Conversations about life & privacy in the digital age

Introducing Privacy MadLibs: Win Free Storage

Some of us here at SpiderOak loved the game MadLibs when we were younger. If you remember, MadLibs are silly word games that create a new story by changing a few selected words. That is what we want you to do to the text below…

HOW TO PLAY

All you have to do is submit your answers/words in the order they appear, in the comments section below (with your username). We will publish our key tomorrow, along with the top three submissions that get closest to the right answers.

  • First Place: 7 GBs
  • Second Place: 5 GBS
  • Third Place: 3 GBs

We can’t wait to see what you come up with!

SpiderOak MadLib

We think individuals and companies don’t have to {Verb} their {Noun} online. Companies who can’t offer privacy are forced to sell security alone. However, we believe the cloud can be a perfectly safe place as well.

Privacy has been and will always be a priority for SpiderOak. Everything we {Verb} for meets our ‘Zero-Knowledge Privacy Standard’, which means no one at SpiderOak can see your {Adjective} plaintext data.

SpiderOak is often referred to as “the secure alternative to Dropbox”. Our founders {Verb – Past Tense} SpiderOak in 2007 with the ultimate idea to create an environment where they didn’t even have to trust the people that work at SpiderOak. It was {Adverb} built in to the product.

We are very proud of how SpiderOak has evolved over the past several years. Once you download our {Adjective} {Noun}, you can use our software online to back up, share, sync, access and privately store data for only $10/month. You can {Verb} your data from anywhere, from any device: Windows, Mac OS X, and Linux (Ubuntu, Debian, and Fedora & openSUSE). We also offer SpiderOak Blue, which provides the same security and privacy you know and love to businesses. The financial, healthcare, legal, and accounting sectors with sensitive data are especially keen on the {Noun} SpiderOak Blue provides.

Thanks for making the web a safe place with us! We predict 2013 will be ‘The {Noun} of {Noun}. What do you think?

Mayan Prediction 12-21-12: Just the end of their calendar? End of the world? Or merely a blizzard?

Before I even put my head on the pillow, the screaming wind was banging without pause against my windows. It probably wasn’t a valid fear, but throughout the night I’d wake up wondering if it was going to break the glass and throw a wave of snow and paralyzing cold onto my bed, all over my room. It was an ear-plugs-in kind of night.

I currently live in the literal country in Kansas. Hay bales and cows are scattered about within eye-sight and beyond. I get to see the most beautiful sunrises and sunsets each week. Four happy farm dogs greet me as I come and go. The nearest store is 20 minutes away. I can see two houses in the distance. It is so peaceful here.

As I floated in and out of sleep all night, I’d be sure to look out and catch glances of the eerie-gray scene unfolding outside. It struck me as funny that tomorrow is the end of the Mayan calendar and one of many speculations is an apocalypse (and where to get a better picture of this than on Wikipedia). You can’t blame me for where my mind went with the brutal weather rip-roaring before my very eyes, accosting my ears.

I woke up this morning to a lighter sky, letting me finally see the blizzard in action. The wind and snow tore forcefully across the plains (the photo doesn’t do it justice). It is the kind of power and grace that makes you pause…

All over the area and into Missouri and Iowa, traffic is at a standstill for hours, schools are cancelled, and people can’t go into work. The news is eating the chaos up, describing the “painful” wind in their fluffy parkas, and following with excitement the night-work of the snow plows and salt-layers.

No matter what you think or believe may happen tomorrow, I believe it is never a bad thing to be reminded that all we ever truly have is today. So this all reminds me: enjoy this day. Each person, each moment. Do things you love with people you care about, while you can.

But for those doom-and-gloomers out there who will be spending their ‘last day’ kissing and hugging loved ones goodbye, partying like it is 1999, or spending the last drops of money in their bank accounts, tomorrow, we at SpiderOak will be developing new features, running our servers, maintaining our beloved Zero-Knowledge privacy, and arguing with each other about who’s working on New Years (or something like that).

For those of you who don’t buy any of it and will carry about as normal, here are two awesome things you can do with your time:

  1. Until Monday night, you can send a friend or loved one a ‘Secret Santa’ gift ON US. Gifts are handed out randomly and include an iPod Touch (1 prize available), a pair of socks (5 prizes available), a 100 GB plan (10 prizes available), a 5 GB plan (1000 prizes available), and 30% discount on all SpiderOak yearly premium data plans (unlimited prizes available). Spread the word! Be generous – it’s fun to give.
  2. Make sure all your documents, files, photos, videos, and data are safely backed up. If you’re new, sign up here and check out the pricing. (There is nothing like going into the New Year with peace of mind. Be sure to share with your friends and family so they can do the same!)

As for me, I’ll spend the day working, listening to the wind howling and banging on every window, and wondering when I’ll be able to get out (I have a holiday party to attend tonight after all!)…

Wishing you a truly rich, wonderful day,

Erin & the SpiderOak Team

Privacy Roundup – Holiday Edition

In time for the Holiday Season we bring you the 4th edition of our ‘Privacy Roundup’. We are happy to report that the end of 2012 has brought with it a focus on privacy in Washington and can only hope it is a sign for things to come in the new year. In the meantime – however – here is another list of advice, news, tips and tricks to help you stay on the path to privacy as we enter 2013.

Presented below are the most eye opening and informative writings on the topic of online privacy over the last few weeks:

 

On Privacy: It’s Not What I’m Hiding (Or Not Hiding) That Matters

Technology built into mannequins helping stores track customers

It’s Time to Modernize our Privacy Law

Hacker locates John McAfee through smartphone tracks

Get Ready for Ads that Follow You from One Device to the Next

Black boxes in cars raise privacy concerns

Trust you all will have a wonderful & happy Holiday Season and looking forward to continuing the dialog.

Until then and in the slightly altered words of Ron Burgundy – “Stay ‘private’ my friends…”

It’s time to kill ‘online’. And buy clean milk.

As someone who has been ‘online’ since the early 90′s, listening to the emerging conversation around privacy, security, and integrity makes me want to flip a virtual table.

Having managed and built such sexy things as ‘direct marketing and selection systems’ for longer than I care to admit, I can honestly say that the argument against the silent collection of user data as being one that “degrades the experience for the majority of users” (Article link: Yahoo will ignore Do Not Track for IE10 users) is bullshit – pardon my frankness. A more honest description would read somewhere along the lines of ‘we make lots of money selling and distributing user data because it costs us nothing and is worth a lot of money’. (Please don’t sue me!)

So the question remains: why are we still living in a world whereby every time we visit a website the operators are silently – and in some cases without express consent – gathering all sorts of information on our location, previous shopping habits, age, demographic and a slew of other preferences?

To display the vast differences between ‘online’ and everything else, let’s look at two simple examples:

If you walk into Walgreens and buy a pack of gum you have the very visible choice of joining any of at least 2 or 3 savings programs, give money to starving children or just registering for future bonuses. In the physical world this is a very clear and conscious choice that most people (including myself) decline or accept based on our personal preference.

Simple, isn’t it?

However, the virtual world plays by a wholly different set of rules.

Every time you visit a website you are likely to be giving away a number of identifying factors whether you know it or not. And should you happen to actually purchase something, you are leaving yourself at the mercy of the capitalistic virtual demigods. Not only are you giving away your credit card number, address, zip-code, purchase preference, delivery preference and phone number, but very likely a massive amount of aggregate information stored in cookies from other purchases and visits that you have made. So what’s the difference?

In 1995 I would have totally understood this process. The Internet was a vast wasteland, inhabited by porn and pop-ups, and ruled by unscrupulous characters (no need for student loans, thank you very much).

Even in 2000 the Internet was mostly an unregulated territory where spammers could roam free and ‘Adwords’ was an instant success story (again, thank you). But now? What gives ‘online’ the right to work under a different set of rules and regulations then regular ‘IRL’ commerce?

Opt-out by default should be the standard.

Companies (yes – I am looking at you Google, TradeDoubler, Yahoo, etc…) collecting personal information should be on a ‘default is NO’ basis. Not only because this practice is borderline illegal in many cases but – and much more importantly – it undermines the very nature of consumer confidence. Thus, it is time to kill ‘Online’ and start treating ‘online’ the same way we do everyday grocery shopping.

Commerce is commerce.

If you buy something ‘online’ or at your local store you should, as a consumer, be able to expect the same service, rights, privacy, and responsibility as you would in any brick-and-mortar store! Anything less and the the impact will remain consistent – people still thinking of the Internet as a less secure, less private and less safe purchasing option. And THAT is not good for anyone.

So let’s do away with the excuse that ‘online’ somehow differs from ‘IRL’ and just accept that whether you are face-to-face with your local grocer or 5,000 miles away you are still just buying a gallon of milk.

Privacy Roundup – 3rd Edition

Today we bring you another edition of our ‘Privacy Roundup’. I would enjoy reporting that our online privacy is moving toward a better place but as you will read below – this is not the case. Unfortunately it seems as though our civil liberties have to be violated before we take notice. However, it is not all doom-and-gloom and positive strides are being made day in and day out by folks who don’t just care about their own privacy but yours as well.

So with no further ado, I present the following articles and posts surrounding the ever-peering online world in which we live:

 

US Government: You Don’t Own Your Cloud Data So We Can Access It At Any Time

Gaping hole in Google service exposes thousands to ID theft: Vast number of car insurance at risk by flow

How (and why) to surf the web in secret

Do Not Track finally arrives with Version 23 of Chrome

Megaupload Case Has Far-Reaching Implications for Cloud-Data Ownership Rights

How one law student is making facebook get serious about privacy

For those of you who celebrate American holidays, we want to wish you a very happy & healthy Thanksgiving holiday. We hope you spend it with those close to you and safe travels to your destination.

Until next time – stay ‘private’ my friends…

What people are saying about SpiderOak (Pt. 3)

Over the past few days, we’ve been highlighting what our users are saying about us. In case you missed it, you can view our posts from Friday and yesterday.

We appreciate SpiderOak users, and one of our favorite things is getting to know you. Our loyal customers and fellow privacy fanatics have continually helped us create a better product and develop and grow as a company.

Cody, the pharmacy student:

Konrad, the computer geek:

“I came across SpiderOak a few days ago and gave it a bit of testing. I absolutely love the pricing plans, especially with the student discount. As a fellow computer geek, I also really appreciate all the security features. You are doing an awesome job as far as doing things properly is concerned.”

Alexej, the savvy solution-seeker:

“Back before I discovered SpiderOak, I was feeling the need to set up some kind of backup and sync between my work and home computer. I never, ever would store any data that is personal on someone else’s server unencrypted though. What was I to do?! I searched and tried and eventually came up with an encfs-Volume in a Dropbox folder. Believe me, it was a day’s work for me to figure out how to get this running on OS X including installing the Linux files, making a bash-script that would mount the volume automatically so it would always be ready to use, etc. But finally, this allowed me to store and sync files remotely while ensuring they were encrypted on my side on the fly. That was the first – at least functional – solution I used; I had tried a few other ways before but they all fell short in terms of usability. Then, I found SpiderOak – and you guys! You can imagine how moved I was to see that somebody was doing just what I had looked for for all the right reasons and in just the right way! Great company, great people, good reads on the website, and all in all such a feeling of relief, both safe and secure.

The best test was a recent hiccup while backing up: transfers just froze at some point and nothing seemed to be working anymore. But thanks to the way SpiderOak is coded and stored, nothing got lost, the re-installation of my primary device’s backups and syncs were a breeze, and Laura (Customer Relations) was a pleasure to talk to and get assisted by.”

Don’t be shy – what about you? What has been your SpiderOak experience? Leave a comment below.

(Psssst…tomorrow we will kick off our limited special offer of 25GB for $30. We’ve had a lot of requests for a 25GB offering, but this will be our first. Be sure you don’t miss out – it will only be available for 3 days!)

What people are saying about SpiderOak (Pt. 2)

We’re thankful for you. We said it Friday, and we aren’t quite done.

One of our favorite things is getting to know SpiderOak users. Our loyal customers and fellow privacy fanatics have continually helped us create a better product and develop and grow as a company.

Meet a few more users who were willing to share their SpiderOak story:

Angela, the mother of four:

Gary, the traveler:

“Thank you again for your organization’s fabulous gift of your ‘cloud,’ to me and the friends to which I’ve referred to your company. Your tool allows me to:

  1. Reduce my stress and feel safer because I know that my roughly 25 years of docs are backed-up more securely than on a memory stick or DVD (which I used to use).
  2. Save energy, time and frustration because I no longer need to remember to and, then, manually back up my docs and sync my computers.
  3. Have enhanced convenience and travel about Toronto more lightly without having to drag my laptop because I can access my docs wherever I am in the world via the net.

You won’t be surprised, given the above benefits that I receive from SpiderOak, that I have it loaded into my “Start-up File” on each of my desktops, laptop and wife’s computer so your [client] loads and runs automatically when I start to write. This enhances SpiderOak’s convenience even further for me.”

Christopher, the Linux, Ubuntu and Windows user:

“I am a person who has a certain amount of data I often need to access when I’m away from my workstation. Of course, I’m also concerned that just backing-up to my external drive could have risks. An excellent solution to these needs is the online backup service provided by SpiderOak.

What’s striking about SpiderOak is the elegance and simplicity of the product. A small, easy-to-setup application sits on my Ubuntu and Windows desktops and backs up the data I have specified when it’s created or changed. It’s wonderful that it just gets on with the job without needing my intervention. I can easily make changes to my backup set, check my backed up data, or see how much of my free online storage I have used – which, by the way, is a really attractive feature with 1GB being allocated for each friend referred. I often setup networks and PCs for friends, etc, and I have found that SpiderOak is a great tool for storing useful files in a central location that I can access any time I need to. By using the simple web interface and downloading them I save myself the bother of constantly remembering to have to load a USB stick to carry them around. The same advantages apply when I setup new Linux distros on my own machines.

I’ve also found SpiderOak a great tool to enhance security while travelling. I often travel in Europe on business and previously would carry a laptop or USB containing sensitive data. Yes, it was encrypted, but it gives me much more reassurance that I can now simply access that data securely from my company’s network by logging into my secure SpiderOak account.

Last, but certainly not least, I really like how SpiderOak comes across. The website is simple to navigate and tells me all I need to know. There’s also an element of humour there and in the Twitter feed from @SpiderOak. I really appreciate this. Although I’ve never had a problem with the product, I have the feeling that although SpiderOak people take what they do very seriously, they don’t take themselves too seriously. It’s refreshing to discover a business that is not laden with empty marketing-speak and actually comes across as if it has pleasant human beings working for it who are interested in what I as a customer need. It must be a great place to work! Thank you for an excellent service.”

What about you? What has been your SpiderOak experience? Leave a comment below.

The Risk to Your Encryption Keys when Using Virtual Hosting

Dan Goodin over at Ars Technica has a nice article with an example of one of the privacy risks of using virtual hosting (such as Amazon EC2 and other cloud computing services.) This particular scenario allowed attackers to recover GPG keys from other virtual machines that happened to be running on the same physical machine. It’s likely possible to recover SSH keys in a similar way.

Since a few customers have asked, SpiderOak owns and operates all of its own physical hardware. None of it is virtual hosting with other organizations.

What people are saying about SpiderOak (Pt. 1)

One of our favorite things is getting to know SpiderOak users. Our loyal customers and fellow privacy fanatics have continually helped us create a better product and develop and grow as a company.

We’re grateful. Allow me to introduce you to a few users who were willing to share their SpiderOak story:

Kevin, the professional musician:

Brook, relieved to have photos and videos safely backed up:

“I just wanted to drop a quick note that I recently started using SpiderOak for my backup and syncing needs, and it works great. I can vouch for it working well on Windows, Linux and the Android app. I love all the flexibility you have with [the client] and really appreciate the ‘zero-knowledge’ data encryption. Over the weekend [my family] organized and backed up about 10GB of photos and videos. It’s a huge relief to have that taken care of. [I really appreciate] SpiderOak’s sync feature for keeping my main documents synced between my desktop and laptop. I’ve contacted support a few times for general questions and always received quick, personal and useful responses. So far, I’m very pleased.”

T3charmy, left Dropbox for SpiderOak:

“I left dropbox for you guys. I had a promo for 5GB free, and so far, you guys are WAY better than Dropbox. My experience… has far exceeded what Dropbox could do. The one thing that I would like to see is the ability to upload files from the Android app. Other than that, you have far exceeded my expectations. 6/5 stars.”

We’ll share more testimonials next week, as well as promote a limited special deal for 25GB we’ve never before offered. Stay tuned!

In the meantime, what about you? What has been your SpiderOak experience? Leave a comment below.

How SpiderOak is Fighting for Privacy on the Legislative Level

Regardless of who wins the White House at the close of the election, we as Americans do need to think about how we are going to engage, relate, relinquish control of our privacy in this Internet age.

Among the many advantages the Internet provides is the ability to collect, track and report on movements from what webpages we visit, what we buy, where we go, our hobbies, likes, dislikes, and so on. Should the power to abdicate this privacy be placed in the hands of Google, Facebook, eBay and others who will operate in their own best interest? OR should the government pass legislation that protects the rights of our privacy online and what 3rd party companies can and cannot use without our permission? These are important questions that have longer term implications for us all.

As a company founded and focused on privacy, we feel it is our responsibility to be outspoken on this all important issue. As such, please see our recent press release below and we will share further efforts on this topic moving forward:

_________

SpiderOak to Legislators: New Policies Urgently Needed to Protect Online Privacy

Mobile Applications, Web Browsing, Gaming and Social Media Are Being Monetized for Profit — at the Expense of Consumer Privacy

SAN FRANCISCO, CA, Nov 01, 2012 — SpiderOak, the ‘zero-knowledge’ privacy cloud backup, sync and sharing provider, is urging legislators to put a priority on passing legislation to protect online privacy. In a world where every interaction has an online component, online privacy rights are consistently being neglected or outright ignored.

SpiderOak CEO Ethan Oberman believes now is the time for legislators to address this critical issue. Consumers’ mobile activity, online Web browsing, gaming and social media are being monitored and recorded by companies without opt-in permission (and in some cases without permissions at all). These companies then sell the users’ data without user knowledge and for significant profit.

60 percent of the most popular online websites violate advertising industry best practices by, among other activities, hosting cookies that collect and enable the sale of personal data [1]. Online ad revenues reached $17 billion in the first half of 2012, a 14 percent increase over the same period in 2011 [2]. Facebook alone made a profit of $1.20 per user in 2011, in part by selling the personal data of its 850 million users [3].

“Privacy is a basic human right. To date — however — major online players such as Google and Facebook have been ignoring that fact,” said Ethan Oberman, CEO of SpiderOak. “Lobbying groups are circling the wagons — intent on preventing the government from passing legislation that protects the privacy rights of consumers and companies alike. The social contract to ‘do no harm’ needs to be refreshed before it is too late. There is no reason why companies can’t be transparent about the information they are collecting, develop fully opt-in strategies and earn a profit all at the same time.”

Private information is a valuable business and companies show no signs of halting their for-profit surveillance. No wonder lobbying organizations like the DMA Data-Driven Marketing Institute are contributing millions of dollars to fight privacy legislation [4].

“SpiderOak has blazed a trail in online privacy by proving users can still enjoy all the benefits of cloud technologies without having to sacrifice the value of their content to anyone and for any reason,” said Oberman. “The steps we’ve taken towards greater transparency and privacy is a beacon for the rest of the industry to follow. We urge the government to pass legislation, such as Do-Not-Track, that will empower and protect users — giving them rights well within the traditions of this great country.”

SpiderOak’s industry-leading ‘Zero-Knowledge’ Privacy Standard takes a holistic approach to privacy that affords the complete protection of user data. File backup, synchronization, and storage are encrypted throughout every stage; SpiderOak never stores the plaintext version of a user’s encryption keys (or password). Even those with direct physical access to the storage servers — such as SpiderOak staff — cannot view any portion of a user’s content including folder names, filenames or file sizes. The complete protection of data is thus ensured.

Sources

[1] World Privacy Forum.

[2] MIT Technology Review, “Online Advertising Poised to Finally Surpass Print,” 17 October 2012.

[3] ITP, “Facebook Scores $1.20 Profit Per User,” 2 February 2012.

[4] The Hill,“Advertisers Launch $1 Million Campaign to Combat Privacy Concerns,” 15 October 2012.

Read original press release on MarketWatch.