Hacker News new | past | comments | ask | show | jobs | submit login

It protects you against a certain kind of threat, namely the National Security Letter that can force a US-based company to install backdoors in their system while forbidding them from telling anyone that they have been forced to do so. If SpiderOak had been compromised by the US government forcing them to install a backdoor, they would be forbidden by law from telling anyone about this. They would not be allowed to remove the clauses from their service description that claim no-one is able to decrypt your data.

This is the special risk of dealing with US-based companies. They can be forced to install decryption backdoors or hand over their users' data while continuing to tell the users they are unable to do so. So you must assume no US-based service is truly secure.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact