by When I first encountered the SpiderOak backup-service a few years ago, I found myself imagining that a marvelous alien species had designed it to teach us about their culture. It’s a little more explicable these days, even as the company has built out its synchronization and sharing components on top of the backup component.
SpiderOak started as a hosted Internet backup service, but even in its early days, it had its sights set on offering a suite. Reviewing it now, three years after taking an extensive look at it for a previous Macworld backup feature, I’m pleased to say it’s come a long way in achieving those goals. This success shows even in the Status tab—in which Back Up, Sync, and Share are given equal billing in the dashboard summary. (The dashboard is a nice way to pull together all those activities, too.)
My initial nitpick is that the application doesn’t behave like an application. Though SpiderOak puts its colorful icon in the system menu bar (you can change it to black if you find it too colorful), the application doesn’t show up in the Dock. Instead, you must select Show from the menu, which reveals a floating window that can get lost under other application windows. There are other rough spots, too, such as the inability to paste a password into the login field and to copy a sharing URL when its text is selected.
Backup
Backup Preferences: SpiderOak lets you set some fiddly backup parameters, such as excluding files over a certain size to reduce bandwidth use.The backup selection process remains as wonky as it was years ago—it feels more like a Unix directory listing than it does a Mac-style user-friendly approach to selecting files, especially when viewed in Advanced mode. For more-experienced users, that geekiness is an advantage, revealing otherwise-hidden folders that may contain files and nested folders that require backup when you’re not using disk mirroring (as with, say, Super Duper or Carbon Copy Cloner).
The backup selection has a beautiful threaded interaction, so that as you proceed through selecting and deselecting files, the Storage Bar at the bottom calculates how many files you will place on its service—and whether you’ll need to buy more storage from SpiderOak to do so. Prefab checkboxes with bright colors to their left let you pick major categories in the user folder, while the main browser window provides granular selection of folders and files. You can also search for files across your entire drive, and add external drives to the backup. If you switch to Basic mode, the prefab checkboxes take up the main window, and the search functions disappear. Essentially, in Basic mode, you decide what gets backed up based on SpiderOak’s broad-based categories.
SpiderOak provides a host of backup tweaks for those who like to restrict backups beyond just selecting certain files. Most welcome are options like “Don’t backup files larger than” a specified number of megabytes, and the ability to exclude files by wildcards, such as *.log or *.zip. You can also specify the frequency for backup, sync, and sharing operations separately—anywhere from Automatic to a set time. If your broadband throughput is limited, this variety of options helps keep your network from becoming clogged. There’s even a prominent Pause All Uploads button on the Status tab.
Backup Selection: The selection dialog box appeals more to Unix geeks than Mac users, as it shows all files and folders, but it also allows a more informed set of backup choices.
Sync, sharing, encryption
The approach SpiderOak takes to sync is interesting. Rather than having a single anointed folder (as with Dropbox [ ]), or picking identical folders on multiple machines (as with SugarSync and others), SpiderOak lets you pick two arbitrary folders on distinct locally available or network locations. One folder can be on the machine you’re working on, and another, named something different, maybe elsewhere in the backup set of computers you’ve added to your account or on the same machine, for syncing to an external volume or a local network’s volume. It’s a flexible alternative.
SpiderOak also uses an unusual sharing method. Rather than specifying a folder within a sync folder, as most services do, and sharing that, SpiderOak has one person create a ShareRoom (the equivalent of a shared space on its servers), set a password (which becomes part of the access URL), and pick one or more folders within the backup set. These folders then become available to anyone who views the access URL in a browser or who knows the room’s name and password. ShareRooms aren’t available to other users with SpiderOak software or via the desktop.
Create Shareroom: ShareRooms take folders in a backup set and back them reachable via non-public URLs on the firm’s Web site. However, these folders must be removed from the stronger encrypted used for backups to make this possible.
While none of SpiderOak’s backup and sync options are superior to or cheaper than similar offerings from other backup and sync providers, SpiderOak shines in the way it handles encryption. All backup services I’m aware of encrypt your data in transit and on their services, but SpiderOak retains all the encryption keys necessary to move that data around. Your password is simply proof that you are who you say you are when you log in.
That encryption method has an advantage: If you lose your password, the service can reset it, and all your backups, synchronized files, and account data will be fully available. The downside? A security breach at the firm or a legal or extrajudicial request by a government in a country in which the service has operations could lead to your data landing in hands other than yours.
SpiderOak generates a private encryption key for you the first time you run the client software, and your password locks that key locally. SpiderOak also stores the key on its servers in such a way that it can’t gain access to the key without your password. If you lose the password, you’re out of luck; but if, say, your computer melts down, you can recover backups from another system so long as you know the password. CrashPlan ( ) offers a couple of variants on this option, one essentially identical SpiderOak’s, and another in which the encryption key itself is generated and stored by the user, with no hope of recovery if lost.
The only points of weakness are when you create your account on SpiderOak’s servers, since you must enter the password at that time, and if you use the Web to view or download files. In both cases, SpiderOak says it doesn’t store the password on disk or retain it longer than is needed for the task. Also, the ShareRooms require that the folders you share be decrypted with your key, and stored using SpiderOak-provided security for as long as they are shared.
SpiderOak is pricier than many other backup providers, but it offers a greater range of services than most. Likewise, its sync offering competes in some ways with Dropbox—not for sharing features, where Dropbox shines, but SpiderOak’s full-backup feature and strong security go beyond anything included with Dropbox.
A free iOS app allows you to browse and view backed-up files, and also access ShareRooms.
The company includes 2GB of storage with free accounts, and then charges $10 per month for units of 100GB of storage. It doesn’t limit the number of computers in a backup set. That pricing is about the same as Dropbox’s monthly rate for the same amount of data. In contrast, CrashPlan’s backup-only service costs $5 a month for unlimited storage for one computer and $12 per month for unlimited data from all computers owned by a household. (CrashPlan offers significant discounts for the service on a yearly and multiyear basis, too.)
Bottom line
If you’re looking for the highest level of privacy and a service that has all of the pieces in one place for backup, sync, and read-only folder sharing, SpiderOak offers the strongest solution. For backup, SpiderOak compares favorably with CrashPlan in features but less so in pricing.
