Conversations about life & privacy in the digital age

#AskSpiderOak October: Strong Password Tips & the Meaning of Life

The first Thursday of every month, we want you to ask us @SpiderOak anything you want to know. Just use the hashtag #AskSpiderOak on Twitter. We’ll respond via video to some of your questions.

For our first edition, Alli from Customer Support answers Greg and Lenin’s questions:

  1. What constitutes a strong password in these days of NSA surveillance?
  2. What is the meaning of life?

You will learn how SpiderOak employees handle internal password creation, strong password tips for yourself, and how to bring our developers into an unresolved debate.

That’s all Spiderfolks. Thanks for watching! Join us on Thursday Nov. 5 for our next round of #AskSpiderOak.

Introducing Redesigned Shares

Shares are one of the many useful features in the suite of SpiderOak products. They let you selectively allow portions of your data to be viewed by others. We’ve seen them used for a variety of purposes; sharing pictures with family, providing files to clients, distributing software releases. This week we launched a new redesign of Shares, aimed at improving them along a variety of aspects.

First of all, they look totally awesome.  We’ve been working with a top notch designer (Andrew from who really understands the digital medium, and I think the results speaks for itself.

Introducing New SpiderOak Share Design

New Share Design

On top the new eye-candy, we’ve also made the shares easier to use and navigate. You can easily get a preview of all your items in the grid view, or open your pictures in a lightbox. If you have a sufficiently modern browser, you can even preview your music files in the browser. We’ll be looking into providing in-browser previews for more types of media in the future. One new feature not previously possible: you can now link or create a bookmark that points directly to any subdirectory within a share (so long as that subdirectory still exists; remember your shares are automatically updated as you update the associated folders).

Keep an eye out on the rest of our web backend, as this redesign is part of an overhaul currently in development across all of our web products. We’re looking forward to launching those changes soon, as well as hearing your thoughts and opinions of these current ones.

State of Online Privacy Survey Results & Discounted GBs

The results are in!

We’d like to send a big thanks to the 7,883 respondents of our 2013 State of Privacy survey. We were thrilled to get such a great response.

Participants spoke loud and clear. The National Security Agency’s spying program has made users feel less secure. They consider the government the biggest threat to their online privacy. Corporations such as Google, Facebook and Apple came in second.

Nearly 90% said companies should prioritize privacy in their offerings. We agree!

To read the full report of our findings, click here.

To promote more privacy, share and take advantage of this unique offer that runs for the next four days only.

25GBs for $30
- or -
50GBs for $60

Use the code privacyfirst before October.

Typically, the smallest amount of storage you can buy with SpiderOak is 100GB for $100 a year but we recognize not everyone needs or wants that much space. This is why for the end of September, we’re happy to offer 25 or 50 GBs at a discounted rate.

SpiderOak Users:

Login to your account online. Once you’re in, go into your ‘Account‘ tab at the top, and then click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’ Plug in the promo code privacyfirst, and choose which plan you want under Yearly Billing. There you go!

New User to-be:

Quickly 1) sign up here, 2) download and install the client, then 3) click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘) Simply use the promo code privacyfirst and choose which plan you want under Yearly Billing.

Be sure to let your friends know about this deal so they can put privacy first too.

Also, survey winners of the iPad, iPod Touch, 100GBs and 50GBs accounts are currently being notified. Let us know if you have any questions!

Thank you again to everyone who participated and validated the importance of privacy.


Private and encrypted storage for Bitcoin? SpiderOak gives it a try!

Unfortunately, our testing has now concluded. We had a great response and plan to take bitcoin payment hopefully at the beginning of next year, but will be unable to integrate that into our system at this very moment. If you want a personal email notifying you when it is set up, please email erin[at]spideroak[dot]com. Thanks!



We at SpiderOak believe in privacy. And we believe in always pushing the bounds of privacy further and further into the Internet. To that end, we have made the decision to do a proof-of-concept around accepting Bitcoins as payment for SpiderOak service. As Bitcoin becomes a more ‘mainstream’ method of currency exchange, we thought it only natural to extend it’s concept to SpiderOak as another privacy promoting element.

For this initial test, we will be manually accepting payment for 100GB/1-year accounts. We are conducting this initial test to gauge interest and if the demand is present we will possibly implement an actual API-based Bitcoin payment system. This would of course enable anyone to make payment for their SpiderOak accounts with Bitcoins.

Our Trial Offering: 

  • We offer a total of 25 x 100GB SpiderOak account upgrades for 1 year ($100 value) to customers wishing to use Bitcoin as payment.
  • The cost per 100GB account during this trial period will be 0.75 BTC (a 25% discount vs. Fiat)
  • To purchase a 100GB account upgrade, you need only email for your personal Bitcoin deposit address for the payment. Once payment is made, we will send you an email with an upgrade-code to use for the 100GB upgrade.

Ultimately this is our way of helping to support both the concept of privacy as well as promoting the Bitcoin community by proving that business are indeed taking Bitcoin seriously. We are eager and curious to hear feedback so please feel free to reach out to us anytime with additional reactions or thoughts.

Explaining SpiderOak Through a Comic

As employees of a cloud service, we’ve seen our fair share of puzzled looks when trying to explain what the “cloud” is and how it works. In an effort to amuse ourselves, we’ve invented an alternate theory of how SpiderOak works.

While the real SpiderOak is on the cutting edge of privacy and encryption, this SpiderOak involves real clouds, bi-planes, and a cabana where your computers hang out. We hope you enjoy it.

It’s SysAdmin Day: Your Top 10 Linux Hacks for SpiderOak

Photo credit

Be sure to thank and lavish gifts upon your SysAdmin today.

Last week, we asked the Linux community to submit their favorite Linux tips and tricks to share with their fellow SpiderOak users.

In honor of sysadmin everywhere, this is the Top 10 list of hacks (in no particular order):

  1.  SpiderOak here’s a hack. I wrote SysV init and systemd scripts for you:
  2. Long time ago I created a post in my blog about howto backup my cpanel accout first locally and then to SpiderOak. Here you are:
  3. I made the SpiderOak sync with my home bin dir and point the PATH to the bin. Since I have many self made Bash and Ruby codes, I know that if I write one and save it, all my servers will have latest copies of code and immediately accessible. I also sync git repository this way(and the normal commit method), I can restore via git or from the SpiderOak when I need to do a rollback, knowing that I still have copies of code on other machines not just on the clouds gives me peace of mind.
  4. Stop spideroak eating all my 3G data when I’m on the road: In crontab:
    $ cat /home/joel/Dropbox/bin/
    if (nm-tool | grep -A 4 Bigpond | grep connected 2>1 >/dev/null) ||
    (nm-tool | grep -A 4 Ultimate | grep connected 2>1 >/dev/null); then
    SPIDEROAK_PID=`ps aux | grep ‘SpiderOak$’ | sed ‘s/\s\+/ /g’ | cut -d’ ‘ -f2`
  5. # SpiderOak completion
    # This should be placed in the /etc/bash_completion.d/ directory_SpiderOak()
      local cur prev opts
      opts=”–help –version –verbose –redirect –device –output –enable-schedule –disable-schedule –scan –scan-only –build –scan-and-build-only –sync –backup –restore –batchmode –headless –merge –purge –userinfo –user-info –shelved-x –print-shelved-x –space –tree –fulllist –tree-changelog –journal-changelog –force –selection –print-selection –reset-selection –exclude-file –exclude-dir –include-dir –rebuild-reference-database –billing –destroy-shelved-x –repair –purge-historical-versions –purge-deleted-items –vacuum –list-orphan-external-files –convert-to-hybrid-db –generate-previews –bootstrap –setup –list-shares –create-share –delete-share”
      case “${prev}” in
      –output | –exclude-dir | –include-dir | –purge-deleted-items | –journal-changelog)
        COMPREPLY=( $(compgen -d ${cur}) )
      –redirect | –exclude-file | –bootstrap | –setup | –backup | –restore | –purge)
        COMPREPLY=( $(compgen -f ${cur}) )
      COMPREPLY=( $(compgen -W “${opts}” — ${cur}) )
    complete -F _SpiderOak SpiderOak
  6. I have a desktop in the office, at the house, and a laptop that floats around, all running Gentoo Linux; naturally I want access to them all at anytime and anyplace. So my problem was: how do I figure out my ip address, both on the LAN and to the external world, and then update all my computers to have that information? Keep in mind that at the office I have no control over the network, router, and so on.I suppose a traditional answer would be something like purchase a domain name with a dynamic update to the ip address (e.g.,, point it to the home desktop, and then have reverse ssh tunnels running all the time. The downside is the cost of the domain name and making sure that the desktop and tunnels are always up and running. Plus, the big disadvantage is the network overhead. If I happen to have the laptop in the office, going from it to the office desktop would involve a round trip through the internet instead of just staying on the LAN.So I thought, “I could skip the domain name with an updated ~/.ssh/config, plus I could add entries for the LAN ip and have the best solution. But how am I going to keep them updated without an ssh connection? Updated… in sync… sync… SPIDEROAK!” So I whipped up something quick in Python that runs at login and periodically through cron, and set spideroak to sync my ssh config file on all machine (yes, it could probably be done better in bash, but multi-line sed replacements are hard!).I know, the script could use some tiding up (e.g., wireless interfaces have different names on different machines, so for the time being I wrote that in by hand)… but it works, damnit!
    -- ~/.ssh/config --
    # Snipping some global options
    Host                 zeal_palace
    Hostname             internet-ip-address
    Host                 zeal_palace-local
    Host                 kajar
    Hostname             internet-ip-address
    Host                 kajar-local
    # You get the picture...
    -- -- 
    #! /bin/env python3
    import os
    import re
    import subprocess
    def execute(cmd, capture=False):
        Execute a command line process.  Includes the option of capturing output,
        and checks for successful execution.
        with open(os.devnull, 'w') as void:
            if capture:
                sub = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=void)
                sub = subprocess.Popen(cmd, shell=True, stdout=void, stderr=void)
        status = sub.wait()
        # Exit if the command fails for any reason.
        if status != 0:
        if capture:
            text ="utf-8")
            text = text.replace('\n', '')
            return text
            return None
    host = execute('hostname', True)
    addr = execute('curl --max-time="60" --silent', True)
    with open('/home/strider1551/.ssh/config', 'r') as handle:
        haystack =
        needle = 'Host\s+{0}\nHostname\s+[a-zA-Z0-9.]+'.format(host)
        replacement = 'Host                 {0}\nHostname             {1}'.format(host, addr)
        haystack = re.sub(needle, replacement, haystack)
        if host == "enhasa":
            addr = execute("ifconfig wlp8s0", True)
            addr = re.findall('inet\s[a-zA-Z0-9.]+', addr)[0]
            addr = addr[5:]
            needle = 'Host\s+{0}-local\nHostname\s+[a-zA-Z0-9.]+'.format(host)
            replacement = 'Host                 {0}-local\nHostname             {1}'.format(host, addr)
            haystack = re.sub(needle, replacement, haystack)
        if host == "kajar":
            addr = execute("ifconfig wlp11s0", True)
            addr = re.findall('inet\s[a-zA-Z0-9.]+', addr)[0]
            addr = addr[5:]
            needle = 'Host\s+{0}-local\nHostname\s+[a-zA-Z0-9.]+'.format(host)
            replacement = 'Host                 {0}-local\nHostname             {1}'.format(host, addr)
            haystack = re.sub(needle, replacement, haystack)
    with open('/home/strider1551/.ssh/config', 'w') as handle:
  7. It’s not super fancy, but a quick little script to batch process dvd/blu-ray rips and move them into my Plex movie library.
    cd /media/raid5/rips/ondeck/
    for f in *
    HandBrakeCLI -Z “High Profile” -i “$f” -o “../processed/$f.mp4″
    rm -rf “$f”
    chown plex:plex “../processed/$f.mp4″
    mv -f “../processed/$f.mp4″ ../../plexLibrary/movies/
  8. Just a little command for those curious about their top 10 commands. Too bad it wont work for the selecting the top 10 linux hacks. Would make spideroaks job easier selected the top 10. I
  9. I’m no Uber, but I have pet peaves I want taken care of. I don’t like dealing with updates, like at all, don’t want to deal with any maintanence notifications. Those make me feel like a slave to my machine. So on startup I have a script to do a robust and clean update on ubuntu and keep a good log of things incase anything happens. Recently I took off the automatic dist-upgrade because of a hardware issue with my lappy. But I’ll probably uncomment that again, maybe. I don’t only use this script everyday but literally everytime my computer is turned on. It’s very refreshing not to care about updates but know you’re completely updated. I also made a cron version for servers. (just took of the sleep and added to crontab) log file is written last entry first so you don’t have to scroll to see what the last action was)

    I have this other semi-uncompleted script that searches for rootkits, everytime my computer turns on. But I haven’t expanded it to any good kind of notification. I haven’t settled on a notification I’d be comfortable with. So I guess in that sense it’s kind of useless, but it’s good to have it so I can run it when I want and check the log files manually, periodically.

    These last two scripts some other spideroak users might like more.

    I like to use truecrypt but I don’t like using passwords for them, but keyfiles. I like lots of complicated keyfiles that can easily be hidden as anything, but I don’t like the work involved in making them. This keyfile generator originally used randomsound for lots of entropy but I stopped using that for haveged because of compatibility issues. I know software entropy generation isn’t the best but it’s good enough for my uses.

    (I had to research how to get a mid range number to make file sizes more randomly and found a super complicated function in a bash book. Many years later on I found an easy one liner. But I worked so dam hard on that freaking thing I decided to leave it in all it’s mess)

    There’s been so much debate, i.e legitimate scientific debate, on password length and type and how long and what’s exactly the safest. So I took the infamous inspiriration from, commandlinefu oneliners, and my own practice on what makes a strong – yet memorable – password. I’m very indecisive and run this thing like 10 times before I find one I like and even then I don’t go with exactly what comes out of it. Only used when I want to remember a good password but otherwise I just use a regular random one.

    (I think some advanced password cracker could come up with a plausible amount of password hashes knowing your password attributes, according to some reasearch by Arstechnica, but I’m not sure that’s been proven in this case (the script way). Anyone know?)

    Sorry I have more than one script but these ones I use ALL the time. They are synced on every debian machine I have, with SpiderOak ofcourse ;)

  10. alias please=sudo :)Also my cp with progressbar (not finally tested and not prepared for the public release so please be gentle):

Thanks to everyone who submitted and congrats to all who were chosen – you won 100GB/year!

Please email campaigns[at] if your hack was listed in the top 10.

SpiderOak 5.0.2 release

We’re happy to share some new updates with you. Please find the update on our Downloads page.

This 5.0.2 general release includes:

  • Fix a bug causing uncontrolled growth of application data folder during large downloads.
  • Fix a bug allowing user to set up a sync feedback loop involving the Hive folder.
  • Now removes folder branding when disabling SpiderOak Hive.
  • Fix a bug causing SpiderOak to sometimes launch at OS startup even when that option was disabled.
  • Fix SpiderOak Hive branding on OpenSUSE 12.x.
  • Fix a bug causing SpiderOak to crash on Windows with certain non-English characters in account info.
  • Fix a bug preventing SpiderOak from immediately picking up changes to Hive Folder in some circumstances.
  • Fix a bug causing the OS integration about dialog to crash when SpiderOak is running.
  • Prevent OS integration icon overlays from showing on excluded files/folders.
  • Fix a bug causing sync to fail for filenames containing invalid characters.
  • Ensure Hive Folder branding is set up correctly upon device reinstall.

Read all release notes here.

Python Web Developer, Kansas City or Remote

SpiderOak seeks to hire a web developer to build our next generation web presence and web applications. You will be working closely with our designers and our CEO, and you’ll get regular code feedback from internal application security teams. Key technologies we use for web development are Python, Django, and HTML5.

Started in 2007, SpiderOak provides desktop, web, and mobile software for backup, sync, and sharing, keeping user data encrypted and private. We provide consumer and enterprise solutions, created our own storage backend for archival data, and run our own data centers. Most of what SpiderOak creates is free and open source software, and most of it is Python. You’ll be expected to have mastery of HTML-related presentation technologies, from HTML layouts with CSS to JavaScript-based UI frameworks and Bootstrap. Prior knowledge of the Django ecosystem of reusable apps would be beneficial but not absolutely required.

SpiderOak is a distributed, virtual-office, work-from-home company. Any developer we hire will have to be a top-notch communicator. They will be expected to reliably show their face around our super-duper IRC channel at some point during typical US business hours (but there is no rigid scheduling) as well as jump in and communicate across our issue tracker, email, and wiki. SpiderOak spans eighteen timezones and communicating via the written word is essential.

If you want to join in on our merry adventure, you will need a functional grasp of English (don’t worry, we have several staff on-board already for whom it’s a second or third language). You may also be expected to occasionally travel (at company expense). Important cities in the SpiderOakVerse are San Francisco, CA, Kansas City, MO, and Chicago, IL (for reference, these three cities make up about half of SpiderOak). A sense of humor is always appreciated and welcome.

Still interested? Send an email to including “web dev 2013″ in the subject with a little about yourself and your experience to date (a ‘cover letter’ if you will). English only, please. We also will want to see a portfolio of your work. It’s OK if you’re fresh and it’s thin- we want to see what you’re capable of and how you put pages together.

Some of the most useful programmers we’ve known don’t have well representing resumes, so we have no “minimum” requirements for degrees. We’re also super-equal-opportunity: quality design knows no bounds for race, gender, nationality, sexual orientation, species[1], or religion. If you can meet what we need, we’ll do amazing things together, no matter who, what, or where you are.


1: Giant Pandas will be encouraged because, in the words of our new QA person, “AAAAhhhh-dorable!!!!”

Privacy VS. Security in a PRISM: The Important Difference

The events of these last many days certainly raise awareness around the integrity of data and the companies we entrust with it. Many of the articles and posts have poured over the impacts: the good, the bad, the necessity, the importance, the invasive, the threat, the martyr and so on. Given this dearth of commentary, I would like to spend some time writing about a finally emerging concept – privacy. And further – how privacy is substantially differentiated from security.

To begin, let’s review the definitions of these two words (according to Google):

Security – The state of being free from danger or threat

Privacy – The state or condition of being free from being observed or disturbed by other people

Of all the conversations and dialogue about PRISM, none have concentrated on the security measures in place at companies like Google, Facebook, Amazon, Apple, Verizon, and others. Why you might ask? Because this was not a breach of security. No one hacked into their systems. No one confiscated passwords. Rather – according to reports – these companies willingly complied. [Note: It would be appropriate to draw attention to NSA's security breach in light of Eric Snowden's ability to access and confiscate these documents.]

If the world were oriented around privacy, the ability for a 3rd party provider of web-based services (such as Google or Facebook or Dropbox or SpiderOak) to access the plaintext data is removed. In other words, privacy takes away the ability to access the data in a meaningful way such that it cannot be supplied to government agencies or stolen under the threat of hackers.

We are not now nor have we ever suggested that there isn’t a need for security; in fact, security is absolutely critical. And for many implementations of  various services, privacy is not applicable. However – in the world of conversation and creation of personally owned content from photos to chat to calls to spreadsheets to documents – privacy is absolutely a critical component that can be achieved.

My hope is that we – as a society – will now start asking the question: Why? Why do companies have access to my photos and documents and chat conversations? Is it a necessary part of the service they are offering? A convenience for me?If yes, what are these companies doing to keep my data private? And are there alternatives if I do want real privacy? From the NSA? From the company? From anyone?

This dialogue is critical and I am very glad to see the word ‘privacy’ start to weave its way into conversations. Further, that the public is being educated on the important difference between privacy and security and – hopefully – we all can start making choices accordingly.

For more information on this topic, please visit and/or watch the explainers below on Privacy VS. Security and the important role of the Privacy Policy .

Share Why You Love SpiderOak, Enter to Win 100GBs for Life

Our loyal customers have continually helped us create a better product and develop and grow as a company. It is crucial in our efforts to best serve you. We could not thank you enough.

Many of you have reached out to us in the past about why you use SpiderOak and what you think about specific features. At times we have carefully shared your feedback to show real-life examples of people who have embraced ‘Zero-Knowledge’ privacy, and why it is important.


For the next three days, we want our fans, loyal customers and anyone who loves SpiderOak to speak up and tell us, tell the world, WHY.

Consider these questions (you do not need to answer all of these q’s, they are only to help you share your thoughts; you are welcome to pick one, or just write a paragraph):

  • Would you recommend our product? Why?
  • What has pleased you the most about SpiderOak or one of our product features?
  • What do you think about SpiderOak?
  • What concerns might have prevented you from buying or using SpiderOak?
  • What is your favorite feature? Why?

Of course, we welcome any and all of your feedback. The last entry will be taken Friday June 14 at 11:59 pm CT. We will randomly select FIVE positive testimonials who will win a 100GB account for life. Three of those people will have the opportunity to be featured on our site. We will announce the winners next Monday June 17. 

How can you participate?

We can’t wait to hear what you have to say!