While I haven’t tried to confirm this, that discssion could be why SpiderOak now uses the phrase, “No Knowledge” to describe their products instead of the more commonly used term, “Zero Knowledge.” How does SpiderOak One implement zero knowledge encryption? The discussion included participants from SpiderOak. The essence of zero-knowledge proofs is that it is trivial to prove that one possesses knowledge of certain information by simply revealing it the challenge is to prove such possession without revealing the information itself or any additional information.īack in 2017 there was a discussion of this issue on, including the use of zero knowledge in conjunction with SpiderOak’s use of the term. Per Wikipedia,Ī zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x. NOTE: There is some controversy in the privacy community about the use of the phrase “zero knowledge.” The phrase is used in a very specific context in cryptography. Someone with access to the Tresorit servers could find out a lot about your activities from this information, even without being to read your data. This information can include the name of the folder, its size, and which other users have access to that folder. But information about Tresorit’s folders (called Tresors) is not encrypted. A service could provide end-to-end encryption of your data, but still have access to this kind of information.įor example, Tresorit provides strong end-to-end encryption for all your data. And the files that contain your data have names. When you store something, there is more to it than just the data itself. However, just because your data is encrypted, that doesn’t mean that the service knows nothing. This means that your data is encrypted before it leaves your device, and remains encrypted when it is on the service’s servers. Most privacy-oriented services offer end-to-end encryption. So why are we even discussing this service? Because of their zero knowledge approach to your data.
It makes sense to assume that any data stored in the USA is accessible to the National Security Agency ( NSA) and other US intelligence organizations.
That probably raises a red flag for you, since a rule of thumb in the privacy world is you do not want your data stored in the United States. The SpiderOak ONE datacenters are located somewhere in the midwestern United States. Where does SpiderOak One store user data?
However, if you are willing to use only the desktop apps, the design of SpiderOak One goes a long way toward mitigating any risk caused by the company’s geographic location. The company is based in the United States, which you might consider a drawback thanks to the country’s status as the home of the NSA, CIA, and the heart of the Five Eyes intelligence alliance. Beyond SpiderOak One Backup, they produce an enterprise-level backup product (SpiderOak Enterprise Backup) and other products. SpiderOak was founded in 2006 to develop online backup solutions. Synchronizes across all your devices and browsers.“No Knowledge” (zero knowledge) encryption using AES-256, HMAC-SHA-256, PBKDF2.
#Spideroak ios android
Android and iOS apps have been eliminated since our last review.
#Spideroak ios mac
0 kommentar(er)
