After lies about Dropbox Employees not being able to see your files, then proving that they do not do regression testing on their security, the latest change in terms of service really was the last drop. So I dropped dropbox.
I had become dependent on Dropbox to transfer files between my private and work machines, having my notes, configuration files and (encrypted thank god) password databases handy at all times. Searching around, there is really no other service like it. Although lots of products claim to have the same functionality, the “share this folder between all my machines” feature which dropbox proviced is really unsurpassed.
I had to find an alternative solution which would meet the following criterea:
- has to be a single, native folder, instantly syncing with all other machines
- has to be free or *really* cheap, minimum 2GB
- has to use an encryption technology where no one else can ever read my files, not even the hosting party, not even at gunpoint
- has to have client software for Windows, Mac and Linux
- accessing data on my iPhone would be a nice bonus.
After some browsing around, there are two solutions that come close, one is Wuala, and the other is Spideroak.
For one additonal GB of storage for life, use my referal link to register at SpiderOak. Read the whole article to add another 5GB to that.
Why not Wuala?
Wuala looked really cool at first. It looked like they had a native Mac app, and easy syncing between computers. As it turns out, it’s nastier than that. The Mac client is effectively a slow Java program in which you need to drag and drop your files to get them uploaded/downloaded. That’s not seemless. There is a MacFUSE client that comes with the download, but that affectively makes Wuala into a seperate drive (not a local folder), and the MacFUSE client is low on support, and not compiled as 64bit runtime.
Scanning the Wuala forums, there seemed too much confusion and bugs around the whole software product. Being made by a hardware manufacturer, that doesn’t really surprise me.
Spideroak has native clients for all platforms, and ticks all the boxes in my requirements list, really nailing it in the security department. Spideroak even conforms to my “https please” blogpost. A bit of poking around revealed that it is written in Python, and knowing that you can spot some Qt UI elements.
Enough talk. How do I get my magically synced folder back?
Spideroak is really targeted at backup, and has “sync” as a feature. So in order to get only syncing working, you need to setup a backup for that folder. Don’t worry, here are all the steps you need to take to migrate from dropbox to Spideroak:
- Cancel your dropbox account as described on the dropbox help pages.
- Uninstall dropbox from all your machines. Please note that this will not remove your dropbox folder. Your data will be safe. We can only hope that dropbox will remove that data from their servers, but I wouldn’t bet on it.
- Rename your “dropbox” folder into “Spideroak” if you really want to remove all dropbox references.
- Sign up at Spideroak with this referal link, and use the promocode “worldbackupday” to increase your storage for free to 5GB for one year, PLUS 1GB of free storage if you used my referal link. That’s a total of 6 free GB!
- Download the client for your platform(s) and install it on all machines where you had dropbox running (no reboot required).
- After installation, click on the “backup” tab, click on the “advanced” button on the right, and select your Spideroak (former dropbox) folder. Click save. Spideroak should now start backing up that folder.
- Syncing this folder with other computers is a bit strange in Spideroak, since you need to “pair” folders. I choose to have one “central” computer, which is my Mac Mini, which is always on and will serve as the “center” of the synchronization setup. It does not have to be always on, it’s just administrative convenience. You will not notice the difference later on, don’t worry.
- Repeat the installation process on any other computer you removed dropbox from.
- Now for the crucial part: On one of your computers, click on the “Sync” tab and connect all the Spideroak folders on your machines in one sync job.
In the screenshot above I have four machines/devices. To add a fifth, I would have to click the little “+” to add a sync folder and select the folder on the fifth machine. - Once the backup is complete, Spideroak will start syncing all your synced folders to all machines.
If everything went as planned, Spideroak will now act as dropbox. You’ll have a local folder where you can put stuff in, and it will get magically transferred in the background to all your devices. Please note that this will not be as fast as you were used to with dropbox.
I’ve written a feature request to Spideroak to make a simple client which just syncs a folder to *any* machine in the account, without exposing all this setup trickery to the end user. If you want to help promote that feature request, drop them a line and refer to ticket [SOS #56358]. Because in the end, all the world wants is a safe, simple dropbox.
From now on, you never have to worry about the brilliant people who invented dropbox, surrounded by the incompitent idiots and lawyers which will ruin the company for good.
Goodbye dropbox, sorry to see you go.
Follow this blog via your RSS reader.
Rolfje's blog 
Thanks for checking out Dropbox alternatives! I was thinking about moving when it turned out they could read my files. But then again, I just got my entire band to start to use Dropbox to share files, and I didn’t want to bother them. The change in TOS, however, is a different story. Not only can they access my files, they can use them for their own benefit too? That means my band’s music could be used in a commercial, without us having any say in it. That’s not how we roll.
Goodbye dropbox, sorry to see you go.
PS: it would seem that you server’s timezone handling is a bit off. It states that I posted the above at “Sunday 2011-07-03 at 20:19 GMT +0000”. The time and date are correct, but only in CEST rather than GMT.
Timezones are always a problem, even when you leave it to your hosting party (this wordpress blog is hosted at wordpress 😉 )
That’s hugely useful, thanks. Precisely the information I was looking for. I was prepared to let the dropbox ‘open door’ lapse go just this once (as I do my own encryption anyway)… but the totalitarian terms of service changes were a step too far. I guess the decision was finally made at dropbox to for for quantity (of users), not quality. Anyone who seriously values their data cannot now reasonably choose dropbox without doing a chunk of their own client-side security prep…. which kind of defeats the object of the service. Anyway, enough whinging. Thanks dude.
Just got word back from SpiderOak:
“Please keep in mind we are not DropBox and have no intentions of mimicking their service. That said, we are indeed currently working on redesigning the client to be much easier to navigate and also provide OS integration.”
I really think SpiderOak is missing out on a big potential customer base here, but let’s hope for the best.
And yes, the “Sync AddressBook contacts with a Symbolic link” trick still works, too. Just replace “Dropbox” with “SpiderOak”:
http://forums.dropbox.com/topic.php?id=4085
I am not sure why people have taken so long to discover spideroak. Personally, I always preferred it to Dropbox.
A word of caution, however, about their sync feature. I don’t think it is production ready. Try deleting a folder on the non-central machine. It will magically reappear. Worse still go away on a business trip for a week where you might not be able to sync. In that time make some folder and document changes and on return after sync you will find whole directories just deleted by Spideroak. This happened to me and I had the tedious task of individually downloading the missing files again from backup. Kind of defeated the effort of re-arranging some of those folders whilst away!
In terms of features and usability, if you are looking for a folder which is magically shared between machines to replace your USB stick, Dropbox still outperforms SpiderOak hands down. No setup, instant sync, beautiful OS integration. SpiderOak is only discovered because DropBox has a price people don’t want to pay, and that’s privacy and ownership.
In my house I only have Macs, which have TimeMachine, and I use Crashplan on occasion, so I’m not looking for a backup solution (as so many other people out there). The world needs a sync service. Because with that, you have implemented off-site backup without even knowing you did. That’s why I mailed SpiderOak that they should build a seperate “for dummies” client with just DropBox-like functionality of sharing 1 single folder with all machines in the account. But as mentioned, this is not the way they want to go.
New promo from SpiderOak:
“Signup with SpiderOak now using the promotion code ‘hurricanesafe’ and we will give you 5 GBs of free storage for life (as opposed to our regular 2 free GBs) and a 30% discount off all yearly paid storage plans.”
Read about it here: https://spideroak.com/blog/20110827003548-hurricane-irene-never-too-late-to-backup
(No I don’t work at SpiderOak. I like to help people and get an extra free GB every now and then when people use my referral link. You can do that too!)
The 5gb u/g is still working, and can be used by people with existing free accounts (remains a free account)
I have used spideroak for over a year because security is important to me. I wish I could use Dropbox, however, because I have repeated problems with spideroak. I have an issue that repeatedly pops up, randomly, with SpiderOak and I am not alone as I have googled this issue and found plenty of other folks experiencing the same problem. Spider Oak backs up my files, yet hangs up at the very end and does not complete the backup. I email tech support, they fix it, and do so in a timely fashion. However, whatever they do to fix it only lasts a few months and then the problem reappears. Using spideroak, in my experience, is like being a part of a crap shoot were the odds are with you but who expects odds when using a backup product. A product that backs up my sensitive data should work all of the time, not just most of the time. In fact, I have been able to use it all weekend because once again, it will not complete my backups. Maybe this is why macworld gives it such a poor rating?
I can’t say it has been completely flawless on my side either, but I’ve never lost data. I’m only using SpiderOak to mimic the dropbox functionality.
For actual backups of photos and other data I don’t use online services. This is because I backup 2 terrabytes of data, which needs a whole different strategy. For regular backups I have my own remote (cheap) servers and (cheap) harddisks sitting at friends. It’s a bit of work to set up, but in the long run cheaper than any online backup service. And when everything fails, you can drive over and pick up the harddisk.
@ Rolfje. So you’re saying you use spiderOak to backup your non-sensitive data to remote hard drives at a friends house?
SpiderOak is solely used to keep the contents of one folder in sync between all my computer. This folder is my “memory stick”, so to say, and does not contain data I really need to backup.
My backup solution for all my personal data and photos does not include SpiderOak at all. I use Time Machine for local backups, and rsync for backups to a friend’s machine.
Thanks Rolfje. But it sounds complicated. Why don’t you just use Crashplan’s service which will provide you–for free–the software to back up your data to your backup hard drive at your friends house. I’m a mac guy too, and although I am sold on SpiderOak for my most sensitive data—I am using Crash Plan for my family photo’s ect. You just populate/seed a big hard drive with all the photos you already have and then let Crashplan work in the background to back up your new everyday data/photos that you create each day. Crashplan will just work in the background and will automatically send your new photos to the hard drive at your friends house on a daily basis–and again–this is free. So SpiderOak for work and sensitive data and CrashPlan, as described above, for the rest of your stuff.
Update on my above comment: Although I was up to date on the latest version of Spideroak,customer support suggested I completely uninstall it and reinstall the newest version from the beginning— to purge any bugs that may have been there. I figured that it would likely make little difference, but non the less I figured it was worth a try. Well, it seems to have done the trick, because it has been two weeks since I followed their suggestion and my uploads are flawless, and much faster now. In the interim I had tried CrashPlan+ and came to appreciate the speed of spiderOak. Crashplan+ is painfully slow! I would say a good ten times slower than Spideroak. So for security and speed SpiderOak still seems to be the best program going right now. Also, I have to admit, customer service is pretty responsive. So for now I’m staying put. It’s certainly not the cheapest game in town, but when you have sensitive data, I don’t see any other option.
Just want to say that SpiderOak is not as secure as Wuala (when you use the web interface, it sends your credentials to SpiderOak servers to decrypt your files), so you lose the security, this is why Wuala use Java, to keep all encryption and decryption client-side.
I think you should check that statement. If I never log in to the web client, my passwords are never sent to Spideroak. In fact, Spideroak faces a dilemma with the web interface, it is not something they would want to have, but is driven by consumer demand.
In that respect Wuala and SpiderOak are the same. If you use the local client, your password never leaves your machine.
You are right, if you don’t use the web interface they are both good, but with using the web interface Wuala is better, this is what I meant.
I dropped Spideroak well over a year ago because it was horribly buggy! I always had the latest upgrades etc., and had nothing but problems. The interface was just so dated, and clunky too. I went with Crashplan and never looked back. If you really want to be secure just encrypt your own files before you upload them. That’s what I do. Nothing is more secure than encrypting your own files!
Aha, but I never bet on one horse, see. So my “data transportation tactics” as I call them are as follows:
1) Macs in my house backup to a Time Capsule (wirelessly)
2) Mac Mini server A (with all important photos) has an attached USB TimeMachine disk
3) Mac Mini Server A also backups to Mac Mini Server B outside the house, using Crashplan.
4) Mac Mini Server B backs up local configuration to Mac Mini A (so I can easily rebuild it)
5) All the Macs share a data folder which is synced through SpiderOak, which basically means I never have to run around with USB sticks anymore, and have 50GB of my most used/important data on al my machines. This data includes a KeepassX database to hold all my account passwords, which are all different, long, and random. So I need that to be stored securely.
Naturally, all Macs use full disk encryption. The Time Capsule and Time Machine disk on the servers are also encrypted. I think I have the most paranoid setup you could have here. Never trusting on one single component, vendor or manufacturer. My data will survive anything from drive failure to my house burning down to theft. But there’s always that nagging feeling that I forgot something.
Yeah pretty much the same for me–the more layers the better. Macs in my house too. I also have a hard drive at a friends house because with Crash Plan you can also back up to a remote hard drive that you leave at a buddies house–and he does the same by leaving one at your house. That coupled with the cloud and time machine etc., and it would take some wacky statistics to take you out–but you never know…
I have a setup where I scan a document at my office into a sync folder. That sync folder syncs to my home iMac, which has a process set up (using Alfred) to automatically move the files in that folder into a folder filled with records. With Dropbox, once those files are moved from the sync folder on the iMac, they properly disappear from the sync folder on my work machine.
With Spideroak, this doesn’t seem to be the case. The files remain in the sync folder on the work machine, even when removed from that folder on another machine. Any idea whether I can uncheck the “backup” option for that folder once the sync is set up, and keep that folder synced in the sync tab (in preferences)? Thanks for any insight.
Hi Evan,
Yes I seem to have those problems sometimes too. Luckily SpiderOak has finally listened and is creating a DropBox kind of folder which they call a “Hive”. Check out the latest version of their software. I’m not sure if it’s stable yet, but if it is, the world can finally stop using that dreadfully insecure DropBox.
Thank you! I’ve just downloaded the beta, and I’ll see how it works.
For all the issues surrounding Dropbox security, for me Spideroak is worse. I have suffered data loss because of their broken sync and that is just not acceptable. Also there is nothing in the T&C that I can see now that says they can use your files for their benefit. If a file has a particular security need just encrypt yourself.
[…] Dropbox is a no-go, because that is an American company storing unencrypted data too. I’m using SpiderOak since 2011, and it is much better than Dropbox in many ways. Check it […]
[…] readers of this blog already know that I am not using dropbox, and I was an Evernote user, but recently decided it became to dangerous and replaced it with my […]
Granted it’s been quite while since you wrote this, but I’ve found Wuala to be lightweight compared to SpiderOak in both memory footprint and consumed CPU cycles (believe me netbooks, are painful), despite being a Java app.
It looks like there’s proper file system integration on OS X now, however, they’ve just moved to a paid only model, albeit at very good prices, making your legacy free account now worth a whopping $12/year.
But what I really wanted to mention is Tresorit, an extremely worthy contribution to the client side encryption options.
Seems SpiderOak still has sync issues so it cannot be an option for me since I need to be able to confidentially update files across computers.
HOWEVER, why not just create a 256-bit AES encrypted folder using Disk Utilities in your dropbox folder and store all your files within that? I also do the same on my local machine, so basically it’s a 256-bit AES encrypted folder for my local dropbox and inside of that is the encrypted folder that gets stored on Dropbox server.
If this is too much of a hassle then put your non-sensitive data outside of the encrypted folder and only sensitive data within. SpiderOak looks very appealing and I’d prefer to use them but sync issue is a deal breaker for ppl who aren’t looking for a large backup only service.
I’ve used Spideroak for quite some time to sync my often used KeepassX file (and a lot of other stuff) between computers and it has only temporarily failed me once in the past 3 years or so.
What kind of sync issues are you experiencing? I’ve got 11GB of synced data perfectly in sync between 4 Macs here.
Hi sorry for the late reply, email notification didn’t alert me :(… The sync concerns I have is related to updating the same file on multiple machines. I’m a writer so am frequently switching between 3 computers. I use some auto-backup methods to prevent something unseen from happening but for the most part it could be a disaster if my changes were overwritten somehow. Dropbox doesn’t have the notion of 1 master computer. Are you saying my use case should be fine with Spideroak? Thanks!
Hi Marc,
yes, you should be fine. Keep an eye on the spideroak icon (it shows when it is syncing) so you know your file is uploaded. It will appear on all computers if you use SpiderOak’s “Hive” folder. If you need an older version because something went wrong, simply look it up in the Spideroak backups. Spideroak keeps all backed up versions.
In all these years I’ve only had to use the backup version trick once because I closed the laptop before spideroak had a chance to upload the file, and then I screwed up by opening and saving the older version on another machine.
Try it out. Cheers,
Rolf
thanks, just did this and used the code. when dropbox appointed condoleeza rice to its board i stopped using it and just got arund to this option thanks to snowden mentioning it, thanks for the clear instructions here
Too bad to see that Mobile devices are not fully supported yet. “Mobile devices are currently read-only, meaning you can not upload or edit data from your phone or tablet.”
Did you check the SpiderOak site? Maybe they’ve implemented it since the writing of this article.
They haven’t implemented uploading yet. The mobile app is not even a true client, as it’s not considered zero-knowledge. Essentially, they haven’t really committed to mobile.
The best alternative for mobile users currently seems to be Tresorit or MEGA.
After a month using SpiderOak I am really happy. It is safe flexible and have the hive option trivial to use. The security aspect is really important to me and SpiderOak really deal carefully with that. I really encourage everybody to try. The only downside is the small free storage capacity compare to other (only 2GB). If you want to try, use this link in order to get 1 extra GB for free (3GB instead of the standard 2GB).
https://spideroak.com/download/referral/49c28fe46d8f5f7c7965f9f34e85af7a