Google Drive

[Wayne]

Quote:

Originally Posted by NeilN

Seriously? How is that any use for backups then? I expect any files stored in the cloud to be bit-identical to what I have on my hard drive.

I am wondering if that is just for streaming media directly from SkyDrive without downloading. Here is what their site says ( I wonder if the 100MB limit is still true):

Quote:

You can view H.264 (.mp4) and Windows*Media*Video (.wmv files) videos directly from SkyDrive in most web browsers. Other video formats can be uploaded to SkyDrive, but they might not play directly in a browser and might need to be downloaded to a computer. To play videos on SkyDrive in a web browser you might need to have Silverlight installed.

The videos you add to SkyDrive must be smaller than 100 MB.

[ScaryBob]

Quote:

After what happened to Mega I would think they are all scanning your files regardless of what they say.

It goes without saying that they would check for illegal activities that may implicate Google legally. Mega was targeted because it allowed unrestricted sharing of copyrighted material, not just because it hosted the files. In this case, Google is scanning contents of documents and other files and then using the information for their own purposes. I wouldn't store things like medical records, business or financial documents and other possibly sensitive information on Google Drive.

[North_of_Calgary]

That's not right at all. The key is that most of the Mega upload copyright stuff was public and generally available for download. That's what caused their problems.

The google drive or dropbox or skydrive services are all very secure. Think about what would happen if they shared just one person's sensitive or confidential file. If it got out that a single medical record or bank statement or business document was disclosed then they'd be completely sunk.

Yes they do scan your content but they do it so they can provide services to you. Most specifically "search"!!! The scanning they do is really no different in how it works than the virus scanning software on your computer. If you don't want any companies scanning your content then you better not use a virus scanning tool either.

There's way too much paranoia over the security of these services. People like scarybob wouldn't save anything sensitive there yet many will post personal info about themselves on Facebook or twitter daily. (Not meaning to imply that you use Facebook or Twitter ScaryBob - I have no idea if you do or you don't - but you did make the comment about sensitive docs and Google Drive.)

Bottom line is that the risk of anything undesirable happening to your documents on Google Drive is extremely low. And if you are security conscience then don't even sign into Facebook. And if you do make sure to clear out all of your browser cookies immediately after logging out. What they're tracking about you is what is truly frightening.

This is just like the airport security where they do body searches on 6 year olds kids and 80 year old grandmas while the Christmas underware guy who bought his ticket last minute, had no plans for when he got to Detroit, knew no one in America, had no return plans, had no luggage, and not even a jacket wth him wasn't even questioned. In other words it's misdirected security concerns and actions.

[Wayne]

Quote:

Originally Posted by North_of_Calgary

The google drive or dropbox or skydrive services are all very secure. Think about what would happen if they shared just one person's sensitive or confidential file. If it got out that a single medical record or bank statement or business document was disclosed then they'd be completely sunk.

Are you sure? Do you remember this security breach that happened 10 months ago?

Quote:

June 20, 2011 - Web-based storage firm Dropbox confirmed this afternoon that a programmer's error caused a temporary security breach that allowed any password to be used to access any user account.

http://news.cnet.com/8301-31921_3-20...word-required/

Who's to say that can't happen again?

[ScaryBob]

Quote:

The key is that most of the Mega upload copyright stuff was public and generally available for download. That's what caused their problems.

That's basically what I said. Users allowed unrestricted sharing of copyrighted files by making them publicly available for download.

Quote:

Yes they do scan your content but they do it so they can provide services to you. Most specifically "search"!!! The scanning they do is really no different in how it works than the virus scanning software on your computer. If you don't want any companies scanning your content then you better not use a virus scanning tool either.

Not quite. Google uses file scanning and data collection to provide ad services for their paying customers. That may modify search results but Googles main "product" and revenue source is ad services. The scanning of email, file sharing, searches and other public input are the way Google collects data for increasing the value of its targeted ads.

Virus scanning is completely different. It simply searches for virus signatures and other threats in files. Most A/V products scan specific file types for very specific threats, not to collect personal data. Nothing is done to collect personal data for company use, at least not by most A/V companies. There is always the possibility of Google AV in future though.

I don't use Facebook or Twitter. I tried Facebook but the noise to useful content ratio was way too high. I suspect that many people who use these services will regret it at some point. There have been instances of people being arrested or otherwise targeted due to personal information or comments posted on these and other "social" media. Remember that employers, schools, law enforcement agencies, governments and criminals may gain access to those accounts some day. They may even trick you into granting access or use pressure such requesting access as a condition of employment.

[JamesK]

Quote:

For anyone concerned about privacy issues, anything stored on Google Drive may be scanned by Google.

You can use TrueCrypt to create an encrypted folder on Google Drive.

[ScaryBob]

That's a very good idea, even though no encryption is 100% secure.

[99semaj]

I have Google drive running on my iMac, fine in one user account, but abends in another user account.

Anyone here have it workng on a single Mac with two different user accounts and two different google logins?

[North_of_Calgary]

Quote:

Originally Posted by Wayne

Are you sure? Do you remember this security breach that happened 10 months ago?



http://news.cnet.com/8301-31921_3-20...word-required/

Who's to say that can't happen again?

Yes I certainly do and yes that certainly could have been a very serious issue. However I also remember that this potentially serious situation was blown way out of proportion by the media. The reality is that according to dropbox, less than 100 user accounts were effected and zero files were downloaded from those and zero account settings modified.

So they dodged a bullet and the industry as a whole learned from that.

Is there a risk: certainly. But put that risk into proportion. We've had these services for years will millions of users and there was one potentially serious issue that ended up effecting less that 100 users. Compare that to the number of computers, laptops, iPads, or cell phones that go missing every day.

The fact is that the risk of your data going missing because of a B&E at your house is far far higher. Remember an estimated 2000 computers go missing at US airports each and every day! And trust me, if you're running Windows then if I can get physical access to your computer I can strip off your password in a heart beat and access any of your non-encrypted files. If you use a Mac or Linux, it's much more secure. And if you put your files in a TrueCrypt container (which I'd recommend) then you're also safe. But a non-encrypted Windows file is easy peasy to get if you have physical access to the computer.

So from a stolen home computer, an external HDD stolen in a B&E, a lost laptop/tablet/phone, or even a virus exploit - that's where the real risk to your data is. Compare that to the <100 users effected by that dropbox issue.

Again to draw an air travel analogy, this is just like the people who say they're nervous about or maybe don't fly at all because of plane crashes yet your odds of dieing in a car crash are far far greater.

In fact, statistically the safest way to protect your confidential files would be to only have them in a cloud storage service and not at all on your actual computer! I know you guys will all say "there's no way anyone could break into my house because it's super secure with an alarm system, 4 doverman pinchers, and an armed guard" and "I'm very careful with my laptop at the airport x-ray plus I never fly", and "my phone is tethered to my belt via a kensington lock cable", and "I'm too smart and too careful to ever get a virus". But crunch the numbers: the safest thing you could possibly do is only have your docs in Google Drive and make sure you don't sync them to your computer. Or actually only store them in an encrypted TrueCrypt container and back that up to a web/offsite service.

[j0dest3r]

I don't think skydrive will compress your video files. I know it does for pictures, but you can UN-check the box that says to compress. Sadly I haven't found a way to UN-check by default.

[j0dest3r]

Quote:

if you're running Windows then if I can get physical access to your computer I can strip off your password in a heart beat and access any of your non-encrypted files. If you use a Mac or Linux, it's much more secure.

How is it more secure?

http://www.mediafour.com/products/macdrive/

[North_of_Calgary]

^ Well in that case, that just makes my points to ScaryBob and Wayne that much stronger.

The statistics are what they are. And the analogy of the people who are scared to fly is just about perfect as I'm sure that almost 100% of the people who are afraid to fly travel in a car or are on a road in one way or another (i.e. on a bus, as a pedestrian, or on a bike) almost every single day. And back to the topic at hand, 10's of thousands of computers stolen every single day in N.A. yet < 100 people effected by an online storage data breach ever.

The numbers are what they are. The history is what it is. Everyone just has the "it will never happen to me" mentality when they save a file on their computer or hop into the car for a quick trip to the store. And the fear of "oh it would be an absolutely terrible & horrible disaster that I certainly wouldn't want to be part of" fear of being in a major plane crash or online security breach.

This is simply another case of fear over-riding probability. It's been said many times that if you want to minimize your chances of being killed by traveling you should stay on a plane for your entire life. And similarly I'll say the same that I've said before that if you want to minimize your chances of your sensitive documents being compromised you should store them only online and never on your local computer.

The reality is that no-one stays on a plane their entire life and no-one stores 100% of their docs only online. But we shouldn't be afraid of perception in place of facts.

Wayne/Scary, further thoughts?

[Wayne]

I am not particularly paranoid about security but I am somewhat careful about what I upload to the cloud or Social Networking sights. I do use Facebook, Twitter and LinkedIn but not extensively - my HTPC Tweets far more than I do.

I use Dropbox (and Box and SkyDrive and now GoogleDrive) a bit but I am careful what I upload there. My point about the Dropbox breach was that oftentimes these companies may not take secuirty as seriously as they should.

My bigger worry is about how lax many organizations are about security, including customers. How many times have you been asked for your date of birth, address and postal code to verify your identity? This info is pretty easy to get, especially if you have a listed phone num. And if you are on Facebook then people can see when it is your birthday when you get greetings from your friends.

[michelkenny]

Quote:

Originally Posted by JamesK

You can use TrueCrypt to create an encrypted folder on Google Drive.

Better yet use Cloudfogger or BoxCryptor for transparent encryption to your cloud drive. I use Cloudfogger, it's free and works great.

[JamesK]

^^^^
Both of those create a local encrypted drive that contains the files, just like TrueCrypt.