Conversations about life & privacy in the digital age

Place Privacy First for National Cyber Security Awareness Month

National Cyber Security Awareness Month champion - SpiderOak

October is National Cyber Security Awareness Month (NCSAM). We believe you don’t have sacrifice privacy in our online world. Furthermore, we believe privacy is the best form of security. Building privacy into technology is the key to true freedom online.

In honor of NCSAM, SpiderOak would like to offer you 25% off our yearly plans.

For the rest of October, give your ‘+1 for Privacy’ as you backup, sync and share with this special promotion.

Visit SpiderOak.com/signup and use the promo code “plus1forprivacy” in your account settings for 25% off. That is only $7.50/month for 100% private cloud storage.

Current Users:

  1. Login to your account online.
  2. Go to your ‘Account‘ tab at the top
  3. Click ‘Buy More Space,’ and then choose ‘Upgrade My Plan.’
  4. Plug in the promo code plus1forprivacy, and choose which plan you want under Yearly Billing.

New Users (welcome!):

  1.  Sign up here
  2. Download and install the client
  3. Click  ‘Buy More Space’ in the client itself, or via the web portal (which will then take you to a new screen, where you need to choose ‘Upgrade My Plan.‘)
  4. Use the promo code plus1forprivacy and choose which plan you want under Yearly Billing.

2013 marks a decade for National Cyber Security Awareness bringing awareness to online safety and security issues and helping educate people about the best ways to protect their privacy online. Join us over the next couple weeks in acknowledging NCSAM as it emphasizes the roles and responsibilities each of us play in helping to create a safer digital world. We hope you make time during the month, and throughout the year, to take proactive steps to help safeguard you, and your friends and families.

Thanks for helping promote the importance of privacy!

SpiderOak Calls to Reform the Electronic Communications Privacy Act (ECPA)

We all know the Fourth Amendment gives us a right to privacy – making it so the government can only search our home if they have a good reason, and – except in emergencies – a warrant from a judge. Since technology has advanced faster than court decisions and statues, our right to privacy is suffering.

The Electronic Communications Privacy Act (ECPA) was enacted to extend restrictions on the governments ability to intercept certain electronic communications. It was signed into law in 1986. 1986! Think: Peter Gabriel’s hit “In Your Eyes,” the Iran-Contra affair, Top Gun, the appearance of Halley’s Comet, and $89,430 was the average cost of a new home in the U.S.. The ECPA is now one of the Internet’s most outdated laws and desperately needs reform.

Instead of storing our private letters, photos, documents in a shoebox or file in our bedroom closet, most of us have them stored in the cloud. Under the current ECPA however, government agencies don’t need a warrant to search our private stuff stored in the cloud like they would if we stored these items in our home. We think this should change and better reflect this day and age.

The ECPA Reform Bill prohibits Internet companies from divulging contents of communications to the government without a warrant. It won’t solve everything, but it’s a good start and definitely part of the solution. It is bipartisan and has wide support from the tech community and advocacy groups. It’s time for congress to give the public the same level of protection of privacy that our email and online documents deserve.

If you agree, visit VanishingRights.com and tell your Representative to support ECPA reform.

Ready to Learn & Earn? SpiderOak University is Now Open

Here at SpiderOak, we are always pushing ourselves to learn more. Whether about our ‘Zero-Knowledge’ privacy policy or the way our SpiderOak client works on your computer, we want to encourage you to learn as well. That is why we have officially opened the doors to SpiderOak University – and you’ve got a free ride!

Enter SpiderOak University

You’ll find short video classes taught by our very own CEO, Ethan Oberman. In addition, you’ll find several other videos and explainers that will allow you to not only learn about SpiderOak and how it works on your computer, but also our philosophies and ways that will help you keep your data safe and private.

Pay Attention!

We want to see how much you’ve learned. All students of SOU (SpiderOak University) will be able to take quizzes to get FREE storage! Get all the answers right? You get 2GBs added to your account. Miss one or more questions? You’ll get 1GB added to your account. Anyone can take the quizzes and earn, but you can only take each quiz once, so study hard!

Are you ready to put your thinking cap on? We sure hope so. We look forward to seeing you in class. Visit SpiderOak University.

Private and encrypted storage for Bitcoin? SpiderOak gives it a try!

Unfortunately, our testing has now concluded. We had a great response and plan to take bitcoin payment hopefully at the beginning of next year, but will be unable to integrate that into our system at this very moment. If you want a personal email notifying you when it is set up, please email erin[at]spideroak[dot]com. Thanks!

 

 

We at SpiderOak believe in privacy. And we believe in always pushing the bounds of privacy further and further into the Internet. To that end, we have made the decision to do a proof-of-concept around accepting Bitcoins as payment for SpiderOak service. As Bitcoin becomes a more ‘mainstream’ method of currency exchange, we thought it only natural to extend it’s concept to SpiderOak as another privacy promoting element.

For this initial test, we will be manually accepting payment for 100GB/1-year accounts. We are conducting this initial test to gauge interest and if the demand is present we will possibly implement an actual API-based Bitcoin payment system. This would of course enable anyone to make payment for their SpiderOak accounts with Bitcoins.

Our Trial Offering: 

  • We offer a total of 25 x 100GB SpiderOak account upgrades for 1 year ($100 value) to customers wishing to use Bitcoin as payment.
  • The cost per 100GB account during this trial period will be 0.75 BTC (a 25% discount vs. Fiat)
  • To purchase a 100GB account upgrade, you need only email bitcoin@spideroak.com for your personal Bitcoin deposit address for the payment. Once payment is made, we will send you an email with an upgrade-code to use for the 100GB upgrade.

Ultimately this is our way of helping to support both the concept of privacy as well as promoting the Bitcoin community by proving that business are indeed taking Bitcoin seriously. We are eager and curious to hear feedback so please feel free to reach out to us anytime with additional reactions or thoughts.

Privacy Roundup #7 of 2013

August is upon us and summer in the northern hemisphere is in full swing. And although it seems like yesterday, news of PRISM broke several months ago and Edward Snowden continues to be firmly in the conversation. Further, the US government has been under relentless pressure from foreign governments, congressmen, senators, and companies for what many consider a very intrusive information gathering policy.

For this roundup we did try to include some links to news other then the aforementioned but – as you can tell below – we still felt obligated to include several PRISM / NSA related coverage as the associated privacy issues are still significant.

Click away and catch up on some of what has been going on in the world of online privacy and security in the last month:

From our perspective, we are happy to see a national and international debate rising around privacy and its growing importance in the online world in which we live. This will be a significant issue of our time as we need to understand where lines should be drawn and who is responsible for drawing them. Finding a fitting quote to end this privacy roundup with was not a terribly difficult task in light of this recent news.

“Big Brother is Watching You.” ― George Orwell, 1984

Explaining SpiderOak Through a Comic

As employees of a cloud service, we’ve seen our fair share of puzzled looks when trying to explain what the “cloud” is and how it works. In an effort to amuse ourselves, we’ve invented an alternate theory of how SpiderOak works.

While the real SpiderOak is on the cutting edge of privacy and encryption, this SpiderOak involves real clouds, bi-planes, and a cabana where your computers hang out. We hope you enjoy it.

Top 5 Reasons to Care About Privacy

There has been a lot of discussion around our right to privacy and we at SpiderOak couldn’t be happier. We’ve been talking about it for years! Based on some recent conversations, we thought we’d give you five reason to care about privacy.

(1)  It’s Your Identity

You may shrug your shoulders and think, who cares if someone knows my demographics, where I shop, what I read, or what I say – they don’t really know it’s me. Online anonymity is becoming a thing of the past. The fact is, some companies may not keep your personally identifiable information (PII) but that doesn’t mean the information collected can’t or won’t be resold to other parties who are building an identifiable profile on you. Once you’ve released information into the wild, there is no getting it back – and you no longer have control over or any rights to it.

(2)  Your Information Is Worth Money – And You Don’t Want It Used Against You

Companies are paying for your information which means it’s worth cold hard cash. If you are generating something of value, why not treat it as any other asset you own? Furthermore, consider the idea that you could be discriminated against based on this information. For example, a company could charge you more for a product or service and who thinks that is a good idea? Click here to learn how this is already happening.

(3)  You Deserve It, Until You’ve Done Something Wrong

In this country, you are allowed to operate freely – which also means, privately – until you’ve done something wrong. Or at least until you’ve done something to raise the suspicions of the powers that be. Our government isn’t allowed to look over our shoulders unless they have a legitimate reason to do so. This principle was built into the founding of our country.

(4)  A Responsibility to Protect Those More At Risk

Perhaps you’ll decide keeping your data private is not a battle you care to fight but it’s still worth protecting the ability to make that choice. Stand up for the choice so others can also make it. Privacy may not be a big deal to you but it is to others like, children, teenagers, individuals who are pregnant, those dealing with health challenges, victims of abuse, activists, government and public figures, along with many more. It’s our responsibility to protect those who need help protecting themselves.

(5)  Room To Grow

Privacy allows you the space to try on something new, explore ideas, or think through decisions without lasting consequences. Having this freedom is critical to our ability to thrive as individuals and as a society.

Privacy Roundup #6 of 2013

Summer is officially in full swing in the northern hemisphere. For us Americans that means a celebration of fireworks and cookouts and freedom. This year in particular we are thinking a little more about what ‘freedom’ means in the backdrop of PRISM and its impacts on our society.

It is a complicated issue for sure as we all want to live in a safe place – away from harm and terror. However, we also need to be fully aware of the costs and what we are willing to give up to achieve this safety. It is a dialogue that is finally entering the public discourse and one that we hope will continue in the weeks and months ahead.

This edition of the Privacy Roundup serves up a collection of the most interesting, eye opening and informational news pieces and blog posts on the topic of privacy and of course focus on the late breaking news around the growing Snowden/PRISM scandal:

The weekly quote for this roundup may have to be from “Cosmo” the lovable blind hacker from the 1992 movie “Sneakers” – “There’s a war out there, old friend. A world war. And it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think… it’s all about the information!”

As always, we hope you have a productive and private month ahead! Until next time…

Restore the Fourth: Secure Your Privacy with 4GBs Free(dom)

This week we are supporting Restore the Fourth‘s online efforts to drive awareness and action against unconstitutional digital surveillance. Be sure to join the conversation on Reddit and Twitter via #restorethe4th.

In solidarity, we are offering 4GBs free to new users and 25% off annual plans for existing users. Embrace our zero-knowledge privacy this week as you safely, privately and securely back up the data that is most important to you. See below for more information on how to take advantage of this limited-time deal.

THE FOURTH AMENDMENT

The Fourth Amendment was carefully written for the express purpose of limiting the government’s ability to violate the deserved privacy of its law-abiding constituents. We celebrate our freedom this week by asking the government to acknowledge privacy with respect to digital communications data.

Another way you can take action is by visiting stopwatching.us and sign a letter that demands the U.S. Congress reveal the full extent of the NSA’s spying programs.

TAKE ADVANTAGE OF 4GBS FREE(DOM) OR 25% OFF

If you are a new user, sign up for 4GBs free for life when you sign up HERE.

If you already use and love SpiderOak, use the code restorethe4th when you upgrade your yearly plan to receive 25% off – that means only $75 per year, or $6.25 a month, for 100Gbs. Here’s how:

  • Open your ‘account’ through the accounts tab in the SpiderOak client or click the ‘Buy more space’ button.
  • On the Account Details page, select “Upgrade My Plan” to the right.
  • On this page, you will see a “Promotional Code” box.
  • Type “restorethe4th” in this box and select “Update”
  • You will see the discount 4GB free option as well as the 25% discount to yearly plans.
  • Choose your promotion and continue the ‘checkout’ process.

Note: The ’4 GB FREE’ offer is intended for new users. Selecting this promotion as a current user will replace your existing storage with 4 GBs.

Offer ends July 4th at 11:59 PM CDT.

Enjoy, and thank you again for your continued patronage and support.

Securing Your Mail From Site to Site

Many of you know how to secure your email between your mail client and your computer. But if you run your own mail server, did you know you can secure email between servers? Many servers support TLS encryption for outgoing connections, which will protect your mail between your server and the next one. For my favorite mail server, Postfix, add this to your main.cf:

smtp_tls_security_level = may

This will enable “opportunistic” TLS for outbound connections, meaning it will use encryption if the remote server supports it, otherwise it will transmit it unencrypted. If you’re really paranoid and don’t want to talk to servers that don’t support encryption, you can change may to verify or secure to ensure that the remote end uses encryption.

To ensure that your server listens for TLS requests, add this:

smtpd_tls_security_level = may
smtpd_tls_cert_file = ...
smtpd_tls_key_file = ...

Note the small difference between smtp_... and smtpd_. The cert and key parameters configure your SSL certificate. You can also use encrypt here instead of may to force encryption for clients, but this isn’t recommended for a public Internet server.

By default, if Exim is compiled with TLS support, it will attempt TLS for outbound connections. If you want it to accept TLS, though, you’ll have to set:

tls_advertise_hosts = *
tls_certificate = ...
tls_privatekey = ...

It’s important to note that even with these configurations, you can’t guarantee that your mail is completely encrypted in transit, since your mail could be transmitted between several servers. It also doesn’t prevent eavesdropping on the servers themselves. If you want to ensure that only the recipient can read your mail, you should use something like PGP.

I’ll leave other mail servers as an exercise to the reader. Feel free to post further configuration or notes in the comments!