Support & Knowledge Base

FAQs

Still have questions? We have answers! Check out our Frequently Asked Questions for everything you need on SpiderOak

Do ShareRooms violate Zero-Knowledge?

Zero-Knowledge means that only you are able to access the data in a readable format. This means that anytime you publicly share files online, they're no longer Zero-Knowledge. Information that has been placed in a ShareRoom is not Zero-Knowledge for as long as the ShareRoom exists, since other users can access it without knowing your password and the email address associated with your account. You can password protect your ShareRoom, but the files within it are temporarily stored in plaintext and are therefore no longer Zero-Knowledge.

However, creating a ShareRoom does not violate the Zero-Knowledge of any of your other data. Only the files which have been specifically placed in the ShareRoom are accessible without your password and the email address associated with your account. Files in the ShareRoom are temporarily stored and cached in plaintext, whereas the rest of your account is never stored on our servers in plaintext.

How did this happen? How is your the privacy of all the other unshared items preserved, while yet being able to arbitrarily choose to share various portions? Most storage providers -- if they offer encryption at all -- only use one encryption key per account. Instead, SpiderOak uses a nested system of many small scoped encryption keys. When you create a ShareRoom, the SpiderOak client makes public the encryption keys of appropriate scope for the contents of that ShareRoom. This makes it possible for our webservers to present the contents to visitors, but nothing beyond the ShareRoom is known.

Couldn't find an answer to your question? Email our support with your question.

Have a Question?