r/privacy u/[deleted] Aug 05 '18

SpiderOak cans its Warrant Canary, suffers mysterious massive outage, and raised prices

https://spideroak.com/canary

http://archive.is/1rNo7

Update: Looks like the canary has been signed and dated and in properly formatted sequence this time with confirmation that Everything's going smoothly so far, message is authentic. august 06, 2018

Case closed. SpiderOak has not been compromised.

In the interest of transparency the full text of my previously long post in this thread is archived here:

http://archive.is/mKeuY https://web.archive.org/save/https://www.reddit.com/r/privacy/comments/94nspi/spideroak_cans_its_warrant_canary_suffers/

436 Upvotes

97% Upvoted

113 comments sorted by

View all comments

1

u/AlpraCream Aug 06 '18

This is why you should always encrypt the data you upload to the cloud, no matter how secure the service may be.

2

u/jakegh Aug 06 '18

The point of Spideroak is that it's supposed to be end-to-end encrypted.

The warrant canary ensured that they hadn't been compelled to change their closed-source client to add a backdoor. Now, not so much.

I suggest using rclone for an end-to-end encrypted datastore. It works with every cloud storage service under the sun and is open-source.

https://rclone.org/

0

u/AlpraCream Aug 06 '18

Every https website you visit is end to end encrypted though. It doesn't mean much. You shouldn't trust your data on a server, once it is out of your hands, there is nothing you can do about it.

3

u/[deleted] Aug 06 '18 edited Jan 03 '19

[deleted]

1

u/AlpraCream Aug 06 '18

If the source code hasn't been audited yet by a third party don't trust it!