I started using SpiderOak encrypted cloud storage after learning about it on Security Now years ago.
On April 23, 2024, my SpiderOak service went offline and from research I found they were migrating to a new data center. No other information was available. Their support team is not keeping customers informed.
They have not updated their software in the last 5 years, and do not support 2FA login.
The outage lasted over 2 weeks for me and other users are still offline as service is being restored.
Their website notice, as of today, May 15, reads: Service Outage and Maintenance
The SpiderOak team continues to work on restoring service for our customers. We understand your frustration about the downtime and apologize for the inconvenience this creates. Once service is restored, we will send emails confirming this to all customers.
Many frustrated users are leaving. I have switched to Filen encrypted cloud storage, based in Germany, and it is working fine for me on Windows 10. Using some referral links, I was able to get 50 GB of free storage for life.
I use the well-known 3-2-1 backup strategy for my files, so a cloud storage outage is not critical in my use case. I keep multiple local backup copies using FreeFileSync to Samsung FIT Plus TLC and Transcend JetFlashMLC flash drives, stored air-gapped in a fireproof safe.
I also do an annual backup of important files to Verbatim Data Life Plus archival-grade DVDs.
Wow, I had not heard of these guys, but I think I am glad of that! I’m sure that they won’t be able to survive. If they get people’s data back I’m sure most people will run as fast as they can.
I hav used Wasabi for years but ended up cancelling my account a few weeks ago. I have used them for backing up static data that never changed. I had less than 1TB of data but they started charging me for 4TB of deleted data and couldn’t prove how that was possible. They have a ridiculous 90 day deletion policy so my month charge went from about $7 to $54 for no reason.
It was highlighted on Security Now!, Episode 349, April 19th, 2012: Cloud Storage Solutions.
It was one of the first services that offered client-side zero knowledge encryption where the storage service did not have the encryption keys, what Steve called Trust No One (TNO) security.
I opened an account in 2012 and have used it for encrypted offsite record keeping and sync to 3 PCs.
Edward Snowden recommended SpiderOak for zero knowledge privacy in 2014.
But, they have not updated the software in 5 years, and the company has changed its mission to focus on cybersecurity for space operations for national defense. So, they are more interested in DOD contracts now, not consumer and small business cloud storage.
They also happen to be located in the Midwest USA, known as Tornado Alley. So, I’m glad this incident happened, to motivate me to take a look at current alternative choices, and move to offshore cloud storage with Filen in Germany. They are a young company, hiring more engineers.
SpiderOak does not disclose the configuration, storage provider, or location of their data storage, other than somewhere in the Midwest USA. Their office is in Kansas City. They have been silent, so no one knows the reason for the outage.
FIlen has a white paper on their website that states:
Filen operates it’s infrastructure and does not rely on any third party cloud providers.
All hardware is hosted in secure facilities located in Germany.
Database clusters of multiple nodes are replicated to multiple datacenters
Storage cluster using 6+3 erasure coding split into multiple datacenters to ensure data consistency and availability. Failed hard drives can be hot swapped in minutes.
So, users should check the redundancy used by cloud storage services for high availability of data, avoiding a single point of failure.
The information Security Triad (CIA Triad) requires Confidentiality, Integrity, and Availability.
Filen also displays a real-time status page that shows any current or previous outages.
I’d be careful about Google tbh, given their track record of shuttering services.
There is a photo storage company out there called Forever which has a unique financial structure which would supposedly allow it to continue in the midst of corporate failure. They only do photo storage but I wonder if that sort of structure would work for regular storage too.