Publicly Released Audits by Least Authority and Leviathan Security Pave Way for New Future of Transparency and Openness

SAN FRANCISCO, CA – Apr 29, 2014 — / — SpiderOak, the ‘Zero-Knowledge’ privacy cloud technologies provider, today announced the public release of the world’s first ‘Zero-Knowledge’ application development framework, Crypton.

Crypton enables application developers — whether in startups or large enterprises — to easily build cryptographically secure cloud applications from the ground up. This open-source, Privacy-as-a-Platform™ approach offers a simple and effective new method for creating privacy-oriented applications that can utilize any backend storage provider. Following a series of audits by security researchers at Least Authority and Leviathan, and subsequent vulnerability fixes, SpiderOak has officially released the open-source framework to the developer community.

“As public awareness of online privacy and security issues grow, the software community needs to demonstrate that they have the capability to protect user data in the cloud. Our decision to make public the code and audits of this application framework is part of our commitment to full transparency and openness with the community,” said SpiderOak CEO Ethan Oberman. “In the wake of major security lapses such as Heartbleed, for example, it is incumbent on companies producing frameworks and toolkits to adopt not just an open model but also an open audit model whereby the community can review, understand and work together to create and support the right foundation for these products.”

Currently, most applications that use cloud technologies sacrifice privacy because plaintext information remains viewable on the server. Crypton represents a new path forward by empowering application developers to realize ‘Zero-Knowledge’ privacy cloud environments out-of-the-box. By transparently handling the complicated cryptography layers through the application framework, Crypton makes it easy for developers to focus on domain-specific challenges instead of worrying about how to administer a privacy-oriented solution after the fact.

Public Third-Party Audits Set the New Standard for Secure Application Development
It is common for software providers to undergo security audits to ensure the viability of a code base. However, it is extremely rare that the audit firm or its results are shared publicly for fear of public scrutiny and/or future accountability.

SpiderOak has taken a decidedly different approach. The company has commissioned a series of third-party audits of Crypton’s open-source framework by security researchers at Least Authority, a company with deep experience building verifiably secure storage systems, and Leviathan Security Group, a risk management and security solutions provider.

SpiderOak has made the audits fully available to the public, in accordance with its commitment to complete openness and transparency with the community about how private data is generated, stored and protected through the application framework. Along with the public audits, SpiderOak is openly tracking all of the fixes on Crypton’s GitHub page for anyone to review. The company hopes this type of open development and audit process will set a new bar for how these processes work moving forward.

For reference, the Least Authority audit may be downloaded here; the Leviathan audit may be downloaded here; and Crypton’s GitHub page can be accessed here.

About SpiderOak
SpiderOak provides a cloud backup, sync, and sharing environment that is 100% private. Our ‘Zero-Knowledge’ Privacy Standard ensures absolute confidentiality between you and your data, everywhere, every time and from every device. With SpiderOak, you maintain full and complete control of your data in a centralized, managed and fully protected environment. SpiderOak: we’ve got your back(up).

Media Contact:
Sammy Totah
BOCA Communications
+1.415.738.7718 ext. 7

Source: SpiderOak


General Tags: online backup news, top rated online backups, online backup providers directory, CEO interviews, online file storage, online file backup, SaaS, cloud computing, data storage, online backup companies, software as a service, online backup, backing up online, compare online backups, data security, online backup services, online data backup, online backup reviews

Like us on Facebook

Do you like this post? Subscribe to our RSS feed ===========================

Sponsored Links:

Data Deposit Box


Bacula Systems



Related posts:

  1. SpiderOak Unveils Crypton, First Ever ‘Zero-Knowledge’ Application Framework
  2. SpiderOak Appoints Mozilla Veteran David Dahl as Project Director, Supercharging Crypton Development
  3. SpiderOak’s Crypton Achieves Another Milestone Toward ‘Privacy-First’ Applications
  4. SpiderOak Grows Enterprise Revenue 300%, Doubles Headcount
  5. PRISM, Data Mining Expose False Trade-Off Between Privacy and Security
  6. IBackup Provides Secure Online Backup and Cloud Storage for Financial and Medical Organizations Plus Public APIs for Custom Application Development
  7. SpiderOak Launches Open-Source HTML5 Android App
  8. 2013: The Year of Privacy
  9. Actifio Accelerates Application Development and Protection for Microsoft Environments
  10. SpiderOak, Online Data Backup and Syncing Company, Launches Android Application