SpiderOakONE (64-bit)

What's new in this version:

SpiderOakONE 7.5.1 (64-bit)
- Change log not available for this version


SpiderOakONE 7.4.0 (64-bit)
- Change log not available for this version


SpiderOakONE 7.3.0 (64-bit)
- Disable LAN sync by default
- Limit length for email on signup
- Only show currently backed up folders when setting up Sync
- Remove preview generator
- Improve settings UX by making preferences show in a more consistent way
- Force TLSv1.2 method for TLS connections in Windows


SpiderOakONE 7.2.0 (64-bit)

Changes:
- Add notice for data storage
- Normalize naming conventions
- Calculate space usage in a more efficient way

Bug Fixes:
- Fix sync bug where the client reports that it can’t find a journal
- (Groups only) Fix icons in dashboard for policy enforcement


SpiderOakONE 7.1.0 (64-bit)

Changes:
- Command line help improved/updated
- Manpage improved/updated
- Backup file/directory deselection behavior improved
- Update Hive icon branding
- Restart no longer required when changing size/age file restrictions.

Bug Fixes:
- Prevent unicode related sync issues
- Prevent preferences from freezing under certain conditions


SpiderOakONE 7.0.1 (64-bit)
- Updated SSL certificate pins based on CA changes in spideroak.com


SpiderOakONE 7.0.0 (64-bit)

Features:
- Redesign of the UI

Bug Fixes:
- Fix support links
- Fix for edge case where files can become 0 bytes in syncs
- --purge-historical-versions improvements
- Removable media detection improvements
- Fix an issue that was causing the client to get stuck at “Calculations pending” state


SpiderOakONE 6.4.0 (64-bit)
Bug fixes:
- Language improvements
- Made CDM on Windows more robust
- Implemented secure unsharing
- Added High Sierra support


SpiderOakONE 6.3.0 (64-bit)
Our team recently investigated and resolved three bugs reported by security researchers at Aarhus University (Denmark) in April 2017. The following bugs were fixed:
1. bcrypt login scheme memory leak - This leak happened only at setup and was a bug in the third-party library SpiderOak uses; this bug leaked memory to the server. We didn't validate the parameters set by the server, which allowed the SpiderOak server to weaken the strength of the password hashing. We patched the third-party library and validated the parameters to address this issue.
2. escrow/challenge - This bug only applied to end-users of the SpiderOak Groups product. It was discovered that an end-user could be unintentionally tricked by the client into revealing their password to the server. The design could also result in the client transmitting the user's password unencrypted. A lot of the problem here was confusion caused by poor wording on SpiderOak's end around Fingerprints, which could have caused a user to unintentionally reveal their password to SpiderOak. To address this bug, we now validate the keys and updated the confusing text in the application.
3. Remote Procedure Call (RPC) - The client exposed two unsafe RPC methods, which could've been used to extract a user's password. The client had an option to enable remote diagnostics through which an additional unsafe remote procedure could have been exposed. This is a feature that was never implemented on SpiderOak's server so we've removed the offending code from the client.