AMA With Matt Erickson!

Matthew Erickson is SpiderOaks Vice President of Solutions, guiding federal clients in applying zero trust and distributed ledger technologies to securing sensitive data and communications. Joining SpiderOak in 2010, he is the architect of the company’s initiative to expand the federal use case for blockchain in the DoD and Intelligence space. In 2018 Matt was Executive Director of the Digital Privacy Alliance, where he was responsible for bringing together sectors of the tech industry that respect user privacy enabling them to speak with a single voice in legislatures across the country.

Matt is ready to answer any burning encryption or technology questions, or questions about the future of SpiderOak so ask away! The AMA will begin at 2PM Central Time (U.S.) and the ‘live’ timeframe for answering questions posed will end at 3PM.

If you have any technical support questions regarding SpiderOak One Backup, or CrossClave, please write in to our support team at support@spideroak.com!

Want some swag? Take this 16 question survey for a free SpiderOak Sticker!

1 Like

Greetings Matt!

I’d like to start off with a question! Are there any aspects of your day-to-day life that you feel are way less secure than they ought to be? How would you like to see those aspects improved?

I’ve always thought that social security numbers in the USA are wildly insecure but they’re so enmeshed in almost every aspect of our society!

Hello, that’s a great question. My short answer is all aspects of day-to-day life that haven’t already been compromised are simply because someone has chosen not to.

Social security numbers are a great example- you can buy a database of all Americans’ social security numbers off the darkweb for really cheap.

The other thing that really resonates, from a security perspective, is online privacy and data brokers. You know those security questions companies make you answer? It’s actually really easy to find databases of people’s mothers maiden names, streets they grew up on, pet registration / rabies vaccination paperwork, elementary schools attended, and more because that’s actually public record! Additionally, geolocation data from advertisements makes it really easy to determine where you live and where you go. Based on that data, it then becomes easy for modern big-data techniques to make reasonable guesses about your race, gender identity, and political affiliation, as well as uniquely identify your actual street address.

This all means you’re vulnerable online and in person entirely through modern analytics-based user monetization (i.e. online ads)!

A lot of my friends have introduced things such as Google Home, Alexa, Ring, etc into their homes. So many of them have voice-activated assistants, too. I don’t think those things are all that secure, and I feel like that is finally reaching the public consciousness. However, there hasn’t really been consumer pushback to make these things safer for us. Nor has there been general industry pressure to do better.

  1. What do you think has to happen for people to demand safer versions of these devices?
  2. Will it be possible to secure gen 1/2 devices, or will having secure versions actually require brand new equipment?
  3. Do you feel there will be third party security add-ons for these?

Favorite pre-1960 jazz record?

  1. Governmental regulation. Safety in consumer products categorically doesn’t work any other way.
  2. Depends on what you mean by “secure”. If we’re talking about better software, then sure, existing hardware can be updated to remove default passwords, broken authentication or TLS, etc. If we mean “secure” by doing more of the processing locally and not in the cloud, most will need new hardware to support the additional processing load locally.
  3. Likely not.

Groovin’ High by Dizzy Gillespie, or Monk’s Music by Thelonious Monk.

1 Like