-changelog –journal-changelog –force –selection –print-selection –reset-selection –exclude-file –exclude-dir –include-dir –rebuild-reference-database –billing –destroy-shelved-x –repair –purge-historical-versions –purge-deleted-items –vacuum –list-orphan-external-files –convert-to-hybrid-db –generate-previews –bootstrap –setup –list-shares –create-share –delete-share”
      case “${prev}” in
      –output | –exclude-dir | –include-dir | –purge-deleted-items | –journal-changelog)
        COMPREPLY=( $(compgen -d ${cur}) )
      –redirect | –exclude-file | –bootstrap | –setup | –backup | –restore | –purge)
        COMPREPLY=( $(compgen -f ${cur}) )
      COMPREPLY=( $(compgen -W “${opts}” — ${cur}) )
    complete -F _SpiderOak SpiderOak
  6. I have a desktop in the office, at the house, and a laptop that floats around, all running Gentoo Linux; naturally I want access to them all at anytime and anyplace. So my problem was: how do I figure out my ip address, both on the LAN and to the external world, and then update all my computers to have that information? Keep in mind that at the office I have no control over the network, router, and so on.I suppose a traditional answer would be something like purchase a domain name with a dynamic update to the ip address (e.g.,, point it to the home desktop, and then have reverse ssh tunnels running all the time. The downside is the cost of the domain name and making sure that the desktop and tunnels are always up and running. Plus, the big disadvantage is the network overhead. If I happen to have the laptop in the office, going from it to the office desktop would involve a round trip through the internet instead of just staying on the LAN.So I thought, “I could skip the domain name with an updated ~/.ssh/config, plus I could add entries for the LAN ip and have the best solution. But how am I going to keep them updated without an ssh connection? Updated… in sync… sync… SPIDEROAK!” So I whipped up something quick in Python that runs at login and periodically through cron, and set spideroak to sync my ssh config file on all machine (yes, it could probably be done better in bash, but multi-line sed replacements are hard!).I know, the script could use some tiding up (e.g., wireless interfaces have different names on different machines, so for the time being I wrote that in by hand)… but it works, damnit!
    -- ~/.ssh/config --
    # Snipping some global options
    Host                 zeal_palace
    Hostname             internet-ip-address
    Host                 zeal_palace-local
    Host                 kajar
    Hostname             internet-ip-address
    Host                 kajar-local
    # You get the picture...
    -- -- 
    #! /bin/env python3
    import os
    import re
    import subprocess
    def execute(cmd, capture=False):
        Execute a command line process.  Includes the option of capturing output,
        and checks for successful execution.
        with open(os.devnull, 'w') as void:
            if capture:
                sub = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=void)
                sub = subprocess.Popen(cmd, shell=True, stdout=void, stderr=void)
        status = sub.wait()
        # Exit if the command fails for any reason.
        if status != 0:
        if capture:
            text ="utf-8")
            text = text.replace('\n', '')
            return text
            return None
    host = execute('hostname', True)
    addr = execute('curl --max-time="60" --silent', True)
    with open('/home/strider1551/.ssh/config', 'r') as handle:
        haystack =
        needle = 'Host\s+{0}\nHostname\s+[a-zA-Z0-9.]+'.format(host)
        replacement = 'Host                 {0}\nHostname             {1}'.format(host, addr)
        haystack = re.sub(needle, replacement, haystack)
        if host == "enhasa":
            addr = execute("ifconfig wlp8s0", True)
            addr = re.findall('inet\s[a-zA-Z0-9.]+', addr)[0]
            addr = addr[5:]
            needle = 'Host\s+{0}-local\nHostname\s+[a-zA-Z0-9.]+'.format(host)
            replacement = 'Host                 {0}-local\nHostname             {1}'.format(host, addr)
            haystack = re.sub(needle, replacement, haystack)
        if host == "kajar":
            addr = execute("ifconfig wlp11s0", True)
            addr = re.findall('inet\s[a-zA-Z0-9.]+', addr)[0]
            addr = addr[5:]
            needle = 'Host\s+{0}-local\nHostname\s+[a-zA-Z0-9.]+'.format(host)
            replacement = 'Host                 {0}-local\nHostname             {1}'.format(host, addr)
            haystack = re.sub(needle, replacement, haystack)
    with open('/home/strider1551/.ssh/config', 'w') as handle:
  7. It’s not super fancy, but a quick little script to batch process dvd/blu-ray rips and move them into my Plex movie library.
    cd /media/raid5/rips/ondeck/
    for f in *
    HandBrakeCLI -Z “High Profile” -i “$f” -o “../processed/$f.mp4″
    rm -rf “$f”
    chown plex:plex “../processed/$f.mp4″
    mv -f “../processed/$f.mp4″ ../../plexLibrary/movies/
  8. Just a little command for those curious about their top 10 commands. Too bad it wont work for the selecting the top 10 linux hacks. Would make spideroaks job easier selected the top 10. I
  9. I’m no Uber, but I have pet peaves I want taken care of. I don’t like dealing with updates, like at all, don’t want to deal with any maintanence notifications. Those make me feel like a slave to my machine. So on startup I have a script to do a robust and clean update on ubuntu and keep a good log of things incase anything happens. Recently I took off the automatic dist-upgrade because of a hardware issue with my lappy. But I’ll probably uncomment that again, maybe. I don’t only use this script everyday but literally everytime my computer is turned on. It’s very refreshing not to care about updates but know you’re completely updated. I also made a cron version for servers. (just took of the sleep and added to crontab) log file is written last entry first so you don’t have to scroll to see what the last action was)

    I have this other semi-uncompleted script that searches for rootkits, everytime my computer turns on. But I haven’t expanded it to any good kind of notification. I haven’t settled on a notification I’d be comfortable with. So I guess in that sense it’s kind of useless, but it’s good to have it so I can run it when I want and check the log files manually, periodically.

    These last two scripts some other spideroak users might like more.

    I like to use truecrypt but I don’t like using passwords for them, but keyfiles. I like lots of complicated keyfiles that can easily be hidden as anything, but I don’t like the work involved in making them. This keyfile generator originally used randomsound for lots of entropy but I stopped using that for haveged because of compatibility issues. I know software entropy generation isn’t the best but it’s good enough for my uses.

    (I had to research how to get a mid range number to make file sizes more randomly and found a super complicated function in a bash book. Many years later on I found an easy one liner. But I worked so dam hard on that freaking thing I decided to leave it in all it’s mess)

    There’s been so much debate, i.e legitimate scientific debate, on password length and type and how long and what’s exactly the safest. So I took the infamous inspiriration from, commandlinefu oneliners, and my own practice on what makes a strong – yet memorable – password. I’m very indecisive and run this thing like 10 times before I find one I like and even then I don’t go with exactly what comes out of it. Only used when I want to remember a good password but otherwise I just use a regular random one.

    (I think some advanced password cracker could come up with a plausible amount of password hashes knowing your password attributes, according to some reasearch by Arstechnica, but I’m not sure that’s been proven in this case (the script way). Anyone know?)

    Sorry I have more than one script but these ones I use ALL the time. They are synced on every debian machine I have, with SpiderOak ofcourse ;)

  10. alias please=sudo :)Also my cp with progressbar (not finally tested and not prepared for the public release so please be gentle):

Thanks to everyone who submitted and congrats to all who were chosen – you won 100GB/year!

Please email campaigns[at] if your hack was listed in the top 10.

SpiderOak 5.0.2 release

We’re happy to share some new updates with you. Please find the update on our Downloads page.

This 5.0.2 general release includes:

  • Fix a bug causing uncontrolled growth of application data folder during large downloads.
  • Fix a bug allowing user to set up a sync feedback loop involving the Hive folder.
  • Now removes folder branding when disabling SpiderOak Hive.
  • Fix a bug causing SpiderOak to sometimes launch at OS startup even when that option was disabled.
  • Fix SpiderOak Hive branding on OpenSUSE 12.x.
  • Fix a bug causing SpiderOak to crash on Windows with certain non-English characters in account info.
  • Fix a bug preventing SpiderOak from immediately picking up changes to Hive Folder in some circumstances.
  • Fix a bug causing the OS integration about dialog to crash when SpiderOak is running.
  • Prevent OS integration icon overlays from showing on excluded files/folders.
  • Fix a bug causing sync to fail for filenames containing invalid characters.
  • Ensure Hive Folder branding is set up correctly upon device reinstall.

Read all release notes here.

Linux Users: Are You Über Leet? Show Us Your Hacks

Leet greetz to all the linux hackers out there. System Administrator Appreciation Day is next week (July 26). Because:

  1. SpiderOak has a large number of Linux users (inside and out)
  2. The Linux community has long been a do-it-yourself crowd of folks willing to solve their own problems…

We want to tap into your expertise. We know you’ve got skillz so join us for SysAdmin Day! Enter, and you might win 100GB/year.

So give us a shout, via a blog comment, on Facebook, or Twitter:

  • Are you uber leet? Show us your Hacks!
  • Give us your best script (Bash, Perl, Python, whatever!), commandline hack (–datadir ftw!) or anything that gives you bragging rights (ever figured out that prefs.dat is portable? Why? That’s gotta be a good story.)
  • What quirky, zany and inventive ways do you use SpiderOak on Linux?
  • Tips & tricks?
  • Do you have any Linux stories we should hear?

In a week, we will publish the TOP 10 LINUX HACKS for SpiderOak Users. If you make the list, you win 100GB for a year. (Last entry will be taken 11:59 CT on Wed. July 24.)

And heck – if you tell us a story that is that K-rad, we’ve got 50GB honorable mention prizes. Come at us, bro!

Thanks for being such a strong, loyal community. You be some badass h4ck3rz.

Announcing the Five 100GB Winners

Thanks again to everyone who participated in our testimonial-100GB giveaway last week!


We had 110 entries across email, our blog and social media. We compiled and numbered all of them. Alan – our CTO and co-founder – ran a random number generation query and that is how we arrived at our five 100GB for life account winners.


  1. Exatto  (email)
  2. Justin M. (Google+)
  3. GM (blog)
  4. Tracy D. (email)
  5. Irving G. (Google+)

If you’ve won and haven’t heard from us, please email us at  with your username to claim your 100GBs.


Next month, we are updating the testimonials on our website. We’d love to use some of your submissions along with a real photo (with your permission). We will contact you if your testimonial is chosen and offer you 50GBs for life as a thank you.

High fives and tidal waves of gratitude from the SpiderOak team!

Our Android 2.0 App Release & Testimonial Winners Announced Wednesday

Because of the enormous response we received during last week’s testimonial-100GB giveaway, the five winners will be announced on Wednesday instead of today. Thanks again to everyone who participated! We were so grateful for all of the positive feedback.

If you missed it, we wanted to draw special attention to our new open-source HTML5 Android app that went live last week. Here is Ars Technica’s write up about it, or you can read the June 11 press release:

SpiderOak Launches Open-Source HTML5 Android App

Functions Like a Native App, Provides the Foundation for Enterprise-Grade, ‘Zero-Knowledge’ Mobile Apps

SAN FRANCISCO, CA–(Marketwired – Jun 11, 2013) - SpiderOak, the ‘Zero-Knowledge’ privacy cloud technologies provider, today announced the new SpiderOak Android 2.0 application. Redesigned from the ground up using HTML5 and fully compatible with the brand-new SpiderOak Hive, the Android app is setting the standard for mobile privacy in the cloud. The newly available app enables users to view the data located in the Hive folder as well as any folders or files across their SpiderOak devices. It sets a new precedent for the development of open-source, HTML5 mobile applications.

“Our new Android app bucks the prevailing trends,” said Ethan Oberman, CEO of SpiderOak. “We have proven the capabilities of HTML5 and the success of producing open source mobile software. Our Android 2.0 app further sets the groundwork for bringing full ‘Zero-Knowledge’ read/write to mobile devices — leveraging our new Crypton framework. After all, privacy must expand beyond the computer to include the rapidly evolving mobile platform.”

HTML5 and Open Source

SpiderOak has a strong commitment to open source software and expounds on this belief with SpiderOak Mobile 2.0. The company also believes in leveraging the HTML5 platform as a viable solution to building mobile apps, despite recent companies moving in the other direction — most notably Facebook.

Newly hired lead mobile developer Tommy-Carlos Williams is a renowned expert in HTML5 and PhoneGap, an industry-leading open-source framework for developing apps using HTML5. “With SpiderOak 2.0 for Android, we’re really leveraging the HTML5 platform in its truest nature,” said Williams. “I’m excited at the direction SpiderOak is taking in mobile. We’re breaking new ground for ‘Zero-Knowledge’ privacy, as well as for the evolution of HTML5 itself. It is for these reasons I moved to SpiderOak and look forward to continuing our progress in these areas and more.”

SpiderOak applied styling to make the new app match Android 4.0 and above, and has devised features that behave in a native manner. The goal of the new app is not just to increase overall functionality and usability, but also appeal to the more stringent privacy and security demands of the enterprise.

Designed for Simplicity and Ease of Use

SpiderOak 2.0 for Android also includes significant usability enhancements, such as a higher level of app performance and easier navigation. Through the updated Android app, users can log in and easily see the data in their Hive folder or across any other device that is running SpiderOak. In addition to immediately accessing and viewing all of the data inside an account, a user can download and share files via email or social media.

Devices running Android 2.3 and newer versions can download the app in the Google Play Store.

To learn more about SpiderOak Hive, please visit: