SpiderOak ONE is a online backup service built around privacy and strong encryption. One of the service’s design goals was not having access to or even knowing anything about about their customers’ backed up files. This product philosophy makes SpiderOak ONE an interesting contender for computer backup, but their philosophy comes with a fair bit of added complexity that their design doesn’t make up for.
SpiderOak sells their subscription backup services by gigabyte quotas. You can install their SpiderOak ONE client on as many computers you like, and they all share the same subscription and data quota. This sets ONE apart from many competing backup services who all charge per-computer rather than assign users a storage quota. Their price model is something which makes SpiderOak ONE appealing to users with smaller storage needs and multiple devices. However, the client software doesn’t make it easy to manage your quota.
SpiderOak ONE is available for Linux, macOS, and Windows. You can strictly speaking also access your files on the web and mobile, but you don’t get to keep your privacy if you use either mobile apps or the web interface.
I’ll get back to the above points in greater detail later in the review.
Keep it secret, keep it safe
Privacy and security is at the core of SpiderOak’s brand and their ONE backup service. The service positions itself as a privacy-by-default service, something they almost-but-not-quite deliver on.
SpiderOak ONE encrypts your files locally before uploading the data to their servers for safekeeping. As they don’t know your actual account password (only a password hash which is different from the password hashes used in the encryption process), they can’t see the contents of your files. Their architecture also makes it so they can’t even see the file names of what you’ve backed up.
This all assumes that SpiderOak simply doesn’t push an automated update to their ONE client and instruct the client to collect account passwords and send them back to their servers. The system has the same trust issue as with other hosted security services like LastPass.
This may sound far-fetched, but as it turns out, SpiderOak already has ONE clients that collect users passwords and sends them to their servers to perform decryption and encryption operations on their infrastructure instead of in the clients. I’m of course talking about their web interface and mobile clients.
Mobile and web cost you your privacy
SpiderOak ONE has clients for Android and iOS, as well as a web interface, that let you access your backed up files remotely. However, when using the mobile or web interface, you completely bypass the normal privacy and security measures. Unlike the full SpiderOak ONE client for desktop, the “light” versions for mobile and web transmit your password to SpiderOak so they can perform the decryption on their servers prior to sending the unencrypted data to your device.
As a customer, you can choose between the convenience of having access to your content on mobile and on the web — or staying private and secure. You can’t have it both ways with SpiderOak ONE.
Online storage services like MEGA support the use of full encryption on the web and in their mobile and other apps. Decrypting files on mobile with MEGA’s client can drain your battery quite fast, and decrypting in a web engine can take quite a bit of time. These may be some of the reasons why SpiderOak ONE won’t give you secure access to your own files remotely. However, I believe it to be more likely that it’s caused by legacy decisions and technological debt regarding how they perform encryption. Something a newer service like MEGA doesn’t have to deal with.
In today’s mobile-first world, SpiderOak ONE has fallen behind the curve. Customers can get to their files if they absolutely need to, but it’s not a fully supported end-to-end encrypted feature like their main desktop client.
Multiple devices and unclear storage quotas
You can backup multiple devices on a single subscription. This can be a great money-saver when comparing SpiderOak ONE to a service like CrashPlan that charge per device.
With SpiderOak ONE, it can be hard to keep track of your backup storage quota on a single device — and even more complicated when using multiple devices. The user interface in the client doesn’t provide much information beside the total amount of data stored on the plan and a potentially misleading per-file-revision quota.
If you modify a file, ONE keeps track of the file changes for you through file versioning. This is great for almost any type of file, as you can get an earlier version of a file back off SpiderOak. A file doesn’t necessarily take up double the storage when you save two copies of it, as SpiderOak will attempt to only store the differences between the two copies. This doesn’t work for all file formats, but it’s great for documents and such that you make a lot of changes to over time.
If you backup the exact same file from two devices, SpiderOak ONE will first create a cryptographic hash of the file as part of the normal backup encryption process. This hash is then checked against a list of other hashes in your account. If the exact same version of the file has already been backed up in your account, SpiderOak ONE doesn’t upload a second copy, but instead simply updates their record so they know the file exists on two computers at two different file paths. This saves your upload bandwidth and doesn’t occupy any additional space on your storage quota.
In my testing, the deduplication process don’t work with most files. E.g. I can copy a backed up file to a directory that isn’t being backed up with SpiderOak ONE, and then replace the backed up file with the exact same file from the other directory; and this will cause SpiderOak ONE to back it up as another revision of the file even though the file’s contents and hash is identical.
There is no indicator in the client letting the user know that the file isn’t backed up multiple times nor is it shown anywhere that it isn’t consuming as much storage as the user interface might suggest. From within the client, you can see all revisions of a file and how large the file was at different points in time. You can’t see the total size of all historical versions on one or all devices.
You can only manage and delete files and old file revisions from your current device. If you want to remove files backed up by another computer connected to the same account, you have to go to that computer and remove the files from there. You can see the files backed up by all computers, but you can’t make any changes to them.
Some general points about the user interface
Before I proceed, I want to tell you more about the main user interface of SpideOak ONE. To put it frankly, it isn’t very user friendly. It shows clear signs of being built up around how the software works rather than being designed to be useful and solve problems.
My first impressions of SpiderOak ONE were quite underwhelming. There is no support for high resolution displays (HiDPI), meaning that on my various screens; all the text and controllers are small and hard to read. (Shown in correct proportions below, but imagine everything in the window being half the size.)
The top navigation in the client is clear enough at the first glance with five main categories: Home, Backup, Manage, Sync, and Share. If you stop and think about it for a second, what do you expect these different tabs to do? Backup and Manage holds two views that look almost exactly the same. It’s hard to identify the differences and purposes of each as both show you a treeview of your files with checkboxes you can turn on and off. To backup a folder, do you go to Backup or Manage?
In the Manage tab, some folder icons may be shown as partially green, but the same folders aren’t green in Backup tab. I thought this may meant that they were either fully or partially backed up. However, you you go to the Sync tab and choose to edit a synchronized folder – there is a small note at the bottom of the screen that says that “Synced folders will appear as green within the Manage tab.” The Hive folder has an orange icon by default, so this all makes very little sense and is quite unintuitive.
On the Home tab (shown above) there is a second row of tabs containing Overview, Activity, Action, Completed, and Details. Each of these show you … uhm, I have to be honest here: even as a geek, I don’t care in the slightest what these tabs show. There is no conceivable reason why there would be so many of them! They all list file activity in one way or another. Surely listing files being uploaded and downloaded in two columns would be good enough? You can find this design in just about any other backup software.
A second set of tabs within tabs is considered somewhat of a bad design. To quote renowned user experience researcher Jakob Nielsen:
This sums up how I feel about the tabs-within-tabs design that SpiderOak ONE uses on its Home tab. This feeling is strengthened by how useless and un-actionable the presented information is. There are also small behavioral oddities all over the place, like the weirdly hard to understand checkboxes and inconsistencies.
Synchronizing folder contents between devices
Beside its main purpose of backing up your files, SpiderOak ONE can also help you move files between your computers or keep arbitrary folders in sync. You can quickly move files around by moving them into a special folder created in your Home folder called SpiderOak Hive. The Hive folder works like a drop box where everything ends up on all of your machines. For more selective syncing, you can setup your own synchronization folders.
Hive is easy enough to use as it’s setup for you when you install SpiderOak, and works automatically on all your computers. However, configuring a custom set of folders is a much more complex task and you’re given very little assistance along the way.
To setup a folder for synchronization, you first have to know that you need to already have setup each folder to be backed-up on all the computers you want to sync to. You can then go into the Sync tab on one of your computers and setup what SpiderOak calls “a Sync”, which is to say – a synchronized folder task. You’re asked to provide a name and describe the “sync” before being asked to choose which already backed-up remote and local folders you wish to keep in synchronization. The user interface is quite unforgiving. If you haven’t already synced the folders you want to use, you have to cancel the process and loose your changes while you go back and setup the folders to be backed up first.
This is a cumbersome setup process for something other software has been able to do seamlessly for years already.
Sync folders are just as confusing as regular backup folders when it comes to the actual storage usages. You need to carefully remember which devices uploaded which files, because files can only be managed and deleted from the computer that uploaded them. To quote the ONE support page on file deletion:
It’s quite unclear what would happen to your synced files if you remove one computer from your account.
Synchronized folders in SpiderOak ONE clearly require quite a bit more manual management than the synchronized folders people may be familiar with from services like DropBox or OneDrive. Frankly, I don’t see why anyone would choose a complicated folder synchronization service. These services are already difficult enough to use as it is.
SpiderOak ONE lets you backup from and synchronize files between multiple computers under one subscription. This functionality really sets it apart from competing services as a compelling option for those of us who don’t need to backup enormous amounts of data and want to get the job done on a budget.
The SpiderOak ONE user interface isn’t actively user hostile, but that wouldn’t be an unfair description of it either. There is very little abstraction in the user interface from the technical foundations of SpiderOak ONE. The software is as awkward to use as the service’s name.
Unfortunately, the multi-device functionality shows signs of being driven ny engineering decisions and having being tacked onto an existing service as an after-though. I was genuinely surprised by how difficult SpiderOak ONE had managed to make setting up folder synchronization. It’s clear that the user interface was added on to an already designed solution rather than creating a solution to specific use cases.
The software assumes you’re already familiar with the technicalities of how features have been implemented to be able to use them. You’re not provided with enough information in the client to get common tasks done, and being familiar with underlying concepts and similar software doesn’t help you one bit. (To be fair, it does help you navigate their online knowledge base.)
I personally could get by using SpiderOak as my backup solution, but the product as a whole feels inelegant and dated. It comes with a high learning curve, and even if you’re technologically savvy and actually want to use it — it can still be difficult to use.
SpiderOak ONE is good enough to backup one computer, but I’d not recommend you use it to backup multiple computers nor use it to sync files between multiple computers. Unfortunately for SpiderOak ONE, there are cheaper and more attractive alternatives that offer single-computer backup with strong encryption at more competitive prices.