[liberationtech] Is spideroak really zero-knowledge?

[Percy Alpha]

Spideroak claims to use client-side encryption for desktop client but
doesn't not use zero-knowledge password proof for mobile Apps or website
portal.

In light of Lavabit, spideroak could also forced to intercept password if
users ever use mobile Apps or website login while being gagged . Then all
encrypted data will be retroactively compromised.

Percy Alpha(PGP <https://en.greatfire.org/contact#alt>)
GreatFire.org Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130812/08fbc3b2/attachment.html>