Conversations about life & privacy in the digital age

Download The Newest Version of SpiderOak

Today we are proud to release our newest version – SpiderOak 5.0.


The most significant addition is SpiderOak Hive – a simple drag and drop folder that allows you to sync files across all your devices. For more information on Hive, feel free to visit


You can read about several other new features, enhancements and bug fixes at SpiderOak Launches 5.0 Beta.

Please reach out with any thoughts or questions. We look forward to continuing development and making SpiderOak the best it can be.

Fighting for the Right to Know

In February a bill was introduced in the State of California by Assembly Member Lowenthal called AB 1291 or the ‘Right To Know’ Act.

The central theme of the ‘Right to Know’ Act is transparency – creating a way for the user of a service to request and thus understand all the information a company has about them in terms of what was given, what was shared, as well as what may have been inferred. And despite various company spokesmen speaking up in favor of AB 1291 (e.g. increased transparency), behind closed doors many of these same companies are working to defeat the bill via industry groups and coalitions.

It is tough to argue against transparency. And it has always been our belief that a more transparent ecosystem would give way to a better educated consumer which ultimately means a better business environment. After all, we would hate to think that somehow companies were taking advantage of us in any way and the ‘Right to Know’ Act is a way through this potential fear.

For these reasons and more, we felt compelled to come out in favor of AB 1291. Below is the letter we sent to Assemblymember Lowenthal in show of our support:


March 21, 2013


The Honorable Bonnie Lowenthal

State Capitol, Room 3152

Sacramento, CA 95814


Re:  Support for AB 1291 (Lowenthal), The Right to Know Act

Dear Assemblymember Lowenthal:

On behalf of SpiderOak, Inc, we are writing to express our support for AB 1291, the Right to Know Act.

The Right to Know Act would modernize California’s Shine the Light Act (Civ. Code 1798.83), which was intended to provide Californians with the right to know when businesses are sharing their personal information. In the years since the passage of the Shine the Light Act, its definitions and mechanisms have been outpaced by rapid changes in technology, data collection, and business practices. The Right to Know Act would update this important measure.

We stand in support of the Right to Know Act for two reasons. First, SpiderOak strongly supports the principle that individuals deserve the right to know how their personal information has been collected and shared. Protecting user privacy needs to be an essential part of how we as a society address the growth of online activity. Therefore, we support efforts to provide individuals with consistent transparency across all of the companies who handle personal information.

Second, SpiderOak believes that transparency and greater understanding will help all businesses in the modern data ecosystem thrive – including SpiderOak. Businesses that handle personal information rely on user trust – that the business is handling information with the utmost care and concern. As the ‘cloud’ medium grows, information collection and gathering has increased exponentially. By increasing transparency, we believe that the Right to Know Act will promote good data stewardship across the board and thus increase overall trust in and usage of data-driven services, promoting innovation and business growth.

California residents and companies both deserve an online world where users can truly understand how their personal information is collected and shared. Transparency is a necessary step in building that world. For that reason, we are proud to join you in supporting the Right to Know Act.


Ethan Oberman

SpiderOak, Inc


We are curious to hear your thoughts on the ‘Right to Know’ Act and where you stand. Feel free to leave your comments here and looking forward to the dialogue!

News Users: 50% Off All Annual Plans For World Backup Day – 48 Hours Only

Thanks for participating! 50% off offer is now invalid. You will still be able to use the code below. However, your account will be replaced with 5GBs.

For the first time in SpiderOak history, we are offering a 50% off discount for new users. We don’t want you to become an April fool when it is EASY to safely, securely, and privately backup all your photos, videos, music, and documents.

Get 50% off. Less than 48 hours only. Sign up HERE & use the code worldbackupday.

Instructions for using the code through the Spideroak client or your account page:


  • Open your ‘account’ through the accounts tab in the Spideroak client or click ‘Buy more space’ button.
  • Once on the Account Details page, you will select “Upgrade My Plan” to the right.
  • On this page, you will see a “Promotional Code” box.
  • Type “WorldBackupDay” in this box and select “Update”
  • You should see the discount 5GB free option as well as the 50% discount to yearly plans.
  • Choose the option you wish to use, and continue the ‘checkout’ process and you are done!


History of World Backup Day

A redditor originally suggested the idea of World Backup Day in March 2011. The reddit community quickly rallied with him to launch the first-ever backup “holiday.” Learn more by visiting

Two years later, this day means even more to us as digital consumption increases and more hard drives fail each day. Today we want you to join us in not only acknowledging World Backup Day, but also recognizing how important it is for your personal peace of mind to make sure all of your data is backed up.

Why It Matters

Your hard drive may contain hundreds of thousands of files. We want to make sure your files are protected from hardware failures, accidents, theft, the apocalypse – anything. Be sure to take advantage of this deal today so you’re not an April fool. Share this discount with those you love so they can safely back up their data too. Do you run a business? Learn more about how your enterprise can backup its important data or sensitive client information with SpiderOak’s ‘Zero-Knowledge’ privacy encrypted backup.

Helpful Backup Tips

For extra precaution, here are some helpful backup tips for you to practice and share with your friends and family:

  • Compose your documents with frequent saves to your computer’s hard disk, and always consider that version to be your “original”
  • When you stop working on a project, or when you reach a point where your project needs extra protection, “back up” by saving the file(s) to removable media, usually flash drive.
  • Also store backups in a separate physical location.
  • The second time you create a backup of a document, make it on separate media from the first backup.
  • If you must do significant editing to a document, save it under a different name. Continue to use new names with each edition, being careful not to delete the old saves until you are 100% sure that you will never need them.
  • For extra protection, periodically print your documents.
  • If you have lots of software installed on your computer that would be time consuming to reinstall, consider doing a backup of the entire hard drive.
  • Test restoration. Sometimes computers and humans make mistakes, and sometimes things break.

Thanks for making this day fun, and your help spreading the word. Preempt tragedy and save your data with SpiderOak.

We’ve got your back(up).

Discount starts March 31 and ends April 1 at 11:59pm CST

72 hours only: 28% off an annual plan for Data Privacy Day

Data Privacy Day (DPD) began in 2008 and is held every year on January 28th. As the big day approaches this Monday and buzz continues around Kim Dotcom’s Mega, we are excited to keep privacy front and center.

Embrace ‘Zero-Knowledge’ Privacy for Data Privacy Day with our 72 hour special promotion:

28% off ALL Yearly Storage Plans

For a limited time only, get 100GB for only $78 per year! (Regular pricing: $100/year.) Take advantage by visiting and use the promo code “DataPrivacyDay” in your account settings.

Instructions for using the code:

  • Go to if you are not a currently signed up.
  • You must first activate your account on your computer by opening the SpiderOak downloaded application and selecting “Activate First Device.”
  • If you have not yet downloaded SpiderOak, you may do so here: Download SpiderOak.
  • Once activated, go to our homepage.
  • At the top right side, you will see “Login.” Click here and enter your credentials.
  • When you are logged in, you will click “Account” in the top right corner.
  • You will then select the orange “Buy More Space” button.
  • Once on the Account Details page, you will select “Upgrade My Plan” to the right.
  • On this page, you will see a “Promotional Code” box.
  • Type “DataPrivacyDay” in this box and select “Update”
  • You should see the discount in the ‘Yearly Billing’ drop down. If so, click “Next.”
  • Your account is now updated. Enjoy!
  • DPD’s focus is on raising awareness about the importance of protecting privacy online. Many individuals, companies, organizations, and even government agencies are helping spread awareness about respecting privacy. If you’re on Twitter, join the conversation about safeguarding data with the hashtag #DPD13.

    Here are some of the people already talking about DPD:

    On Monday we’re making a big announcement about the future of privacy in the cloud, and we’ll also offer some privacy tips for everyday life. In the meantime, please ‘Like Us’ on Facebook, follow us on Twitter, and help us spread the good privacy word.

    [NEW VIDEO] You + Your Data

    You and your data are quite the pair. You spend a lot of time together. And your growing relationship is something you share with others, whether business proposals, in gaming, family photos, your favorite music or movies.

    But who makes sure your precious data is safe, private and accessible when you’re not looking? Enter SpiderOak: The only 100% private Backup / Sync / Share provider in the cloud, for you or your business. Access your files anywhere, from any device. Linux, Mac, Windows.

    We’ve got your back(up).

    Biggest Privacy Faux Pas of 2011

    Though it’s impossible to account for all the data security breaches that happen, according to the Privacy Rights Clearinghouse, about 30 million records were compromised in 2011 in 535 separate breaches in the United States. Furthermore, those numbers reflect only the breaches reported. Many more go unknown or unreported. Many times, hackers are the culprit. However, a significant portion of the breaches come from inside the organization where an employee or agent with access to the data are at fault.

    Unlike SpiderOak, some companies and services don’t encrypt information inside databases. This was the case with Sony. The Sony breach alone accounted for nearly 80 million records! Other breaches occurred because someone left a server wide open, leaving very sensitive or personal information accessible on the Internet. This was the case with Texas Comptroller, when 3.5 million people’s names, addresses, and social security information was open to the public. Some breaches were caused by carelessness, when backup tapes or laptops were stolen after being left in cars. This was the case with the Department of Veterans Affairs when 26.5 million veterans were exposed by an employee who took an unauthorized computer home.

    Of course, how could we forget about the giant Dropbox breach who confessed that a bug in the service’s authentication software made passwords optional for a period of four hours. This allowed anyone to log into a user’s account simply by entering their user name. An estimated 25 million users’ accounts were compromised triggering a class action lawsuit.

    As a company with the core focus on privacy and security, we know how important it is to safeguard your privacy and maintain internet safety standards. That is why we are happy to emphasize our Zero-Knowledge policy which allows only our users the ability to access their data. In addition, we are looking to certify other companies in the future who also adopt this approach. Stay tuned!

    What does i_ m__n __ __v_r _____ ___ ____ ____ ___c_?

    We have been getting a lot of questions lately about our block level
    de-duplication, how it works, and how it is applied through the SpiderOak
    process. As I consider myself to be layman, please allow me to explain this in
    more simplistic terms – such that even I will be able to understand.

    For the sake of this example, let us say you have created a document
    entitled ‘Why peanut butter and jelly sandwiches are better when you place
    salt & vinegar chips in the middle’. The size of this document is 10k.
    After saving the initial version, you go back and make 9 additional edits.
    Each time you make an edit, you save the document as a new version thus giving
    you 10 complete versions. And with each version being exactly 10k, the
    complete document takes up a total of 100k on disk (or 10 versions multiplied
    by 10k).

    SpiderOak, on the other hand, works much more efficiently when storing data
    - creating many wonderful benefits for the user. As you can imagine, from the
    first version of ‘Why peanut butter and jelly sandwiches are better when you
    place salt & vinegar chips in the middle’ to the last, only small pieces
    of the document have changed. One simple example is replacing the word
    ‘excitable’ with the word ‘volatile’ in the third paragraph. Instead of
    storing (and uploading) a whole new version of the document each time a small
    change is made, SpiderOak breaks each document into blocks of data and then
    only backs up (or uploads) the change or delta between the new version and the
    old. Using this process, the same 10 versions of the aforementioned document
    on SpiderOak only amounts to 15k on disk (as opposed to 100k above).

    Although the below visual example only uses two versions of a document, it
    does further explain how the SpiderOak de-duplication process occurs.

    This process saves our users a considerable amount of space as a user is
    only billed for the de-duplicated amount. Furthermore, the upload can occur
    with much greater speed because only the changed blocks of data are sent from
    one version to the next. In the end, SpiderOak works extraordinarily hard to
    never upload and/or store the same block of data twice – saving our users
    money and time.

    Question: So perhaps now you may better understand the title and how it
    relates to de-duplication?

    Answer: What does it mean to never store the same data twice?

    Online Privacy – Strange Bedfellows…

    Normally, when people think of ‘online’, privacy is definitely not the first, second, or fiftieth thought that comes to mind. If fact, people generally exhibit quite the opposite response and conjure up images of complete nakedness. After all, the modern-day Internet has evolved mostly for the purpose of providing instant exposure, distribution, and presence to the world over. The question then becomes, can the value of the Internet extend beyond nakedness?

    One of the driving purposes behind SpiderOak was to dispel the notion that just because data is online means it can no longer be private. The goal was simple – devise a plan where a user’s files, filenames, file types, folders, and/or any other personal information is never exposed to anyone for any reason (even under government subpoena). This of course includes the SpiderOak staff who – even with physical access to the servers upon which the data resides – should never be able to see or interact with a user’s plaintext data. Creating this environment, however, would prove more difficult than simply making these statements.

    In the beginning, we grappled with how best to accomplish this feat – creating ‘Zero-Knowledge’ privacy as we call it. Most of our competitors and thousands of other companies make claims and statements about security and privacy but, at the end of the day, they would all fall short of achieving our aforementioned goals. To use the most general example – if a company can reset your password, it means someone in the company has access to your encryption keys (if they encrypt the data) which further means they can access your data if they ‘had’ to or, worse yet, someone else could with far worse intentions.

    A more specific case is Mozy’s use of encryption. Mozy’s encryption is far better than most online storage providers and yet it contains serious oversights. The default options have you choosing between a stronger ‘Mozy’ key (which Mozy then knows and could use to decrypt your data) or a weaker key you choose on your own and keep private. Even if you choose the weaker private key, Mozy still stores your file and folder names in plain text – meaning they know a list of every file archived from your computer. We would suspect they know the size and timestamp of each file as well although this information has not been publicly disclosed. This seems to represent a great deal of information to reveal about the contents of your ‘private’ data, doesn’t it?

    To overcome this threat and others, we at SpiderOak decided to never store a user’s password nor the plaintext of a user’s encryption keys. This ensures that there can never be a point – ever – where we could even unknowingly betray the trust or privacy of a user. Why? Because – to put it simply – we don’t ever come into contact with the keys needed to unlock the encryption surrounding the data. Even with physical access to the server or under subpoena, SpiderOak simply can never see or turn over a user’s plaintext files, filenames, file sizes, file types, etc… On the server, we only see sequentially numbered containers of encrypted data.

    This necessarily meant a different approach to various processes throughout SpiderOak which you may or may not have noticed – including forced registration through the desktop application and never via the web. In the
    end, however, we did accomplish our goals and proved that, although strange bedfellows indeed, ‘online’ and ‘privacy’ can sleep next to each other every night, naked, and live happily ever after…