[gecko]

Note that, while SpiderOak is arguably more secure than Dropbox, they rely on a hybrid security model wherein they still have your encryption key on their server, but encrypted with your local password. This matters because if your password is ever compromised, however briefly—say, by using the mobile app or the website, neither of which are supported in a secure manner (they make this very clear)—then all your data would be permanently compromised, with no way to rotate your keys and re-encrypt your data before someone gets access to it, short of blowing out your account. I get why things work this way, but still, yuck.

[tombrossman]

Also worth pointing out that neither Dropbox nor SpiderOak are fully open-source, so you are having to place some degree of 'blind trust' in either service. It is in their own best interests to have great security so that customers trust the product, but this cannot be verified by someone outside the company.

[implicit_none]

SpiderOak'er here; as a reminder, we also offer Encryptr, our own password manager: https://spideroak.com/solutions/encryptr

Which itself _is_ open source: https://github.com/SpiderOak/Encryptr

[flanbiscuit]

Been using this for a while and I'm liking it so far.

When are exporting and offline access coming?