Why We Will No Longer Use the Phrase Zero Knowledge to Describe Our Software
WHEN EXPERTS IN YOUR FIELD CALL YOU OUT, YOU LISTEN.
When we launched our backup software in 2007, we adopted the term Zero Knowledge to describe our end-to-end encrypted architecture. It resonated with everyday users who loved the fact that they had complete privacy and control of their data. In recent years, other encryption projects have also adopted the term zero knowledge in their marketing.
But renowned cryptographers have pointed out to us that even though we use this term in our messaging, and we know it’s not technically accurate, it can be misleading to the experts, journalists or academics who know otherwise. We even had a conversation about it on Hacker News.
WHAT ZERO KNOWLEDGE REALLY MEANS
The term ‘zero knowledge proof’ or protocol is an academic term in cryptography. According to Wikipedia, it’s described as “a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any information apart from the fact that the statement is indeed true.” Our commercial use was inconsistent with the academic definition.
So, the point was well taken! Dear respected cryptographer friends, whom we admire and appreciate — we listened to your feedback.
As we launch a new website today, we changed every mention of Zero Knowledge to No Knowledge. No Knowledge means we give you complete privacy of your data — what we’ve been doing from the start. Because of the way we build our products with end-to-end encryption, we have No Knowledge of the names or content of your files.
Even if we wanted to, we can’t see what you are storing or sharing, nor the conversations you’re having. Your files are encrypted before they leave your device and in-transit. Only you have the key on your device to decrypt them. Your data is completely safe from our sysadmins, your own sysadmins, hackers, a blind warrantless subpoena, or any threat.
For our backup product, SpiderOak ONE, this means we can never reset your password. And a good rule of thumb is that any company that can reset your password could potentially access or read your data because they have the key to unlock it.
For our secure group chat, file sharing and collaboration tool Semaphor, it means you can even review the source code.
WELCOME, NO KNOWLEDGE PRIVACY
We’re happy to kick off the year with this new terminology, but our mission stays the same: to bring you products that make your life easier and more secure in the cloud.
It’s been a solid 10 years, Zero Knowledge, thanks for the great memories. Hello No Knowledge — welcome to the SpiderOak family!
Originally published at SpiderOak.com on February 8, 2017.