Conversations about life & privacy in the digital age

SpiderOak.com and related SSL certificates were changed yesterday due to the OpenSSL Bug

As has been widely published, a significant vulnerability has been found in OpenSSL, the transport encryption library used by many SSL websites. SSL is the mechanism that encrypts your browser’s connection to the server, verifying the server’s identity and preventing eavesdropping. Many people know it as the padlock icon in a web browser.

Many sites across the internet including Amazon, GitHub, Heroku have likewise changed their certificates.

SpiderOak patched our OpenSSL servers within a couple hours of the announcement yesterday. The SpiderOak desktop clients ship with a version of OpenSSL that is not subject to this vulnerability. As such, SpiderOak customers do not need to take any special action.

More info about the vulnerability is at heartbleed.com.

Dear Ubuntu One Users: What SpiderOak Can Do For You

Canonical announced today that Ubuntu One is shutting down.

In addition to natively supporting Linux since day 1 in 2007 (my machines run Ubuntu, Debian, and RedHat) we also support Windows and Mac allowing you to be flexible.  Enjoy our easier pricing and Zero Knowledge Privacy Policy and keep your data safe, synced, and private!  Over 20% of our revenue at SpiderOak comes from happy Linux customers.

Other things Linux users might be tempted by:

- Scriptable Command Line Interface – great for cron jobs
- Configurable Backup and/or Sync between Arbitrary Folders
- “Keep Your Own Copy” feature and LAN Sync
- By Default: Perpetual storage of deleted items and old versions

Something we don’t have yet is Nautilus integration although it is on our roadmap.

P.S.  Psst…don’t tell the Windows/Mac folks, but if you sign up from an Ubuntu Linux machine and then email us next week at support@spideroak.com we’ll offer you a special deal.  It’s our secret!

P.P.S. I just donated $1000 to Ubuntu to support them while they focus on providing a great OS and hope you might consider the same! (link, which tells me that for that price instead I could have had an adult camel which was a difficult choice.) You can also support Debian, Arch, and other Linux distributions here.

Get Unlimited Storage in Honor of World Backup Day

SpiderOak unlimited GBs cloud backup storage offering World Backup DayLimits are like rules. They are made to be broken.

So what if there weren’t any limits? What if we gave you infinite GBs? Would you back up all your Frank Zappa albums? Or the entire Wong Fei Hung film series? Perhaps you would store a digital copy of every photo you have ever taken…

Whatever the case may be, now you can have unlimited storage for just $125/year.

If you’re already a paid user, or about to sign up – unlimited GBs are yours!

In honor of World Backup Day, this offer will be available to all rule-breaking, GB-guzzling souls until 3/31/14, 23:59 CDT.

Questions on how this works with your current plan? See below. New user? Last Q&A. (OR, just go ahead and login or sign up to upgrade now. Use the code unlimitedbackup. Details below.) Enjoy!

With ‘Zero-Knowledge’,

The SpiderOak Team

Q&A on Unlimited Storage

Q) What if I just paid for my existing subscription to be renewed? Why do I have to pay again?

A) The $125 annual fee not only upgrades you to unlimited storage now, but guarantees that you will always have unlimited storage for life. Next year, we guarantee that you will only pay $125 regardless of how much data you have stored, and the year after that, and the year after that. $125/yr for perpetuity.

Q) If I upgrade to the Unlimited plan, will I get a refund for the remaining balance on my subscription?

A) No. However, you will enjoy unlimited storage and never be charged more than $125 per year.

Q) Do you offer this option for monthly plans?

A) No. This offer is only valid for this limited time promotion, and for an annual subscription.

Q) How do I switch to the Unlimited plan?

A) Follow these steps:

  1. Select the ‘Buy More Space’ button in the desktop program. SpiderOak will launch our secure web portal.
  2. Select the ‘Account’ tab and then ‘Edit Account’.
  3. Select the ‘Upgrade Plan’ button and choose YEARLY
  4. Type in (DO NOT COPY AND PASTE OR IT WILL NOT WORK) the promo code in the promotional field: unlimitedbackup 
  5. Congrats! You have unlimited GBs

Q) What does “unlimited” truly mean?

A) You can backup as much data as you want for one, fixed rate. There is no limit to the number of devices, drives, folders, files, etc you backup.

Q) What if I decide I don’t want the Unlimited plan in the future?

A) No worries, you aren’t locked in! You can switch your plan at any time. However if you choose to move away from the unlimited plan down the road, you wont’ be able to upgrade to it again in the future (at this time).

Q) I am a new user. What do I do to get the Unlimited plan?

  1. Get started now and create your account.
  2. Download and install the client.
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which you can only login to once you’ve downloaded the client). In the web portal, you will go to Account, and then choose Upgrade My Plan.
  4. Choose YEARLY and type (DO NOT COPY AND PASTE OR IT WILL NOT WORK) the promo code in the promotional field: unlimitedbackup  
  5. Congrats – you have unlimited GBs!
Q) Does the education/student discount of 50% off Spideroak apply to this promotion?
A) Unfortunately, no. Because this is a lifetime offer, and you will be able to have unlimited storage until you’re 95+, the price will be locked in now and forever at $125/year. 

We’re hiring a new CR rep!

SpiderOak is in the market for a new customer relations associate. This is a full-time, flexible hours, work from home position which is available to any city in the world (although we’ll give preference to someone living in Kansas City, Chicago, or San Francisco). SpiderOak is an all-telecommute company of about 40 people; we use chat rooms, wikis, email, voice and video conferencing, to coordinate.

This job requires a lot of self motivation, since you’re going to be working by yourself without a set “assignment” every day. It’s not important to know how to code but we are definitely looking for more tech-savvy individuals. For the first several weeks you’ll be working with us closely to get up to speed, but after that you’ll manage your own workload every day and work schedule independently.

As a customer relations representative, you’ll spend most of your time working directly with our users over email, but SpiderOak always offers the opportunity to learn and grow within the company. This can be a challenging job, but it’s balanced by the freedom of working from home and a really fun and supportive work environment. Geeky/nerdy/goofy types a plus. =)

Interested? Send us a brief email at customerrepwanted@spideroak.com about why you’re interested in working for SpiderOak, your past work experience and qualifications, and anything else you think we should know about you. We look forward to hearing from you!

Cyber Monday 2013 Deal, 35% Off All Plans

Promotion, Deal, Cyber, Private, Sale

Here at SpiderOak – being the sort of people that like to dive into the spirit of any holiday, we thought we’d share our enthusiasm by offering you a great deal.

For the next 24 hours, upgrade your account and get a wonderful 35% off any yearly plan. That means you get state of the art privacy for only $6.50/month!

Use this promotional code to upgrade your free account: CyberMonday2013

Current Users:

  1. Login to your account online.
  2. Go to your ‘Account‘ tab at the top
  3. Click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’
  4. Plug in the promo code CyberMonday2013, and choose which plan you want under Yearly Billing.

New Users (welcome!):

  1.  Sign up here
  2. Download and install the client
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘)
  4. Use the promo code CyberMonday2013 and choose which plan you want under Yearly Billing.
Enjoy your week. Thank you again for your continued patronage and support and feel free to share this deal with your friends and family.

Place Privacy First for National Cyber Security Awareness Month

National Cyber Security Awareness Month champion - SpiderOak

October is National Cyber Security Awareness Month (NCSAM). We believe you don’t have sacrifice privacy in our online world. Furthermore, we believe privacy is the best form of security. Building privacy into technology is the key to true freedom online.

In honor of NCSAM, SpiderOak would like to offer you 25% off our yearly plans.

For the rest of October, give your ‘+1 for Privacy’ as you backup, sync and share with this special promotion.

Visit SpiderOak.com/signup and use the promo code “plus1forprivacy” in your account settings for 25% off. That is only $7.50/month for 100% private cloud storage.

Current Users:

  1. Login to your account online.
  2. Go to your ‘Account‘ tab at the top
  3. Click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’
  4. Plug in the promo code plus1forprivacy, and choose which plan you want under Yearly Billing.

New Users (welcome!):

  1.  Sign up here
  2. Download and install the client
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘)
  4. Use the promo code plus1forprivacy and choose which plan you want under Yearly Billing.

2013 marks a decade for National Cyber Security Awareness bringing awareness to online safety and security issues and helping educate people about the best ways to protect their privacy online. Join us over the next couple weeks in acknowledging NCSAM as it emphasizes the roles and responsibilities each of us play in helping to create a safer digital world. We hope you make time during the month, and throughout the year, to take proactive steps to help safeguard you, and your friends and families.

Thanks for helping promote the importance of privacy!

Ubuntu/Debian APT repository GPG key update

Hello Debian friends!

The GPG key for our Ubuntu/Debian APT repository expires today. We’ve created a new key that you can get here: https://spideroak.com/dist/spideroak-apt-2013.asc. We will have new builds shortly that include the new key.

The new key looks like this:

pub   1024D/08C15DD0 2013-09-20 [expires: 2016-09-19]
      Key fingerprint = FE45 E533 0B11 DCF0 3247  EF49 A6FF 22FF 08C1 5DD0
uid                  SpiderOak Apt Repository 

UPDATE: New .deb packages are available on the Download Page. This will automatically update your apt keys and ensure you continue to get updates.

Advanced users can install the new key with this command:

curl https://spideroak.com/dist/spideroak-apt-2013.asc | sudo apt-key add -

After installing the new key, update your package manager and you’ll be able to upgrade to future versions of SpiderOak without issue.

The Garfleburgers of Spalagnatz IV

“Do you remember the garfleburgers of Spalagnatz IV? No, I guess you probably don’t. Even nowadays putting a brain in a tin can is a tricky procedure, and it was downright dangerous when you were transcribed. I’m sure a lot of good memories got lost then, but it’s not like we had much of a choice. But don’t worry, I’m here to help recover some of those memories.

“Anyway, the garfleburgers… You begged mom to let you go to Spalagnatz IV for spring break, and she would only let you go if I came along. I wasn’t too happy about having to play chaperone, but I was glad to get out of the house. So that July you and I hopped a spaceliner to Spalagnatz IV where we found the garfleburgers… Well, I should back up a bit.

“Spalagnatz IV was a natural paradise planet in the Hyperion cluster. It orbits a yellow star much like the sun, but it burned a little brighter, so the native plants were blue-green. Humans immediately saw its large tropical zone as an opportunity and turned it into the biggest beach party in the universe.

“After checking in at the hotel, you met this guy, his name was Venutias. Half Beloran, I think. He was also on spring break, and had been to Spalagnatz IV a couple of times before, so he offered to show you around. I, of course, didn’t trust him one bit, so I made a point of it by tagging along.

“We went to the beach which was completely crowded despite there being several thousand miles of it. Their sand is pink… something to do with extra iron in the soil or something. We swam and had a good time. Turns out Venutias was an alright guy. Some stellahead jock tripped over our towel and then started giving you crap for it. Venutias told him in no uncertain terms to get lost, and the jock left without a fight.

“Anyway, we had dinner at this little burger shack he knew about which had the ‘best garfleburgers on the planet.’ A garfle was apparently a native animal. Seemed kind of touristy. Their idea of a hamburger was pretty strange, too. Burger, chili sauce, onion, green pepper, marshmallow creme, and cream cheese in a small pie shell. Frickin’ weird. It was alright, though. You could barely taste the garfle over all the toppings, but I guess that was the point. I looked it up the other day. A garfle is a small scavenger animal, like a squirrel. Apparently they run rampant all over Spalagnatz IV, and selling garfleburgers to tourists is just one of the ways they keep the population under control.

“By the time we left, you definitely had a crush on Venutias. But like most interstellar romances, it was just not meant to happen. We went back to Earth and he went home to Balora, and we never saw him again. I suppose it was for the best. After you died and they translated your mind to digital, there wasn’t much left for you in the physical world. Maybe some day I’ll get to see what it’s like in there.

“Anyway, I have to get back to work. I’ll see you later, sis. I love you.”

Happy WiFi day! 8.02.11, the most exclusive holiday ever!

WiFi Logo. Image credit: IEEE

(Image Credit: IEEE)

Your birthday comes around once every year, Halley’s comet passes once every 75 years, but WiFi day still takes the cake as the most exclusive holiday. Happening only once on this fine day of August 2nd of 2011 and thus cementing it’s position as the ruler of all holidays.

Due to the unfortunate following of ISO 8601 among other things, this wonderful day has slipped right by Hallmark and never found it’s rightful place in the calendar.

We at SpiderOak would however like to tip our hat to this this cornerstone of modern civilization and ask you the user to tell us: “What’s the most memorable, fun or strange wireless network SSID (Network name) you have ever seen in your hunt for network access?”

Post your contribution and email or SpiderOak username in the comment section and we will pick a comment at random to receive an extra 10GB of storage, as our way of tipping our hat to our dear friend 8.02.11, prince of wireless standards.

Cheating the System

One of the benefits of this ’7 Posts –> 7 Days’ project is that I can finally push through some writing that I have put off for far too long.

One such story involves a scamming operation we uncovered with our affiliate program about a year ago. As it begins, we received a series of new affiliates who had Chinese names and listed their residence in Vancouver, British Columbia, Canada. At first we were excited given the steady stream of business they were sending our way. At the end of the first month, we sent out a few hundred dollars worth of affiliate referral fees to these new partners via the PayPal address each supplied.

Shortly after these first payments were made, I noticed a number of customers emailing customer support asking ‘What is SpiderOak?’ and ‘Why did you charge my credit card?’. These inquiries didn’t immediately set off any alarms as we often have contractors or consultants setup accounts on behalf of their employer. However, as the messages started piling up, it became more and more suspicious. After about the fifteenth email in 10 days I decided to start cross referencing these names against the affiliate referees. Rather quickly a pattern appeared.

These new affiliates were using stolen credit cards to purchase SpiderOak accounts under their affiliate umbrella. At the end of the month, we would then send the appropriate affiliate payments thinking the business they had sent our way was legitimate as the payments all successfully landed in our bank account. And before anyone could know any better, they cleanly laundered the money. Clever scam really – providing sufficient separation between the thieves, their victims, and the intermediary (in this case – us).

Once everything was definitive, I sent an email to all of the suspected affiliates asking for further information including websites, marketing techniques, etc… Silence. I emailed again and mentioned that if I did not hear back then I would cancel their affiliate accounts. No word was returned and thus we proceeded to cancel them one by one.

During this time I was also contacting the hundreds of users who signed up under these affiliate links. Many of them had no idea their cards had been compromised and were thankful for the call. However, when they began to ask for refunds we could not comply; instead, we had to turn them onto their credit card company or bank who in turn had to go through the rather tedious chargeback procedures. A complete mess. (On a side note – it has happened to us that we will provide a refund and the user will still file the complaint with their bank. If the bank validates their request then the chargeback also occurs which means we are out double. Luckily this has not happened too often.)

Lastly, I figured we could not have been the only ones perpetrated. As such I decided to call our competitors who offer similar affiliate programs; I figured if they were doing it to us then there was a high probability it could also be happening to them. Sure enough, one of them had known about the issue for a few weeks and three others became aware soon after our conversation.

In the end I am glad to report that these thieves only made out with a few hundred dollars but did manage to capture more than my fair share of time. We did contact the authorities and passed along all the associated information on these phony affiliates but have still yet to hear back. We further never found out how the card numbers were stolen despite staying in touch with several of the victims (a few of which actually signed up for a legitimate SpiderOak account).

We are left to believe that these types of plots are going on everyday and speak to the larger vulnerability issues in this ever growing digital world. And to think how much money these little scams cost both in terms of dollars and time spent – astronomical. As for SpiderOak, we were just happy to play our small part and reaffirm our mission as protectors of our users’ security and privacy.