If you’re only just joining us, late yesterday the US Department of Justice shut down Megaupload, arrested seven employees, and seized assets worth more than $50 million (including three 82-inch TVs, two 108-inch TVs, 14 Mercedes, and other rich boys’ toys). This huge indictment poses many questions, but today we’re going to look at just one of them: What happens to all of those files that people had stored on Megaupload’s servers?
This morning the web is littered with hundreds of millions of broken Megaupload links. There was no warning, no preamble: If you stored files on Megaupload, they are gone — at least for now. So you have some idea of the scale of Megaupload, a quick search on XDA-Developers for “megaupload” returns some 226,000 hits. There are hundreds if not thousands of forums on the internet that are similar in scale to XDA-Developers.
It is possible that Megaupload’s servers will be brought back online, but only if Megaupload and its employees are found innocent — and in all likelihood, the trial and sentencing process will take months. Even if Megaupload does return, there’s no guarantee that your files will still be there.
In short, if you stored important files on Megaupload, I really hope you had an up-to-date backup on your computer.
There have always been two major concerns about cloud services in general, and cloud storage (Dropbox, Megaupload, SkyDrive, iCloud, and so on). The first is privacy: When you upload data to a third party, there’s always the risk that they can look at the contents of your files. Some cloud providers securely encrypt data, but many don’t. The second issue is data security and integrity: Does the third party keep a tight ship against hackers? What happens if a hard drive fails? What protections have the cloud provider put in place to mitigate against natural disasters, bankruptcy, or being shut down by the Feds?
For the most part, the only real way of ameliorating these concerns is by doing an awful lot of research before pushing in your chips. Even then, though, you would be hard pressed to find a cloud storage provider that offers an easy way to migrate your data in case of bankruptcy. If Dropbox decides to shut down, the only way to transfer data to another cyberlocker is to download it and re-upload to another service. If you’re an enterprise customer using Microsoft Azure or Amazon AWS, you should probably be given help to migrate your data to another provider. In the case of a federal indictment, though, I don’t think any cloud provider really offers a way out — and if there’s an earthquake, you better hope that they kept an off-site backup (and you can bet that consumer services like Dropbox or Backblaze don’t).
At the end of the day, though, the only other option is keeping your own backups on some kind of NAS and maintaining your own off-site backups — which is feasible, and how many companies and individuals choose to do it, but rife with its own issues. Cloud storage is so simple — it’s the epitome of fire-and-forget — that you forget about the risks… and then Megaupload gets shut down.
So, what happens to my files when a cloud service dies?Assuming the midden hits the windmill, then, and your cloud storage provider goes offline without notice — what happens to your files?
In Megaupload’s case, where some 1,000 servers (and thousands of hard drives) were seized, the Feds will probably pore through your files looking for evidence that improves their chance of a conviction. It’s almost guaranteed that Megaupload stored the IP address of file uploaders, and the Feds could pursue individual copyright infringement cases at a later date. If Dropbox was ever indicted of similar charges, the situation would probably be the same.
For consumer-oriented services that are more about backup than file sharing — Backblaze, for example — your files would probably remain in the digital ether, encrypted for all eternity. It’s unlikely that a backup provider would ever be shut down, but it could go bankrupt. In such a situation, you would probably be given a week or month to grab all your data — and then that would be it. There is no chance of Backblaze sending you a hard drive with your data on, for example.
Finally, at the enterprise level — Azure, AWS, Rackspace, etc. — it’s likely that you would be given ample opportunity to recover your files, and you might even receive help in migrating your data directly to another cloud service. In this case, if you’re storing terabytes of data in the cloud, you could probably even request that your data be returned via FedExed hard drives.
Amazon has made it easier for authorized business users to manage their Amazon Web Services infrastructure after signing on — once — to their corporate network.
This is the latest in a steady drip, drip, drip of functionality that Amazon adds to its services over time. This week, for example, Amazon announced free Windows “micro” instances to its EC2 Elastic Compute Cloud service on Sunday, and three days later announced the DynamoDB NoSQL database to its roster.
In this case, the aim is to make it easier for authorized users to maintain and tweak their Amazon-based services. Once the user is identified and authenticated by whomever manages the AWS account, he or she can sign onto the corporate network using existing credentials, then navigate to the AWS Management Console without re-entering a password, according to an AWS blog posted late Thursday. Before, users had to sign into the AWS Management Console separately.
When that user requests entry into the management console, the identity broker “validates that user’s access rights and provides temporary security credentials which includes the user’s permissions to access AWS. The page includes these temporary security credentials as part of the sign-in request to AWS,” according to the blog.
This all requires up-front work. The person in charge of a company’s AWS account must set up the user’s identity and federate it to the appropriate services. When the user signs into the corporate network, the identity broker pings Amazon’s Security Token Service (STS) to request temporary security credentials. Until now, those credentials gave specified users access to Amazon services for a set period of time (up to 36 hours.) Now those same credentials will be good for AWS Management Console as well.
The bulk of Amazon services — including Amazon EC2, Amazon S3, VPC, ElastiCache — support that identity federation to the management console. The company is working to add the new Amazon DynamoDB NoSQL database service to that list, said Amazon Web Services Evangelist Jeff Barr in the post.
As Microsoft beefs up its Azure cloud offering with expected Infrastructure-as-a-Service capabilities, and more OpenStack-based IaaS offerings come online, the competition to provide cloud services will only heat up.
Feature photo courtesy of Flickr user Will Merydith
Here's ChadRocco's Lamar Smith anti-election poster, in honor of the congressman's advocacy for the net-killing Stop Online Piracy Act and his blithe dismissal of the bill's critics.
Meet Lamar Smith, representative from Texas, and Chairman of the House Committee on the Judiciary.
As Chairman he can kill any bill he doesn't like by denying it a hearing while giving priority to the bills he wants to pass, Like SOPA.
While addressing the massive outcry over SOPA he stated that:
“It’s a vocal minority. Because they’re strident doesn’t mean they’re either legitimate or large in number. One, they need to read the language. Show me the language. There’s nothing they can point to that does what they say it does do. I think their fears are unfounded.”
Above is a list of people that have pointed at the language, including law professors and computer experts.
You have a civil war among video game companies, and the successful boycott of a company. How do you ignore that?
It's an election year. This November. Whatever happens, Texas, please kick this guy out of office.
SOPA- I CAN'T HEAR YOU
(Thanks, Melted Crayons!)
Posts
All Comments
