

SpiderOak: Petition to open source all your code - newscracker
http://www.change.org/petitions/spideroak-http-www-spideroak-com-open-source-all-client-software-code-3

======
newscracker
This is a petition I launched to have SpiderOak see this as a collective
request for transparency. Please sign it if you're a SpiderOak user. Even if
you're not a SpiderOak user, your signature would help in raising awareness so
that other providers may also think along these lines.

Cyphertite, another cloud backup service, is the only one that I know of that
provides the complete source code for its applications.

~~~
phaet0n
How do you know what is running corresponds to the provided source?

~~~
newscracker
This is firstly about the client software. If you have the client program's
source and you can confirm that it does encrypt files with a local key and
does not transmit the key to the servers, then it's not really a big deal
(although it could be) what runs on the server.

If you have the client program's source, you should be able to build it
yourself and use it with the service. This could eliminate the need to use
precompiled binaries that SpiderOak provides on its website.

Makes sense? Or am I missing anything else?

~~~
phaet0n
Sure if it's about the client then sure but as soon as SpiderOak open sources
their software they start competing on price because anyone can write a
backend to use another storage provider.

~~~
newscracker
Yes, price would be a big factor, but scaling such a backend, providing a
stable solution, etc., are not child's play either. Cyphertite has open source
clients and I'm sure they have things other than price that they can compete
on.

If there's one thing that the open source model has shown, it's that not
everyone wants to bother with maintaining the source or adding features or
fixing bugs. However, open sourcing will provide a level of confidence on the
privacy aspect like nothing else can (assuming there are people interested in
examining the code for issues).

I'll stop with this comment. This submission is not going to be prominent on
HN anyway, and currently the sole signature on the petition is mine.

