May 9, 201115 yr I agree. I signed up for the free 2 GB spideroak account. If it is free to me but gives LimeTech money, why wouldn't I want to do it? Takes maybe 5 minutes, tops. And no one says you actually have to use the spideroak account if you don't want it (I am using mine, though).
May 12, 201115 yr Author RESPONSE FROM SPIDEROAK MARKETING RE: SPIDEROAK VS. CRASHPLAN "CrashPlan has multiple product offerings so it taken me a bit longer to navigate than some of the others products. I'm still working on adding it to our comparison matrix, but I wanted to get back to you regarding the security. CrashPlan has multiple levels of security options. Their default setting of Account Password, allows for a user to recover their password through CrashPlan. That means that using this option gives CrashPlan the ability to view the names of your folders and files in your selected backup. As I mentioned, you can pick additional layers of security that would prohibit a user from being able to recover/reset their password and therefore prevents CrashPlan from seeing your stored information. SpiderOak does not offer various levels of security as we have made security and privacy the foundation of our product. With SpiderOak, you create your password on your own computer -- not on a web form received by SpiderOak servers. Once created, a strong key derivation function is used to generate encryption keys using that password, and no trace of your original password is ever uploaded to SpiderOak with your stored data. SpiderOak's encryption is comprehensive -- even with physical access to the storage servers, SpiderOak staff cannot know even the names of your files and folders. On the server side, all that SpiderOak staff can see, are sequentially numbered containers of encrypted data. This means that you alone have responsibility for remembering your password or 'Password Hint' (which you can create to help you remember) allowing SpiderOak to create a true 'zero-knowledge environment' – keeping your data as safe and secure as it can possibly be. I hope this helps shed some light on why our security measures and practices are stronger than CrashPlan."
May 12, 201115 yr Interesting that they honed in on exactly the same issues we've discussed here regarding crashplan.
May 12, 201115 yr Author @boof - yep, exactly. What I really appreciate is that they are actually willing to talk to people, and adapt to new competitors such as crashplan. I've mentioned to her again that wuala is the one that she really needs to look at carefully, and I've also asked her what features are on their future roadmap. Let's see what she comes back with. P.S. Collected funds now $19.50 $19.75. Sign-up for an absolutely FREE, never-expiring 2GB account here and help my "Light A Fire Under Lime Technology" campaign: https://spideroak.com/download/promo/unraidpromo -- Toby
May 12, 201115 yr @boof - yep, exactly. What I really appreciate is that they are actually willing to talk to people, and adapt to new competitors such as crashplan. I've mentioned to her again that wuala is the one that she really needs to look at carefully, and I've also asked her what features are on their future roadmap. Let's see what she comes back with. It's refreshing to find a technology company that is transparent and doesn't hide the facts of competitors' products. Sign-up for an absolutely FREE, never-expiring 2GB account here and help my "Light A Fire Under Lime Technology" campaign: https://spideroak.com/download/promo/unraidpromo This should totally be in your sig.
May 15, 201115 yr Interresting subject. I signed up for a 2G account to checkout SpiderOak and kind of like it. However I would suggest that security on the share funciton is not nearly as good as it could be. I posted the following to the SpiderOak features request forum and am repeating it here, instead of providing a link, because their forums don't seem to allow public access. I think you have to have a SpiderOak account just to view. Here is what I wrote. I setup an experimental share to get experience with how it works. In the case where I want a share to be truly public, giving out the URL is a nice solution. However if I want to keep a share semi private, where only friends a family can see it, there is a risk. I can tell friends what the Share ID and Room Key is along with instructions to go to spideroak.com and use the share login but the result is the same URL as if I had sent them a URL. Now if all my friends and family were computer savvy folks and understood that the URL need to be protected to keep unwanted people out, that might not be a problem. My fear is that after logging in the URL will remain in browser history or be unwittingly published in a public forum thus exposing my data to the whole world. It would be a great security feature if there were some way for me to configure a higher security share that always forced family and friends to use the Share Login process. I would expect that clicking on a saved or historical link to the share would display a Share Login screen. I completely understand why you would not want all shares to work this way but it would be a really nice option. I also realize that my friends might give or post the Share ID and Room Key other people but that would be deliberate vs. accidentally disclosing the URL. And giving out the Share ID and Room Key would not expose the share content to indexing by search engines. The most secure option would be to allow a share to only be accessible to a specific list of other registered SpiderOak customers. Combine that with a feature to let those customers automatically download updates (kind of like a read only one way sync) to their system and SpiderOak would be an even better product. An option to restrict share access only to other customers would, in my mind, also be an acceptable alternative to always forcing a Share Login as I described above and could be a way to get more people to signup.
May 16, 201115 yr Interresting subject. I signed up for a 2G account to checkout SpiderOak and kind of like it. I signed up too. Found the user interface to be horrible. That's on OSX, maybe it's better on Windows or Linux, but it needs to be cleaned up. Way too confusing. Too many tabs, too many dialog boxes. Appears to be written with a cross platform toolkit. It's simply not a good experience.
May 16, 201115 yr Author @SilverRubicon ... I'm very surprised to hear that. I haven't used the mac interface. On Windows, it's (more than) fine - compared to some others I've used, I was nicely surprised by the clean, usable interface. I guess they need to do more work on their mac version. @greybeard ... yep, I spotted the same weakness too, but upon researching it, I found it mentioned that spideroak were aware of the issue and were working on it, so that's good.
May 16, 201115 yr On Windows, it's (more than) fine - compared to some others I've used, I was nicely surprised by the clean, usable interface. It's written in Python. It's not optimal for any platform. I will say that it's better designed than CrashPlan, but it falls far short of upholding mac UI standards. The syncing functionality is kludgey at best. it's just not very refined from a Mac or Windows perspective. Probably feels right at home on Linux.
May 17, 201115 yr Author @silverubicon ... you mean the main interface is "kludgy" or just the syncing side of things? Personally, I think the GUI is much better than others I've used, but like anything, there's always room for improvement. More Dropbox troubles ... http://www.theregister.co.uk/2011/05/16/dropbox_ftc_not_good_enough/ ... mentions SpiderOak and Wuala as good alternatives because of their security.
June 21, 201115 yr Well...looks like "anyone" can login to your dropbox: http://nakedsecurity.sophos.com/2011/06/21/dropbox-lets-anyone-log-in-as-anyone/ Dropbox suggests on its blog that less than 1% of accounts were accessed during the unprotected period, and that it will contact those users in case the access was unauthorised.
June 21, 201115 yr The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure.
June 22, 201115 yr The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure. I am paranoid about my data (the tax department can audit back seven years; photos can't be replaced; ...) I basically use a system similar to the one you describe, except that I maintain three drives. One at home, which is an up to data backup; One at location A, which at most is one week old; and one at location B; which at most is one month old;
June 23, 201115 yr My concern about cloud backups is what happens if the company stops doing business? What happens to my data? How do I move it somewhere else? Or what if the service gradually increases prices to a level that I find unaffordable? Of course I can backup my current data to some other place, but I won't have the previous versions (if that's part of what was being backed up). After reading through this thread, I much prefer the idea of reciprocal (or not!) backup to a family member.
June 23, 201115 yr My concern about cloud backups is what happens if the company stops doing business? What happens to my data? How do I move it somewhere else? Or what if the service gradually increases prices to a level that I find unaffordable? Of course I can backup my current data to some other place, but I won't have the previous versions (if that's part of what was being backed up). After reading through this thread, I much prefer the idea of reciprocal (or not!) backup to a family member. as the price slowly creeps upward and you weigh it against the time it will take to upload a couple hundred gig backup to a new provider, how likely are you to move it. If disaster strikes how long will it take me to redownload it? I think cloud storage has its place and for me it is more along the lines of online access then restoring hundreds of gig of info. But that is me other people may be fine with it (re: they are not as impatient as me ) Storing a hard drive or two and offsite locations seems like the best option for ME I dont even think I want to backup to a family member over the net. I prefer the speed of local drives. Now the down side to this is it is not always going on in the background so we have to be sure that we actualy initiate the backup and rotate the drives.
June 23, 201115 yr The more I look into this the more I lean toward using an 2 external 2TB drives to back up important stuff in a rotating fashion. Backup to the first drive and store it off site. Back up to the second keep it on site. When a new back up needs to be done add it to the local drive and rotate the locations of the two drives ( bring the onsite off site and the off site home) Just because I am paranoid dosen't mean they are not out to get me It is not as transparent as some of the other methods but it's fast, it's cheap, and secure. I am paranoid about my data (the tax department can audit back seven years; photos can't be replaced; ...) I basically use a system similar to the one you describe, except that I maintain three drives. One at home, which is an up to data backup; One at location A, which at most is one week old; and one at location B; which at most is one month old; The IRS does not scare me!!! There is only so much they can do to me. Now if I lose my photos, what my wife would do to me.........the IRS can't hold a candle to that !!!
June 23, 201115 yr Now if I lose my photos, what my wife would do to me.........the IRS can't hold a candle to that !!! +1 QFT
June 28, 201115 yr I've quickly tried these offline backup solutions and find Crashplan the best. If my father can install it and have it working then that's the software for me. You can select for more security if you want, but when my tested files saved on my computer the files were completely unreadable or made any sense to me at all. They all were encrypted just fine. I also like the fact the Crashplan runs as a service. No need to log into the computer to get it going.
June 30, 201115 yr I've quickly tried these offline backup solutions and find Crashplan the best. If my father can install it and have it working then that's the software for me. You can select for more security if you want, but when my tested files saved on my computer the files were completely unreadable or made any sense to me at all. They all were encrypted just fine. I also like the fact the Crashplan runs as a service. No need to log into the computer to get it going. That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester.
June 30, 201115 yr That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester. It does not so much break the install but when an update happens CrashPlan may not restart properly. I created a couple of buttons to start and stop CrashPlan from the unMenu webGUI. The only requirement if you install it to the RAM based file system is that a new tar file be created after the update happens. I created another button to tar the new install and that new install will take the place of the old one when the server is restarted.
June 30, 201115 yr That is great on the PC end, on UnRaid I read something about client updates breaking things. And since I am a linux idiot I am not sure about how to fix it or how often it happens. As a former Microsoft Trainer I am afraid all my background is in windows. My local community college teaches a few linux classes though. I might go sign up for one next semester. It does not so much break the install but when an update happens CrashPlan may not restart properly. I created a couple of buttons to start and stop CrashPlan from the unMenu webGUI. The only requirement if you install it to the RAM based file system is that a new tar file be created after the update happens. I created another button to tar the new install and that new install will take the place of the old one when the server is restarted. Amazing that you guys have done all of this work for those of us that don't understand this. Thank you, I assure you it is greatly appreciated. (I still think a linux class is in my future) As a former tech trainer, I just have to know how things work
August 14, 201114 yr Author ALL COLLECTED COMMISSIONS FROM SPIDEROAK SIGN-UPS WILL BE DONATED TO LIME TECHNOLOGY TO PAY FOR FURTHER IMPROVEMENTS/UPDATES TO UNRAID (so it'll benefit all of us). I will NOT keep one single cent of the commissions for myself. I will post the final results of the commissions/donations at the appropriate time for everyone to see. VISIT SPIDEROAK WEBSITE HERE: http://www.spideroak.com SIGN UP USING THIS LINK: https://spideroak.com/download/promo/unraidpromo I'm just confirming that I sent the final amount of collected commissions ($US20.50) to Tom/Lime Technology as a donation today. Thanks to everyone for your support. I'm still quite happy with SpiderOak although now that I've been using the product for a few months, I admit I'm rather disappointed with their sloooooooooowwwwwww development and bug fixing (avoid the Sync feature at all costs! (it likes to delete files)). I'm still very happy with the security of the product and can only hope they start to move their development along a bit faster. Time will tell...
January 22, 201313 yr I started a new post on SpiderOak here: http://lime-technology.com/forum/index.php?topic=25459.0 Any news or updates?
Archived
This topic is now archived and is closed to further replies.