10 gig of cloud storage not enough? Try 10 terabytes

If you’re like me, you’ve been downloading OAR files like crazy. For example, I’ve got a full set of Linda Kellie OARs — just in case. And the Hyperica hyperport redesign keeps generating new OARs, since we want to save a copy at every major step in the process.

Up until now, I’ve been happily using DropBox — the free plan starts at 2 gigabytes and you can refer friends to get more space — and Microsoft’s OneDrive, formerly Microsoft, which comes with 7 free gigabytes. Then there’s Google Drive  with 15 gigabytes, and Box.com, which comes with 10 gigabytes.

But all this nickel-and-diming is getting annoying, and keeping track of which files are backed up where is giving me a headache. What I need is one big place to keep everything.

I realized this fact when I got a file shared with me on Mega today and the experience was smooth, fast, and elegant — not what I would have expected from some creepy online filesharing service that’s been sued by just about everyone. So they’re now offering 50 gigabytes of free storage and totally revamped their business model and added some serious-grade encryption. So that got me thinking about switching and consolidating.

But I don’t just jump on the first site I hear about. I did some research. And here are the services I’m choosing between:

Mega

Yes, Mega is from Kim Dotcom, the same guy whose Megaupload got shut down two years ago in a wave of really bad publicity. Well, who’s having the last laugh now? All the lawsuits just created a massive wave of name recognition for the company, and it now processes half a billion uploads a month. Plus, all files are now securely encrypted — when setting up the service for the first time, Mega asks you to play an anti-NSA Blockout-style game to help make the encryption more random and secure.

Do I need all that encryption? No. I don’t have any super secret files. But I want to keep my options open. After all, the kids are almost out of the house, and I might pursue a career as a secret agent.

They have a desktop client, easy file sharing, desktop syncing — everything you need in an online backup or file sharing system.

(Image courtesy Mega.)

(Image courtesy Mega.)

Other platforms with 50 gigabytes of free storage

I don’t recognize the names of most of these other companies, and not all of them have all the features of Mega, but you might considering taking a look and see if they might work for you:

  • ADrive — The company has also been around for seven years — a good sign. But there’s no desktop client with the free version.
  • Samepage — This company seems to be focusing on collaboration, with a page-based approach to storing and collaborating on files. The free plan comes with up to ten users.
  • SFShare — Can only upload one file at a time, no shared folders — can only share files, no hotlinking to files
  • Firedrive — Watch out for removal of your files if you don’t use them often enough, no desktop client, and you can’t use the browser client to upload entire folders.

100 gigabytes of free storage

  • Shared — Primarily a file sharing site, so no desktop syncing client, and files expire after 90 days of inactivity.
  • Surdoc — The site was down for upgrades today, but it’s supposed to be something like Mega or ADrive, except the free offer is only for the first year.

360 Cloud Drive

This is a Chinese site that offers 360 gigabytes of free storage, with a desktop client for easy syncing and secure encryption.  And if you use the desktop client you get — wait for it — 36 terabytes of free storage.

Okay, it’s in Chinese. And unfortunately, even after five years in China, my reading ability stops at the male and female characters on restroom doors. But that’s what Google Translate was made for, right?

According to this review — please ignore the parts about illegal TV show sharing! — the service is fast despite being based in China, and straightforward to use once you get past the language barrier.

Weiyun

Weiyun is owned by China’s largest Internet company, Tencent, and offers 10 terabytes of free storage for anyone who signs up for a free account with their QQ instant messaging service. And they have an English version of their Web client, plus apps for Android and iPhone. An English version of the desktop client is coming. Read this how-to about how it works. Read a review of the service here.

So I tried it out — the English language web app was a major motivator. So were the ten terabytes of storage.  I had to install the Tencent QQ app on my iPhone, which took a couple of minutes — make sure you download the right app! I finally had to scan the QR code on this page to get the right app. The browser-based interface was easy, and I could upload and download files without any problems. But I need synching…

So I downloaded the desktop app, opting for the “sync” version, and simply clicked through the install process. Then, when I launched the app, I clicked on the gear button to change the settings, and Googled around until I found this translation of the interface. I was able to set my default file folder to sync, as well as the default photo folder to sync. Then it gave me a warning message which I couldn’t read, and I abandoned the whole thing. Not only do I not need 10 terabytes of storage right now, but I can just wait for the English version of the desktop client to come out.

maria@hypergridbusiness.com'

Maria Korolov

Maria Korolov is editor and publisher of Hypergrid Business. She has been a journalist for more than twenty years and has worked for the Chicago Tribune, Reuters, and Computerworld and has reported from over a dozen countries, including Russia and China.

  • hack13

    Maria have done research on these companies, in fact even recently the most popular one Dropbox has been getting into a lot of trouble with their users, and I have had an ADrive for a long time, and the storage is not that secure, and files get lost easy. But you really need to do proper research before posting these things, and 10TB, I would never trust it, mainly because one it is not mirrored on US soil, and secondly nothing to show me my data is encrypted.

    Though you want a story, you should do the research on the HUGE dropbox scandal going on.

    • lmpierce

      Hi hack13,

      Since our readers are concerned about security, could you post some links? For example, a link to a recent story about Dropbox would be helpful. I found an interesting read under Dark Reading from Information Week, but the article is from 2011, so if you are referring to the FTC complaint, it would be great to have an update.

      Also, do you know of a service you trust? You could also link to that with a comment about how they have earned your trust.

      The links in the story are simply starting places, and it’s expected readers will do their homework to decide if a service is sufficiently secure and reliable for their own purposes. After all, each user has a unique security need; some people are worried about file theft, while most users would be concerned about file losses. And as for privacy, every company is currently wrestling with that bear.

    • By “scandal” do you mean the DMCA notice thing two months back that briefly blew up on Twitter and then went away again?

      http://www.zdnet.com/dropbox-under-fire-for-dmca-takedown-7000027855/

      The one about how Dropbox doesn’t want people using Dropbox to illegally share files, and is removing infringing file sharing links? (But not the files themselves?) From what I’ve read, they seem to be taking a reasonable position on this, complying with the law while respecting user privacy. Unless I missed something.

      I did write a story late last year for CSO magazine about using cloud storage (and other SaaS services) securely, typically using gateways that encrypt the data before it goes out to the cloud:

      http://www.csoonline.com/article/2134078/privacy/saas-vendors–customers–finding-new-ways-to-secure-the-cloud.html

      • hack13

        But the way they are removing files violates the privacy of their users. where if I upload a file that is perfectly legal for me to have because I am the owner and purchased the rights, but because it has the same exact hash as someone who has the same file and stole it, I get punished and the file purged from my account, that is not fair or right of them.

        Secondly, the encryption they use is 1 key for every single user, this means your files are uploaded with the exact same encryption mine are. That is scary in itself, that also in itself is a violation under the common security standards, and they do this short cut only so they can save on storage costs. To understand that, let me break it down for you, when you put something in your dropbox, it hashes it, then before it uploads it scans its entire database of every single file uploaded (which it couldn’t do if they properly encrypted every user separately) and if it find that hash, instead of uploading it, it just uses the same copy someone else has. This is where the security flaw is, if someone can find out the hash of that file, they just update the hide file list in your drobox and tell dropbox you have a file with that hash, and “poof” you got their file.

        • They way I read it, they specifically said they were not removing files — just taking down the links to files with identical hashes to those that had had DMCA complaints against them. Removing just the public sharing links. Not the files themselves.

          Meanwhile, for highly sensitive files, if you have to share them on public networks, you can always encrypt them first locally. If someone could figure out the hash to that file — I’m not sure how, except by breaking into your computer, and if they were already there, might as well just pick up the file right then and there and not bother with Dropbox — but if they could figure out the hash, and trick the system into giving them a copy of the file, they’d just be getting something encrypted that they wouldn’t be able to use.

          For large enterprises, for whom security is critical — especially given all the embarrassing breaches hitting the news — they key to security (so to speak) is proper key management. You want to keep all the encryption keys yourself instead of letting the vendors hold them, and you want only authorized people to access them. There’s a whole category of security vendors springing up just around the security key management issue.

          If I was still working in Russia and China and dealing with anonymous sources and authoritarian governments, I’d definitely be investing in good local encryption — but also in making sure that all my critical data was kept well outside those countries.

          While in China, for example, we used US-based, encrypted email and database vendors — but also made sure that all the REALLY sensitive stories were handled by staffers in the US, Europe or India to further isolate the Chinese staff from any exposure.

          • hack13

            While yes you sit here and say this, but in your own words, no one really knows how to do this stuff the encrypting or any part of it really. So the best course of action is always to backup locally with no external access, but if you have to upload and share I suggest services like “syncthing” or “bitsync” both of these services require both ends to share and encryption and force the transfer to be encrypted and be 100% P2P the entire transfer.

            While perhaps you may have been taught to use these programs, Jonny Smith may not have, and probably would look at you and say “I just want to drag and drop it” and that is why I discourage many online storage providers including Amazon S3 its not encrypted unless you turn it on and even then you need to encrypt locally first. I really think every day users really need to become more aware of their data, I mean with so many places getting attacked and data stolen nothing is really safe.

            Also for anyone reading, if you ever hear someone say they “ENCRYPT” your password STAY AWAY, a vendor should never, ever, ever, encrypt you always want HASH, because hashes are non reversible… technically speaking, but I suggestion at least sha256 at the lowest, and never trust a md5.

          • hack13

            Oh, and just incase people are curious how opensim stores your password. You will be happy to know that it is not only hashed, but then salted. This means you cannot reverse engineer the password, you can only reset it.

    • Samantha Atkins

      In 6+ years of using Dropbox I have had no such issues of lost files.

  • SurDoc’s site just came back up after their upgrade, and it seems that their 100 gigabytes of free storage offer is actually renewable after the first year — through the “recommend a friend” system. For every friend who gets a SurDoc account, you get 10 gigabytes of free storage.

    I agree that there’s a risk to keeping backups of your documents online with some startup. But there’s also risks keeping your backups on disks in a vault. I have a stack of useless disks from a few years ago — but the stuff that’s been saved digitally is still around.

    I understand that some people worry about security risks. I’m not one of them — I’ve got nothing really I’m trying to protect (because I lead a boring, boring life) — but while no service offers perfect security, most do offer “good enough” security, and that’s plenty more security than I actually need. Mega is probably an exception here — they have been fighting government agencies, as well as the movie and film industries, and probably have the highest-grade encryption out there to secure all files.

    The other security risk is if the site goes down exactly when you need the backup. That could happen — Mega’s previous incarnation, MegaUpload was, in fact, shut down, and SurDoc was down all day today. Even Amazon has had outages.

    The question I ask myself is: Does the cloud service have more downtime, or does my traditional alternative have more downtime? I don’t trust myself to manage my own backups — disks go bad, computers crash, etc… So an online services would do a better job at this than I would. For other people, the reverse might be true.

    Finally, there’s the use cases. I’ve used my online backups when on the road and I suddenly urgently needed a document. I can pull up my iPhone or Chromebook and retrieve it, anytime, anywhere. I’ve had occasion to do so a few times already, and love the convenience.

  • Joe Builder

    Well I’m not to convinced there is any security that anyone or hosting service can offer. Perfect example is Aviworlds they been attacked on a daily basis from unknown sources. They seem to be attacking the server end of the grid. And speaking with Alex the issue is not getting better, With logins failed every other day. Any advise on this subject which is serious to the entire opensim community would be highly appreciated. There must be a way to prevent outside invaders from taking over the servers. As far as I know Aviworlds is the only grid with on going server side attacks.

    • AviWorlds

      It seems to me and it is clear that whoever is doing this wants AviWorlds out of the game. AviWorlds is increasing in traffic and its hitting the 600 unique users mark.
      I m going to have to report these attacks to the FBI since it is a federal offense to hack websites and disrupt any businesses in the internet.

      • Any way to trace back the source of these attacks? Or is it one of the distributed attacks that come from a botnet?

        I know virtual worlds are particularly vulnerable to such attacks since they require interactivity — they’re not just serving up the same static pages, something which, say, CloudFlare and services like that help guard against.

        Is there anything at all that can be done, other than waiting for the broader Internet community to come up with a way to shut down botnets?

        • AviWorlds

          I have no idea where the attacks came from. I m not responsible for AviWorlds hosting. So I would ask that to Timothy Rogers. He is the hosting. And I dont know if he can find that out. I m not familiar with hacking since this is new to me. Through ethe entire history of AviWorlds this is the fitst time it happened.
          So Im very ignorant of this subject.

          • I hope it’s not Jack Marlione stepping up from his ball-dropping. If it is, or someone like him, then every grid out there will be looking over its shoulder from now on.

            Any chance it was an attack on the data center, or something specific in that data center, and your grid was collateral damage?

          • AviWorlds

            I dont know who it is. But I can say that the attacks so far have not been the types that infiltrate the server ot data. They have been brutal force attacks that the results are that users cant login.
            Timothy has put in place defenses against that now.
            Alex

          • Joe Builder

            Can you let us know what type if any defense others can take to prevent this from happening being you mention a defence. Or is this bad guy entering through the web sites?. This has a few people concerned. Doing a little reading on Brutal force attacks seems a bit serious. And can effect the data base also.

          • Joe Builder

            Jack was already there a few days ago, Left a lot of Ball Gifts behind, Somehow jack was added to the Allowed Residents and was able to rezz his mess.

  • Han Held

    Made an account on mega, and all I can say is that it’s way, way, WAY too fussy about what browser you use. Totally unreliable. Totally and completely unreliable.

    • Good to know — what specific browsers did you have problems with?

      Meanwhile, I just noticed that the free Box.com account I’m using has 50GB of storage, not 10 as advertised. Apparently, Box regularly comes out with free upgrade deals and I must have signed up for one. The latest is that if you get the free iPhone app, you get free 50 GB: http://www.mobilescene.today/news/box-for-iphone-and-ipad-completely-re-written-app-get-50gb-free-for-life/

      • Han Held

        I made the OP and tried to delete the post because I did eventually manage to get the site to work. I used Palemoon (based on firefox) and Chromium on Linux Mint 17. When you first create an account it appears to hang for about 5 minutes or 10. I let it run on Palemoon and the account eventually was made.

        Based on my experiences downloading from them in the past they do seem to work better with Chrome -but I managed to get my account set up in Palemoon (eventually!).

  • Samantha Atkins

    Why download them? Why not be able to load them directly into opensim server at the console from an URL?