Ed Note: 6 months after writing this, I switched again, this time to Google Drive, which is also encrypted. While their encryption may have some issues that are important to be aware of (for example, Google Drive files are not encrypted when stored on a mobile devices, according to this source), SpiderOak hive presented functional issues that were very challenging. Once I exceeded the 2 GB free space limit, it became quite cumbersome to manage which files were kept on which devices versus the backup that SpiderOak made. Google Drive is much simpler to use and provides far more storage for free. That being said, if you are considering cloud storage as an organizational standard, it is very important to get educated about the security pros and cons of doing so and take measures appropriate for the types of content you will store. – K. Walsh, 12/5/15
People Don't Care Much About Encryption, Until They get Burned
I've been a delighted Dropbox user for years. The functionality it offers is brilliant. If you want to be able to easily access and edit the same files from different computers and mobile devices like tablets and/or smartphones, you need this functionality.
At no cost*, Dropbox and similar services will allow you to store files on one device and have them automatically synchronized to other computers and devices. This is powerful, convenient, enabling functionality. Lots of educators, and people from all walks of life, have jumped on the file synchronizing bandwagon (Dropbox surpassed 300 million users in April).
*When I say “no cost”, that depends on the volume of storage you have – Dropbox offers 2 GB for free and will grow that depending on a few factors. At a certain point you need to start paying for additional storage.
BUT (and this is a mighty big BUT!), Dropbox files are not as fully encrypted as SpiderOak's.
So Why do I Care About Encryption?
Do you have any idea how easy it is for hackers to break into your wireless signal and access the data you are sending over it? My son did it at 15 by just looking it up on the Internet. He's a bright kid, but you don't have to be a rocket scientist to learn this stuff.
So how do you protect yourself? Well, that's where encryption can play a vital role.
Encryption is the process whereby data is scrambled and encoded (using an algorithm), before it is sent, and then un-encoded when it reaches the other end. Modern encryption coding is very difficult to break and far beyond most hackers.
Un-encrypted data, on the other hand, means people who can access it can see it … all the text, numbers, etc., in your files and data.
Whenever you are sending data over a wireless connection, anyone who can access that wireless network can see it, so if it isn't encrypted, they can read it. It is not very hard to break into many wireless networks, and if it is a public wireless network (like those at many hotels, conferences airports, and some schools), it is already accessible.
That's Why I Prefer SpiderOak
SpiderOak uses a “Zero Knowledge” approach, which means that no one at SpiderOak will ever see your data. They give you 2 GB for free (you can get 30 GB for just $7/month). I moved my DropBox files there, and had to turn on some settings on each computer I installed SpiderOak on, and I haven't looked back. Now I can rest assured that my files are not available to anyone. File reads are a bit slower because of the encryption, but you probably won't really notice it (the only time I do is when I search a folder with lots of images in it).
Of course, you can still use Dropbox for stuff that you're not concerned about someone else accessing. It's an excellent “read only” repository and it's super easy to install and use. I love what the tool does, but I'm just not putting anything there if I have any concerns about anyone accessing it.
Live and Learn, right? When I first wrote this, I was not aware that Dropbox used encryption at all, but they do (it is not something they make obvious on their site, and I had misinterpreted something I read elsewhere). Apparently, Dropbox files are encrypted when they are “in flight”. However, what still makes SpiderOak better in terms of privacy is that the way Dropbox works, they can potentially un-encrypt your files and read them (and it seems they are unencrypted at one point in the process), whereas SpiderOak uses a “Zero Knowledge” approach, which means that no one at SpiderOak will ever see your data.
Thank you to those who commented, which led to further research, and helped to improve my understanding! I have updated the post accordingly.
[…] Why I Switched from Dropbox to SpiderOak. […]
According to the Dropbox website and staff members that I’ve talked to, they encrypt all files on their server and in transit. They’re unencrypted on your own computer if you don’t have encryption set up there, but everything from your network connection to-and-including their servers is encrypted. Apparently.
Your article came up in my newsfeed this morning and immediately piqued my interest. As I considered the files sitting in my Dropbox account, I became very concerned. So, I did some research and found this article…http://www.alphr.com/dropbox/1000326/how-secure-are-dropbox-icloud-google-drive-and-onedrive.
According to it, Dropbox does have levels of encryption in place. Has this changed since this article was written in January? Does SpiderOak offer better encrytion than the levels highlighted in this article? I definitely want to make choices that will keep my files as safe as possible, so any additional information you can provide is much appreciated!