Afile-hosting service,also known ascloud-storage service,online file-storage provider,orcyberlocker,is aninternethosting service specifically designed to host userfiles.These services allow users touploadfiles that can be accessed over the internet after providing a username and password or otherauthentication.Typically, file hosting services allowHTTP access,and in some cases,FTP access.Other related services include content-displaying hosting services (i.e.videoandimage), virtual storage, andremote backupsolutions.
Uses
editPersonal file storage
editPersonal file storage services are designed for private individuals to store and access their files online. Users can upload their files and share them publicly or keep them password-protected.[1]
Document-sharing services allow users to share and collaborate on document files. These services originally targeted files such asPDFs,word processordocuments, andspreadsheets.[2]However many remote file storage services are now aimed at allowing users to share and synchronize all types of files across all the devices they use.
File sync and sharing services
editFile syncingand sharing services allow users to create special folders on each of their computers or mobile devices, which are then synchronized across all devices. Files placed in this folder can be accessed through a website or mobile app and easily shared with others for viewing or collaboration.[3]
Consumer products such asOneDriveandGoogle Drivehave made file hosting and sharing more accessible and popular for personal and business use.[4]
Content caching
editContent providers who encounter bandwidth congestion issues may usespecialized services for distributing cached or static content.This is especially common for companies with a major internet presence.[5]
Backup and disaster recovery
editMany businesses use file hosting services as part of their backup and disaster recovery strategies. By storing copies of important files offsite in a securedata center,they can quickly recover from data loss due to hardware failure,natural disasters,or other unexpected events.[6]
Storage charges
editSome online file storage services offer space on a per-gigabytebasis, and sometimes include abandwidthcost component as well. Usually these will be charged monthly or yearly. Some companies offer the service for free, relying on advertising revenue.[citation needed]Some hosting services do not place any limit on how much space the user's account can consume. Non-paying users' accounts may be deleted or suspended after a predefined period of inactivity.[7]
Some services require a software download which makes files only available on computers which have that software installed, others allow users to retrieve files through any web browser. With the increased inbox space offered bywebmailservices, many users have started using their webmail service as an online drive. Some sites offer free unlimited file storage but have a limit on the file size. Some sites offer additional online storage capacity in exchange for new customer referrals.
Many providers offer tiered storage levels, charging differently based on frequency of access and retrieval latency. There may be a different cost associated with access vs storage. For example, in a cold storage scenario, the price per GB stored over time can be very low, but it may take longer to access an item at a higher per GB retrieval cost.[8]In some cases, users may have to commit to retrieval being much higher latency as well.
One-click hosting
editOne-click hosting,sometimes referred to as cyberlocker[9]generally describesweb servicesthat allowinternetusers to easily upload one or more files from theirhard drives(or from a remote location) onto the one-click host'sserverfree of charge.
Most such services simply return aURLwhich can be given to other people, who can then fetch the file later. In many cases these URLs are predictable allowing potential misuse of the service.[10]As of 2005[update]these sites have drastically increased in popularity, and subsequently, many of the smaller, less efficient sites have failed. Although one-click hosting can be used for many purposes, this type offile sharinghas, to a degree, come to compete withP2Pfilesharingservices.[11]
The sites make money through advertising or charging for premium services such as increased downloading capacity, removing any wait restrictions the site may have or prolonging how long uploaded files remain on the site. Premium services include facilities like unlimited downloading, no waiting, maximum download speed etc. Many such sites implement aCAPTCHAto prevent automated downloading. Several programs aid in downloading files from these one-click hosts; examples areJDownloader,FreeRapid, Mipony, Tucan Manager andCryptLoad.
Use for copyright infringement
editFile hosting services may be used as a means todistribute or share fileswithout consent of the copyright owner. In such cases one individualuploadsa file to a file hosting service, which others can thendownload.Legal assessments can be very diverse.
For example, in the case ofSwiss–Germanfile hosting serviceRapidShare,in 2010 the US government's congressional international anti-piracycaucusdeclared the site a "notorious illegal site", claiming that the site was "overwhelmingly used for the global exchange of illegal movies, music and other copyrighted works".[12]But in the legal caseAtari Europe S.A.S.U. v. Rapidshare AGin Germany,[13]theDüsseldorfhigher regional court examined claims related to alleged infringing activity and reached the conclusion on appeal that "most people utilize RapidShare for legal use cases"[14]and that to assume otherwise was equivalent to inviting "a general suspicion against shared hosting services and their users which is not justified".[15]The court also observed that the site removes copyrighted material when asked, does not provide search facilities for illegal material, noted previous cases siding with RapidShare, and after analysis the court concluded that the plaintiff's proposals for more strictly preventing sharing of copyrighted material – submitted as examples of anti-piracy measures RapidShare might have adopted – were found to be "unreasonable or pointless".[13]
By contrast in January 2012 theUnited States Department of Justiceseized and shut down the file hosting siteMegauploadand commenced criminal cases against its owners and others. Theirindictmentconcluded that Megaupload differed from other online file storage businesses, suggestinga number of design featuresof itsoperating modelas being evidence showing a criminal intent and venture.[16]Examples cited included reliance upon advertising revenue and other activities showing the business was funded by (and heavily promoted) downloads and not storage, defendants' communications helping users who sought infringing material, and defendants' communications discussing their own evasion and infringement issues. As of 2014[update]the case has not yet been heard.[17][needs update]A year later, Megaupload relaunched asMega.
In 2016 the file hosting sitePutlockerhas been noted by theMotion Picture Association of Americafor being a major piracy threat,[18]and in 2012 Alfred Perry ofParamount Pictureslisted Putlocker as one of the "top 5 rogue cyberlocker services", alongside Wupload,FileServe,Depositfiles, andMediaFire.[19]
Security
editThe emergence ofcloud storageservices has prompted much discussion on security.[20]Security, as it relates to cloud storage can be broken down into:
Access and integrity security
editDeals with the question ofconfidentiality and availability,and may be expressed with questions of the kind: Will the user be able to continue accessing their data? Who else can access it? Who can change it?
Whether the user is able to continue accessing their data depends on a large number of factors, ranging from the location and quality of their internet connection, and the physical integrity of the provider's data center, to the financial stability of the storage provider (because, even if perfectly fit from a technical point of view, if the provider financially goes out of business, then its services go offline too).
The question of who can access and, potentially, change, their data, ranges from whatphysical access controlsare in place in the provider's data center to whattechnical steps have been taken,such as access control,encryption,etc.
Manycloud storage servicesstate that they either encrypt data before it is uploaded or while it is stored. While encryption is generally regarded as best practice in cloud storage[21]how the encryption is implemented is very important.
Consumer-grade, public file hosting and synchronization services are popular, but for business use, they create the concern that corporate information is exported to devices and cloud services that are not controlled by the organization.
Some cloud storage providers offer granularACLsfor application keys. One important permission isappend-only,which is distinct from simple "read", "write", and "read-write" permissions in that all existing data is immutable.[22][23]Append-only support is especially important to mitigate the risk ofdata lossforbackuppolicies in the event that the computer being backed-up becomes infected withransomwarecapable of deleting or encrypting the victim's backups.[24][25]
Data encryption
editSecret key encryption is sometimes referred to aszero knowledge,meaning that only the user has the encryption key needed to decrypt the data. Since data is encrypted using the secret key, identical files encrypted with different keys will be different. To be truly zero knowledge, the file hosting service must not be able to store the user's passwords or see their data even with physical access to the servers. For this reason, secret key encryption is considered the highest level of access security in cloud storage.[26]This form of encryption is rapidly gaining popularity, with companies such asMEGA[27](previously Megaupload) andSpiderOakbeing entirely zero knowledge file storage and sharing.[28]
Since secret key encryption results in unique files, it makesdata deduplicationimpossible and therefore may use more storage space.[29]
Convergent encryptionderives the key from the file content itself and means an identical file encrypted on different computers result in identical encrypted files.[29]This enables the cloud storage provider tode-duplicatedata blocks, meaning only one instance of a unique file (such as a document, photo, music or movie file) is actually stored on the cloud servers but made accessible to all uploaders. A third party who gained access to the encrypted files could thus easily determine if a user has uploaded a particular file simply by encrypting it themselves and comparing the outputs.[29]
Some point out that there is a theoretical possibility that organizations such as theRIAA,MPAA,or a government could obtain a warrant for US law enforcement to access the cloud storage provider's servers and gain access to the encrypted files belonging to a user.[30]By demonstrating to a court how applying the convergent encryption methodology to an unencrypted copyrighted file produces the same encrypted file as that possessed by the user would appear to make a strong case that the user is guilty of possessing the file in question and thus providing evidence ofcopyright infringementby the user.
There is, however, no easily accessible public record of this having been tried in court as of May 2013 and an argument could be made that, similar to the opinion expressed by Attorney Rick G. Sanders of Aaron | Sanders PLLC in regards to the iTunes Match "Honeypot" discussion,[31]that a warrant to search the cloud storage provider's servers would be hard to obtain without other, independent, evidence establishing probable cause for copyright infringement. Such legal restraint would obviously not apply to thesecret policeof anoppressive governmentwho could potentially gain access to the encrypted files through various forms ofhackingor othercybercrime.
Ownership security
editThis sectionneeds expansionwith: Deals with the questions: Who owns the data the user uploads? Will the act of uploading change the ownership?. You can help byadding to it.(January 2020) |
See also
editReferences
edit- ^"Share OneDrive files and folders".Microsoft Support.Archivedfrom the original on 2 June 2023.Retrieved22 April2022.
- ^Geel, Matthias."Cloud Storage: File Hosting and Synchronisation 2.0"(PDF).Archived fromthe original(PDF)on 31 July 2017.Retrieved5 August2014.
- ^Metz, Rachel (9 July 2013)."How Dropbox Could Rule a Multi-Platform World".MIT Technology Review.Retrieved5 August2014.
- ^How to transfer files from Dropbox to Google DriveArchived12 November 2016 at theWayback Machine.Retrieved 24 December 2014
- ^"Macworld".Archived fromthe originalon 13 March 2007.Retrieved7 February2007.
- ^"Introduction to Backup and Disaster Recovery | IBM".ibm.Archivedfrom the original on 5 June 2023.Retrieved8 March2023.
- ^Cahane, Amir (15 September 2021)."The Right not to Forget: Cloud Based Services Moratoriums in War Zones and Data Portability Rights".Rights to Privacy and Data Protection in Armed Conflict.SSRN3944667.Archivedfrom the original on 22 December 2021.Retrieved27 June2023.
- ^Stockton, Ben (20 November 2020)."Hot Storage vs Cold Storage in 2023: Instant Access vs Archiving".Cloudwards.Retrieved14 August2023.
- ^"Cyberlockers Take Over File-Sharing Lead From BitTorrent Sites".Archivedfrom the original on 17 July 2011.Retrieved12 July2011.
- ^Nikiforakis N., Balduzzi M. Van Acker S., Joosen W. and Balzarotti D."Exposing the Lack of Privacy in File Hosting ServicesArchived15 September 2011 at theWayback Machine
- ^Roettgers, Janko."Piracy Beyond P2P: One-Click Hosters",Retrieved: 5 January 2008.
- ^"RIAA joins congressional caucus in unveiling first-ever list of notorious illegal sites".RIAA.19 May 2010. Archived fromthe originalon 26 October 2017.Retrieved16 January2011.
- ^Roettgers, Janko (3 May 2010)."RapidShare Wins in Court".Gigaom. Archived fromthe originalon 26 February 2011.Retrieved16 January2011.Citation from ruling: "Es ist davon auszugehen, dass die weit überwiegende Zahl von Nutzern die Speicherdienste zu legalen Zwecken einsetzen und die Zahl der missbräuchlichen Nutzer in der absoluten Minderheit ist." ( "It is to be expected that the vast majority of users use the storage services for lawful purposes and the number of abusive users are in the absolute minority." ).
{{cite web}}
:CS1 maint: postscript (link) - ^From theAtari v. RapidShareruling: "entspricht einem Generalverdacht gegen Sharehoster-Dienste und ihre Nutzer, der so nicht zu rechtfertigen ist" ( "corresponds to a general suspicion against shared hosting services and their users, which is not to justify such" ).
- ^Department of Justice indictment, on theWall Street Journal's websiteArchived15 July 2012 atarchive.today– see sections 7–14.
- ^"Release For Victim NotificationUnited States v. Kim Dotcom, et al,Crim. No. 1:12CR3 (E.D. Va. O'Grady, J.) ".United States Department of Justice.Archivedfrom the original on 27 October 2014.Retrieved10 November2014.
- ^Prabhu, Vijay (17 October 2016)."Yet Another Video Streaming Service Bites The Dust, Putlocker Shuts Down".TechWorm.Archivedfrom the original on 19 October 2016.Retrieved10 November2016.
- ^Sandoval, Greg (31 March 2012)."MPAA wants more criminal cases brought against 'rogue' sites".CNET.Archivedfrom the original on 9 March 2018.Retrieved10 November2016.
- ^Jonathan Strickland (30 April 2008)."How Cloud Storage Works".How Stuff Works.Archivedfrom the original on 29 April 2013.Retrieved8 May2013.
- ^"Cloud Data Storage, Encryption and Data Protection Best Practices".Techtarget.Archivedfrom the original on 2 May 2013.Retrieved8 May2013.
- ^"BorgBase - Secure hosting for your BorgBackup Repos".BorgBase - Simple Borg Repo Hosting.Archivedfrom the original on 3 December 2019.Retrieved3 December2019.
- ^"Why Use Immutable Storage?".Wasabi.11 September 2018.Archivedfrom the original on 3 December 2019.Retrieved3 December2019.
- ^Kolodenker, E.; Koch, W.; Stringhini, G.; Egele, M. (2 April 2017).PayBreak: Defense Against Cryptographic Ransomware.ResearchGate GmbH.doi:10.1145/3052973.3053035.Archived(PDF)from the original on 22 October 2020.Retrieved5 December2023.
- ^Pont, J.; Abu Oun, O.; Brierley, C.; Arief, B.; Hernandez-Castro, J. (1 November 2019).A Roadmap for Improving the Impact of Anti-ransomware Research.ResearchGate GmbH. pp. 137–154.doi:10.1007/978-3-030-35055-0_9.Archived(PDF)from the original on 3 December 2019.Retrieved5 December2023.
- ^"5 Ways To Securely Encrypt Your Files in the Cloud".Makeuseof. 26 May 2012.Archivedfrom the original on 7 May 2013.Retrieved8 May2013.
- ^"MEGA has been designed around user-controlled end-to-end encryption. MEGA's end-to-end encryption (E2EE) paradigm enhances the overall security by providing 'privacy by design', unlike many of its competitors who only provide 'privacy by policy'".MEGA Privacy.Archivedfrom the original on 14 June 2019.Retrieved5 June2019.
- ^"SpiderOak - Zero Knowledge Privacy with Encrypted Cloud Backup".Archivedfrom the original on 9 October 2014.Retrieved29 September2014.
- ^abcStorer, Mark W.; Greenan, Kevin; Long, Darrell D. E.; Miller, Ethan L."Secure Data Deduplication"(PDF).Ssrc.ucsc.edu.Archived(PDF)from the original on 22 August 2013.Retrieved8 May2013.
- ^Brad McCarty (23 September 2011)."Bitcasa: Infinite storage comes to your desktop, but so do big questions".TheNextWeb.Archivedfrom the original on 22 July 2016.Retrieved8 May2013.
- ^Brad McCarty (16 September 2011)."Is iTunes Match a honeypot for music pirates? A copyright lawyer weighs in".TheNextWeb.Archivedfrom the original on 8 March 2016.Retrieved8 May2013.