Archives for posts with tag: cloud

I am looking for a secure cloud service. One of the options I considered was SpiderOak. However, after reading the following explanation about how the mobile version works, I started to get worried.

[..W]hen accessing your data via the SpiderOak website or on a mobile device you must enter your password. The password will then exist in the SpiderOak server memory for the duration of your browsing session. For this amount of time your password is stored in encrypted memory and never written to an unencrypted disk. The moment your browsing session ends your password is destroyed and no further trace is left.

The instance above represents the only situation where your data could potentially be readable to someone with access to the SpiderOak servers. That said, no one except a select number of SpiderOak employees will ever have access to the SpiderOak servers. To fully retain our ‘zero-knowledge’ privacy, we recommend you always access your data via the SpiderOak desktop application which downloads your data before decrypting it locally.

Read the rest of this entry »

I have written about the fuzzy mud puddle test before. It turns out it is misleading. Even a cloud storage provider that fails this test may still be able to decrypt your files without your explicit cooperation.

Read the rest of this entry »

Vanavond vindt weer de Big Brother Awards plaats. Ik kan er helaas niet bij zijn. Laat me daarom in deze blog post uitleggen waarom ik de Belastingdienst heb genomineerd voor de expertprijs.

Read the rest of this entry »