On Thu, Apr 05, 2012 at 06:42:23PM -0400, Sam Smith wrote: > > The point is that SpiderOak (and Lastpass) never know the user's password. > And never receive the encryption key. The key never leaves the user's > computer. The server never gets it. The only thing that ever lands on the > server is an encrypted blob. > > What this means is that the user doesn't have to worry about the 3rd party > taking care of the data. If the 3rd party is hacked, if the 3rd party has a > rogue employee, etc. The data has a much better chance of being safe than if > it's implemented like say iCloud where even if the data is encrypted Apple > holds the encryption key and can access the data anytime they want. If Apple > can access the data, a rogue employee and a hacker can potentially access the > data.
Are SpiderOak and LastPass FOSS? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
