Rajahal Posted May 9, 2011 Share Posted May 9, 2011 I agree. I signed up for the free 2 GB spideroak account. If it is free to me but gives LimeTech money, why wouldn't I want to do it? Takes maybe 5 minutes, tops. And no one says you actually have to use the spideroak account if you don't want it (I am using mine, though). Quote Link to comment
toby9999 Posted May 12, 2011 Author Share Posted May 12, 2011 RESPONSE FROM SPIDEROAK MARKETING RE: SPIDEROAK VS. CRASHPLAN "CrashPlan has multiple product offerings so it taken me a bit longer to navigate than some of the others products. I'm still working on adding it to our comparison matrix, but I wanted to get back to you regarding the security. CrashPlan has multiple levels of security options. Their default setting of Account Password, allows for a user to recover their password through CrashPlan. That means that using this option gives CrashPlan the ability to view the names of your folders and files in your selected backup. As I mentioned, you can pick additional layers of security that would prohibit a user from being able to recover/reset their password and therefore prevents CrashPlan from seeing your stored information. SpiderOak does not offer various levels of security as we have made security and privacy the foundation of our product. With SpiderOak, you create your password on your own computer -- not on a web form received by SpiderOak servers. Once created, a strong key derivation function is used to generate encryption keys using that password, and no trace of your original password is ever uploaded to SpiderOak with your stored data. SpiderOak's encryption is comprehensive -- even with physical access to the storage servers, SpiderOak staff cannot know even the names of your files and folders. On the server side, all that SpiderOak staff can see, are sequentially numbered containers of encrypted data. This means that you alone have responsibility for remembering your password or 'Password Hint' (which you can create to help you remember) allowing SpiderOak to create a true 'zero-knowledge environment' – keeping your data as safe and secure as it can possibly be. I hope this helps shed some light on why our security measures and practices are stronger than CrashPlan." Quote Link to comment
boof Posted May 12, 2011 Share Posted May 12, 2011 Interesting that they honed in on exactly the same issues we've discussed here regarding crashplan. Quote Link to comment
toby9999 Posted May 12, 2011 Author Share Posted May 12, 2011 @boof - yep, exactly. What I really appreciate is that they are actually willing to talk to people, and adapt to new competitors such as crashplan. I've mentioned to her again that wuala is the one that she really needs to look at carefully, and I've also asked her what features are on their future roadmap. Let's see what she comes back with. P.S. Collected funds now $19.50 $19.75. Sign-up for an absolutely FREE, never-expiring 2GB account here and help my "Light A Fire Under Lime Technology" campaign: https://spideroak.com/download/promo/unraidpromo -- Toby Quote Link to comment
aiden Posted May 12, 2011 Share Posted May 12, 2011 @boof - yep, exactly. What I really appreciate is that they are actually willing to talk to people, and adapt to new competitors such as crashplan. I've mentioned to her again that wuala is the one that she really needs to look at carefully, and I've also asked her what features are on their future roadmap. Let's see what she comes back with. It's refreshing to find a technology company that is transparent and doesn't hide the facts of competitors' products. Sign-up for an absolutely FREE, never-expiring 2GB account here and help my "Light A Fire Under Lime Technology" campaign: https://spideroak.com/download/promo/unraidpromo This should totally be in your sig. Quote Link to comment
toby9999 Posted May 13, 2011 Author Share Posted May 13, 2011 @aiden - re: sig ... good idea! Quote Link to comment
greybeard Posted May 15, 2011 Share Posted May 15, 2011 Interresting subject. I signed up for a 2G account to checkout SpiderOak and kind of like it. However I would suggest that security on the share funciton is not nearly as good as it could be. I posted the following to the SpiderOak features request forum and am repeating it here, instead of providing a link, because their forums don't seem to allow public access. I think you have to have a SpiderOak account just to view. Here is what I wrote. I setup an experimental share to get experience with how it works. In the case where I want a share to be truly public, giving out the URL is a nice solution. However if I want to keep a share semi private, where only friends a family can see it, there is a risk. I can tell friends what the Share ID and Room Key is along with instructions to go to spideroak.com and use the share login but the result is the same URL as if I had sent them a URL. Now if all my friends and family were computer savvy folks and understood that the URL need to be protected to keep unwanted people out, that might not be a problem. My fear is that after logging in the URL will remain in browser history or be unwittingly published in a public forum thus exposing my data to the whole world. It would be a great security feature if there were some way for me to configure a higher security share that always forced family and friends to use the Share Login process. I would expect that clicking on a saved or historical link to the share would display a Share Login screen. I completely understand why you would not want all shares to work this way but it would be a really nice option. I also realize that my friends might give or post the Share ID and Room Key other people but that would be deliberate vs. accidentally disclosing the URL. And giving out the Share ID and Room Key would not expose the share content to indexing by search engines. The most secure option would be to allow a share to only be accessible to a specific list of other registered SpiderOak customers. Combine that with a feature to let those customers automatically download updates (kind of like a read only one way sync) to their system and SpiderOak would be an even better product. An option to restrict share access only to other customers would, in my mind, also be an acceptable alternative to always forcing a Share Login as I described above and could be a way to get more people to signup. Quote Link to comment
SilverRubicon Posted May 16, 2011 Share Posted May 16, 2011 Interresting subject. I signed up for a 2G account to checkout SpiderOak and kind of like it. I signed up too. Found the user interface to be horrible. That's on OSX, maybe it's better on Windows or Linux, but it needs to be cleaned up. Way too confusing. Too many tabs, too many dialog boxes. Appears to be written with a cross platform toolkit. It's simply not a good experience. Quote Link to comment
toby9999 Posted May 16, 2011 Author Share Posted May 16, 2011 @SilverRubicon ... I'm very surprised to hear that. I haven't used the mac interface. On Windows, it's (more than) fine - compared to some others I've used, I was nicely surprised by the clean, usable interface. I guess they need to do more work on their mac version. @greybeard ... yep, I spotted the same weakness too, but upon researching it, I found it mentioned that spideroak were aware of the issue and were working on it, so that's good. Quote Link to comment
SilverRubicon Posted May 16, 2011 Share Posted May 16, 2011 On Windows, it's (more than) fine - compared to some others I've used, I was nicely surprised by the clean, usable interface. It's written in Python. It's not optimal for any platform. I will say that it's better designed than CrashPlan, but it falls far short of upholding mac UI standards. The syncing functionality is kludgey at best. it's just not very refined from a Mac or Windows perspective. Probably feels right at home on Linux. Quote Link to comment
toby9999 Posted May 17, 2011 Author Share Posted May 17, 2011 @silverubicon ... you mean the main interface is "kludgy" or just the syncing side of things? Personally, I think the GUI is much better than others I've used, but like anything, there's always room for improvement. More Dropbox troubles ... http://www.theregister.co.uk/2011/05/16/dropbox_ftc_not_good_enough/ ... mentions SpiderOak and Wuala as good alternatives because of their security. Quote Link to comment
mbryanr Posted June 21, 2011 Share Posted June 21, 2011 Well...looks like "anyone" can login to your dropbox: http://nakedsecurity.sophos.com/2011/06/21/dropbox-lets-anyone-log-in-as-anyone/ Dropbox suggests on its blog that less than 1% of accounts were accessed during the unprotected period, and that it will contact those users in case the access was unauthorised. Quote Link to comment
johnm160 Posted June 21, 2011 Share Posted June 21, 2011 The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure. Quote Link to comment
mcs Posted June 22, 2011 Share Posted June 22, 2011 The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure. I am paranoid about my data (the tax department can audit back seven years; photos can't be replaced; ...) I basically use a system similar to the one you describe, except that I maintain three drives. One at home, which is an up to data backup; One at location A, which at most is one week old; and one at location B; which at most is one month old; Quote Link to comment
sonofdbn Posted June 23, 2011 Share Posted June 23, 2011 My concern about cloud backups is what happens if the company stops doing business? What happens to my data? How do I move it somewhere else? Or what if the service gradually increases prices to a level that I find unaffordable? Of course I can backup my current data to some other place, but I won't have the previous versions (if that's part of what was being backed up). After reading through this thread, I much prefer the idea of reciprocal (or not!) backup to a family member. Quote Link to comment
johnm160 Posted June 23, 2011 Share Posted June 23, 2011 My concern about cloud backups is what happens if the company stops doing business? What happens to my data? How do I move it somewhere else? Or what if the service gradually increases prices to a level that I find unaffordable? Of course I can backup my current data to some other place, but I won't have the previous versions (if that's part of what was being backed up). After reading through this thread, I much prefer the idea of reciprocal (or not!) backup to a family member. as the price slowly creeps upward and you weigh it against the time it will take to upload a couple hundred gig backup to a new provider, how likely are you to move it. If disaster strikes how long will it take me to redownload it? I think cloud storage has its place and for me it is more along the lines of online access then restoring hundreds of gig of info. But that is me other people may be fine with it (re: they are not as impatient as me ) Storing a hard drive or two and offsite locations seems like the best option for ME I dont even think I want to backup to a family member over the net. I prefer the speed of local drives. Now the down side to this is it is not always going on in the background so we have to be sure that we actualy initiate the backup and rotate the drives. Quote Link to comment
johnm160 Posted June 23, 2011 Share Posted June 23, 2011 The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure. I am paranoid about my data (the tax department can audit back seven years; photos can't be replaced; ...) I basically use a system similar to the one you describe, except that I maintain three drives. One at home, which is an up to data backup; One at location A, which at most is one week old; and one at location B; which at most is one month old; The IRS does not scare me!!! There is only so much they can do to me. Now if I lose my photos, what my wife would do to me.........the IRS can't hold a candle to that !!! Quote Link to comment
aiden Posted June 23, 2011 Share Posted June 23, 2011 Now if I lose my photos, what my wife would do to me.........the IRS can't hold a candle to that !!! +1 QFT Quote Link to comment
opentoe Posted June 28, 2011 Share Posted June 28, 2011 I've quickly tried these offline backup solutions and find Crashplan the best. If my father can install it and have it working then that's the software for me. You can select for more security if you want, but when my tested files saved on my computer the files were completely unreadable or made any sense to me at all. They all were encrypted just fine. I also like the fact the Crashplan runs as a service. No need to log into the computer to get it going. Quote Link to comment
johnm160 Posted June 30, 2011 Share Posted June 30, 2011 I've quickly tried these offline backup solutions and find Crashplan the best. If my father can install it and have it working then that's the software for me. You can select for more security if you want, but when my tested files saved on my computer the files were completely unreadable or made any sense to me at all. They all were encrypted just fine. I also like the fact the Crashplan runs as a service. No need to log into the computer to get it going. That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester. Quote Link to comment
prostuff1 Posted June 30, 2011 Share Posted June 30, 2011 That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester. It does not so much break the install but when an update happens CrashPlan may not restart properly. I created a couple of buttons to start and stop CrashPlan from the unMenu webGUI. The only requirement if you install it to the RAM based file system is that a new tar file be created after the update happens. I created another button to tar the new install and that new install will take the place of the old one when the server is restarted. Quote Link to comment
johnm160 Posted June 30, 2011 Share Posted June 30, 2011 That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester. It does not so much break the install but when an update happens CrashPlan may not restart properly. I created a couple of buttons to start and stop CrashPlan from the unMenu webGUI. The only requirement if you install it to the RAM based file system is that a new tar file be created after the update happens. I created another button to tar the new install and that new install will take the place of the old one when the server is restarted. Amazing that you guys have done all of this work for those of us that don't understand this. Thank you, I assure you it is greatly appreciated. (I still think a linux class is in my future) As a former tech trainer, I just have to know how things work Quote Link to comment
toby9999 Posted August 14, 2011 Author Share Posted August 14, 2011 ALL COLLECTED COMMISSIONS FROM SPIDEROAK SIGN-UPS WILL BE DONATED TO LIME TECHNOLOGY TO PAY FOR FURTHER IMPROVEMENTS/UPDATES TO UNRAID (so it'll benefit all of us). I will NOT keep one single cent of the commissions for myself. I will post the final results of the commissions/donations at the appropriate time for everyone to see. VISIT SPIDEROAK WEBSITE HERE: http://www.spideroak.com SIGN UP USING THIS LINK: https://spideroak.com/download/promo/unraidpromo I'm just confirming that I sent the final amount of collected commissions ($US20.50) to Tom/Lime Technology as a donation today. Thanks to everyone for your support. I'm still quite happy with SpiderOak although now that I've been using the product for a few months, I admit I'm rather disappointed with their sloooooooooowwwwwww development and bug fixing (avoid the Sync feature at all costs! (it likes to delete files)). I'm still very happy with the security of the product and can only hope they start to move their development along a bit faster. Time will tell... Quote Link to comment
MartinQ Posted January 22, 2013 Share Posted January 22, 2013 I started a new post on SpiderOak here: http://lime-technology.com/forum/index.php?topic=25459.0 Any news or updates? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.