SpiderOak’s canary

I used SpiderOak for a while a couple of years ago, and liked it, but not enough to pay for it. When they stopped offering their free tier I went back to Dropbox. SpiderOak said they encrypted everything, but that wasn’t important to me and I didn’t rely on it. In any case I’m not going to trust any encryption product that isn’t open source. More, I don’t trust anything I don’t understand, which in practice limits me to the Imelda’s-shoes protocol. SpiderOak said they were committed to having everything open source eventually, but they seem not to have got there yet.

Now it seems SpiderOak’s Warrant Canary Died. They say it didn’t really die, but that they changed to a transparency report or something. As far as I can tell, that means either that they accidentally killed their canary, and so don’t rely on SpiderOak for encrypted file storage, or that the canary functioned as designed, and so don’t rely on SpiderOak for encrypted file storage.

Again, SpiderOak worked fine for me when I used it, and there’s no reason I know to trust them less than Dropbox; but there’s no reason to trust them any more than Dropbox either.

Advertisements