File-hosting service: Difference between revisions
Requestion (talk | contribs) rm linkspam. Wikipedia is WP:NOT a linkfarm. |
No edit summary Tags: Visual edit Mobile edit Mobile web edit |
||
| Line 1: | Line 1: | ||
{{short description|Internet hosting service for user files}} |
|||
{{Mergefrom|Online media center|date=December 2006}} |
|||
{{Use dmy dates|date=March 2023}} |
|||
{{internet hosting}} |
|||
A '''file hosting service''' or '''online file storage service''' is an [[Internet hosting service]] specifically designed to host static content, typically large files that are not web pages. Typically they allow [[WWW|web]] and [[File Transfer Protocol|FTP]] access. They can be optimized for serving many users (as is implied by the term "hosting") or be optimized for single-user storage (as is implied by the term "storage"). Related services are [[video sharing]], [[virtual storage]] and [[remote backup service|remote backup]]. |
|||
A '''file-hosting service''', also known as '''cloud-storage service''', '''online file-storage provider''', or '''cyberlocker''', is an [[internet]] hosting service specifically designed to host user [[Computer file|files]]. These services allow users to [[upload]] files that can be accessed over the internet after providing a username and password or other [[authentication]]. Typically, file hosting services allow [[HTTP|HTTP access]], and in some cases, [[File Transfer Protocol|FTP access]]. Other related services include content-displaying hosting services (i.e. [[Video hosting service|video]] and [[image hosting service|image]]), virtual storage, and [[Remote backup service|remote backup]] solutions. |
|||
==Uses== |
|||
=== Software file hosting === |
|||
[[Shareware]] authors often use file hosting services to serve their software. The inherent problem with free downloads is the huge bandwidth cost. These hosts also offer additional services to the authors like statistics or other marketing features. |
|||
==Uses== |
|||
=== Personal file storage === |
=== Personal file storage === |
||
{{Further|Comparison of file hosting services}} |
|||
Personal file storage services are aimed at private individuals, offering a sort of "network storage" for personal backup, file access, or file distribution. Users can upload their files and share them publicly or keep them password-protected. |
|||
Personal file storage services are designed for private individuals to store and access their files online. Users can upload their files and share them publicly or keep them password-protected.<ref>{{Cite web |title=Share OneDrive files and folders |url=https://support.microsoft.com/en-us/office/share-onedrive-files-and-folders-9fcc2f7d-de0c-4cec-93b0-a82024800c07 |access-date=2022-04-22 |website=Microsoft Support |archive-date=2 June 2023 |archive-url=https://web.archive.org/web/20230602174124/https://support.microsoft.com/en-us/office/share-onedrive-files-and-folders-9fcc2f7d-de0c-4cec-93b0-a82024800c07 |url-status=live }}</ref> |
|||
Document-sharing services allow users to share and collaborate on document files. These services originally targeted files such as [[PDF]]s, [[word processor]] documents, and [[spreadsheet]]s.<ref>{{cite web |last1=Geel |first1=Matthias |title=Cloud Storage: File Hosting and Synchronisation 2.0 |url=http://www.vis.ethz.ch/de/visionen/pdfs/2012/visionen_2012_3.pdf?end=15&start=11 |url-status=dead |archive-url=https://web.archive.org/web/20170731064101/http://www.vis.ethz.ch/de/visionen/pdfs/2012/visionen_2012_3.pdf?end=15&start=11 |archive-date=31 July 2017 |access-date=5 August 2014}}</ref> However many remote file storage services are now aimed at allowing users to share and synchronize all types of files across all the devices they use. |
|||
Prior to the advent of personal file storage services, off-site backup services were not typically affordable for individual and [[Small office/home office|SOHO]] computer users. |
|||
===File sync and sharing services=== |
|||
See [[Comparison of one-click hosters]]. |
|||
[[File synchronization|File syncing]] and sharing services allow users to create special folders on each of their computers or mobile devices, which are then synchronized across all devices. Files placed in this folder can be accessed through a website or mobile app and easily shared with others for viewing or collaboration.<ref>{{cite magazine|last1=Metz|first1=Rachel|title=How Dropbox Could Rule a Multi-Platform World|url=http://www.technologyreview.com/news/516951/how-dropbox-could-rule-a-multi-platform-world/|magazine=MIT Technology Review|access-date=5 August 2014|date=9 July 2013}}</ref> |
|||
Consumer products such as [[OneDrive]] and [[Google Drive]] have made file hosting and sharing more accessible and popular for personal and business use.<ref>[http://www.download3k.com/articles/MultCloud-Review-Manage-multiple-cloud-services-search-and-transfer-between-them-00949 How to transfer files from Dropbox to Google Drive] {{Webarchive|url=https://web.archive.org/web/20161112080428/http://www.download3k.com/articles/MultCloud-Review-Manage-multiple-cloud-services-search-and-transfer-between-them-00949 |date=12 November 2016 }}. Retrieved 24 December 2014</ref> |
|||
=== Content caching === |
=== Content caching === |
||
Content providers who |
Content providers who encounter bandwidth congestion issues may use [[Content delivery network|specialized services for distributing cached or static content]]. This is especially common for companies with a major internet presence.<ref>{{cite web|url=http://www.macworld.com/news/2004/06/15/akamai/|title=Macworld.com|access-date=7 February 2007|archive-url=https://web.archive.org/web/20070313001736/http://www.macworld.com/news/2004/06/15/akamai/|archive-date=13 March 2007|url-status=dead}}</ref> |
||
=== Backup and disaster recovery === |
|||
==Storage== |
|||
Many businesses use file hosting services as part of their backup and disaster recovery strategies. By storing copies of important files offsite in a secure [[data center]], they can quickly recover from data loss due to hardware failure, [[natural disaster]]s, or other unexpected events.<ref>{{Cite web |title=Introduction to Backup and Disaster Recovery {{!}} IBM |url=https://www.ibm.com/topics/backup-disaster-recovery |access-date=2023-03-08 |website=www.ibm.com |language=en-us |archive-date=5 June 2023 |archive-url=https://web.archive.org/web/20230605080204/https://www.ibm.com/topics/backup-disaster-recovery |url-status=live }}</ref> |
|||
Most online file storage services offer space on a per-[[gigabyte]] basis — some offer the service for free, relying on advertising revenue. Some services require a software download which makes files only available on computers which have that software installed. Some services allow users to retrieve files through any web browser. With the increased inbox space offered by [[webmail]] services, many users have started using their webmail service as an online drive. Some sites offer free unlimited file storage but have a limit on the file size. |
|||
== |
==Storage charges== |
||
Some online file storage services offer space on a per-[[gigabyte]] basis, and sometimes include a [[Bandwidth (computing)|bandwidth]] cost component as well. Usually these will be charged monthly or yearly. Some companies offer the service for free, relying on advertising revenue.{{citation needed|date=August 2014}} Some hosting services do not place any limit on how much space the user's account can consume. Non-paying users' accounts may be deleted or suspended after a predefined period of inactivity.<ref>{{Cite journal |last=Cahane |first=Amir |title=The Right not to Forget: Cloud Based Services Moratoriums in War Zones and Data Portability Rights |url=https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3944667 |journal=Rights to Privacy and Data Protection in Armed Conflict |date=15 September 2021 |ssrn=3944667 |access-date=27 June 2023 |archive-date=22 December 2021 |archive-url=https://web.archive.org/web/20211222192512/https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3944667 |url-status=live }}</ref> |
|||
{{unreferenced|article|date=December 2006}} |
|||
<references /> |
|||
Some services require a software download which makes files only available on computers which have that software installed, others allow users to retrieve files through any web browser. With the increased inbox space offered by [[webmail]] services, many users have started using their webmail service as an online drive. Some sites offer free unlimited file storage but have a limit on the file size. Some sites offer additional online storage capacity in exchange for new customer referrals. |
|||
<!-- READ THIS FIRST: |
|||
Many providers offer tiered storage levels, charging differently based on frequency of access and retrieval latency. There may be a different cost associated with access vs storage. For example, in a cold storage scenario, the price per GB stored over time can be very low, but it may take longer to access an item at a higher per GB retrieval cost.<ref>{{Cite web |last=Stockton |first=Ben |date=2020-11-20 |title=Hot Storage vs Cold Storage in 2023: Instant Access vs Archiving |url=https://www.cloudwards.net/hot-storage-vs-cold-storage/ |access-date=2023-08-14 |website=Cloudwards |language=en}}</ref> In some cases, users may have to commit to retrieval being much higher latency as well. |
|||
Do not add commercial links here. Almost all links added here are immediately removed. |
|||
==One-click hosting== |
|||
--> |
|||
'''One-click hosting''', sometimes referred to as cyberlocker<ref>{{cite web|url=http://torrentfreak.com/cyberlockers-take-over-file-sharing-lead-from-bittorrent-sites-110111/|title=Cyberlockers Take Over File-Sharing Lead From BitTorrent Sites|access-date=2011-07-12|archive-date=17 July 2011|archive-url=https://web.archive.org/web/20110717102409/http://torrentfreak.com/cyberlockers-take-over-file-sharing-lead-from-bittorrent-sites-110111/|url-status=live}}</ref> generally describes [[web service]]s that allow [[internet]] users to easily upload one or more files from their [[hard disk drive|hard drive]]s (or from a remote location) onto the one-click host's [[Server (computing)|server]] free of charge. |
|||
Most such services simply return a [[Uniform Resource Locator|URL]] which can be given to other people, who can then fetch the file later. In many cases these URLs are predictable allowing potential misuse of the service.<ref>Nikiforakis N., Balduzzi M. Van Acker S., Joosen W. and Balzarotti D. [http://www.usenix.org/event/leet11/tech/full_papers/Nikiforakis.pdf "Exposing the Lack of Privacy in File Hosting Services] {{Webarchive|url=https://web.archive.org/web/20110915154356/http://www.usenix.org/event/leet11/tech/full_papers/Nikiforakis.pdf |date=15 September 2011 }}</ref> {{As of|2005}} these sites have drastically increased in popularity, and subsequently, many of the smaller, less efficient sites have failed. Although one-click hosting can be used for many purposes, this type of [[file sharing]] has, to a degree, come to compete with [[Peer-to-peer|P2P]] [[filesharing]] services.<ref>Roettgers, Janko. [https://web.archive.org/web/20130603125434/http://gigaom.com/2007/06/17/one-click-hosters/ "Piracy Beyond P2P: One-Click Hosters"], Retrieved: 5 January 2008.</ref> |
|||
[[Category:Internet hosting]] |
|||
[[Category:Computer storage]] |
|||
The sites make money through advertising or charging for premium services such as increased downloading capacity, removing any wait restrictions the site may have or prolonging how long uploaded files remain on the site. Premium services include facilities like unlimited downloading, no waiting, maximum download speed etc. Many such sites implement a [[CAPTCHA]] to prevent automated downloading. Several programs aid in downloading files from these one-click hosts; examples are [[JDownloader]], FreeRapid, Mipony, Tucan Manager and [[CryptLoad]]. |
|||
[[ja:オンラインストレージ]] |
|||
== Use for copyright infringement == |
|||
Increasingly organizations are recognizing the benefits of colocating their mission-critical equipment within a data centre. Colocation is becoming popular because of the time and cost savings a company can realize as result of using shared data centre infrastructure. Significant benefits of scale (large power and mechanical systems) result in large colocation facilities, typically 50,000 to 100,000 square feet. With IT and communications facilities in safe, secure hands, telecommunications, internet, [[Application service provider|ASP]] and content providers, as well as enterprises, enjoy less latency and the freedom to focus on their core business. |
|||
{{main|File sharing|Legal aspects of file sharing}} |
|||
File hosting services may be used as a means to [[File sharing|distribute or share files]] without consent of the copyright owner. In such cases one individual [[upload]]s a file to a file hosting service, which others can then [[download]]. Legal assessments can be very diverse. |
|||
For example, in the case of [[Switzerland|Swiss]]{{En dash}}[[Germany|German]] file hosting service [[RapidShare]], in 2010 the US government's congressional international anti-[[Copyright infringement#"Piracy"|piracy]] [[caucus]] declared the site a "notorious illegal site", claiming that the site was "overwhelmingly used for the global exchange of illegal movies, music and other copyrighted works".<ref>{{cite web|url=http://systema.in/blog/2010/05/riaa-unveils-list-of-notorious-illegal-sites/|title=RIAA joins congressional caucus in unveiling first-ever list of notorious illegal sites|date=2010-05-19|publisher=[[RIAA]]|access-date=2011-01-16|archive-date=26 October 2017|archive-url=https://web.archive.org/web/20171026001341/http://systema.in/blog/2010/05/riaa-unveils-list-of-notorious-illegal-sites/|url-status=dead}}</ref> But in the legal case ''Atari Europe S.A.S.U. v. Rapidshare AG'' in Germany,<ref name="atari v rapidshare">Legal case: OLG Dusseldorf, Judgement of 22.03.2010, Az I-20 U 166/09 dated 22 March 2010.</ref> the [[Düsseldorf]] higher regional court examined claims related to alleged infringing activity and reached the conclusion on appeal that "most people utilize RapidShare for legal use cases"<ref>{{cite web|last=Roettgers|first=Janko|title=RapidShare Wins in Court|url=http://gigaom.com/video/rapidshare-wins-in-court/|publisher=Gigaom.com|access-date=2011-01-16|date=2010-05-03|url-status=dead|archive-url=https://web.archive.org/web/20110226013817/http://gigaom.com/video/rapidshare-wins-in-court/|archive-date=26 February 2011|postscript=. Citation from ruling: "Es ist davon auszugehen, dass die weit überwiegende Zahl von Nutzern die Speicherdienste zu legalen Zwecken einsetzen und die Zahl der missbräuchlichen Nutzer in der absoluten Minderheit ist." ("It is to be expected that the vast majority of users use the storage services for lawful purposes and the number of abusive users are in the absolute minority.").}}</ref> and that to assume otherwise was equivalent to inviting "a general suspicion against shared hosting services and their users which is not justified".<ref>From the ''Atari v. RapidShare'' ruling: "entspricht einem Generalverdacht gegen Sharehoster-Dienste und ihre Nutzer, der so nicht zu rechtfertigen ist" ("corresponds to a general suspicion against shared hosting services and their users, which is not to justify such").</ref> The court also observed that the site removes copyrighted material when asked, does not provide search facilities for illegal material, noted previous cases siding with RapidShare, and after analysis the court concluded that the plaintiff's proposals for more strictly preventing sharing of copyrighted material – submitted as examples of anti-piracy measures RapidShare might have adopted – were found to be "unreasonable or pointless".<ref name="atari v rapidshare" /> |
|||
Additionally, customers reduce their traffic back-haul costs and free up their internal networks for other uses. Moreover, by outsourcing network traffic to a colocation service provider with greater [[bandwidth]] capacity, web site access speeds should improve considerably. |
|||
By contrast in January 2012 the [[United States Department of Justice]] seized and shut down the file hosting site [[Megaupload.com]] and commenced criminal cases against its owners and others. Their [[indictment]] concluded that Megaupload differed from other online file storage businesses, suggesting [[Megaupload#Basis of indictment|a number of design features]] of its [[business model|operating model]] as being evidence showing a criminal intent and venture.<ref name="megaupload indictment - reasons">[https://www.wsj.com/articles/SB10001424052970204616504577171180266957116 Department of Justice indictment, on the ''Wall Street Journal''{{'}}s website] {{Webarchive|url=https://archive.today/20120715035322/http://online.wsj.com/article/SB10001424052970204616504577171180266957116.html |date=15 July 2012 }} – see sections 7–14.</ref> Examples cited included reliance upon advertising revenue and other activities showing the business was funded by (and heavily promoted) downloads and not storage, defendants' communications helping users who sought infringing material, and defendants' communications discussing their own evasion and infringement issues. {{As of|2014}} the case has not yet been heard.<ref>{{cite web|title=Release For Victim Notification ''United States v. Kim Dotcom, et al'', Crim. No. 1:12CR3 (E.D. Va. O'Grady, J.)|url=https://www.justice.gov/usao/vae/megaupload.html|publisher=United States Department of Justice|access-date=10 November 2014|archive-date=27 October 2014|archive-url=https://web.archive.org/web/20141027111237/http://www.justice.gov/usao/vae/megaupload.html|url-status=live}}</ref>{{Update inline|date=June 2021|reason=Has it been heard since then?}} A year later, Megaupload.com relaunched as [[Mega (service)|Mega]]. |
|||
Major types of colocation customers are: |
|||
In 2016 the file hosting site [[Putlocker]] has been noted by the [[Motion Picture Association of America]] for being a major piracy threat,<ref>{{cite news |last=Prabhu |first=Vijay |date=17 October 2016 |title=Yet Another Video Streaming Service Bites The Dust, Putlocker Shuts Down |url=http://www.techworm.net/2016/10/putlocker-video-streaming-service-shuts.html |publisher=TechWorm |access-date=10 November 2016 |archive-date=19 October 2016 |archive-url=https://web.archive.org/web/20161019000409/http://www.techworm.net/2016/10/putlocker-video-streaming-service-shuts.html |url-status=live }}</ref> and in 2012 Alfred Perry of [[Paramount Pictures]] listed Putlocker as one of the "top 5 rogue cyberlocker services", alongside Wupload, [[FileServe]], Depositfiles, and [[MediaFire]].<ref>{{cite web |last=Sandoval |first=Greg |date=31 March 2012 |title=MPAA wants more criminal cases brought against 'rogue' sites |url=https://www.cnet.com/news/mpaa-wants-more-criminal-cases-brought-against-rogue-sites/ |publisher=[[CNET]] |access-date=10 November 2016 |archive-date=9 March 2018 |archive-url=https://web.archive.org/web/20180309012109/https://www.cnet.com/news/mpaa-wants-more-criminal-cases-brought-against-rogue-sites/ |url-status=live }}</ref> |
|||
* Web commerce companies, who use the facilities for a safe environment and cost-effective, redundant connections to the Internet |
|||
* Major enterprises, who use the facility for disaster avoidance, offsite data backup and business continuity |
|||
* Telecommunication companies, who use the facilities to interexchange traffic with other telecommunications companies and access to potential clients |
|||
== Security == |
|||
Most [[network access point]] facilities provide colocation. |
|||
The emergence of [[cloud storage]] services has prompted much discussion on security.<ref name="Howstuffworks">{{cite web | url=http://computer.howstuffworks.com/cloud-computing/cloud-storage3.htm/ | title=How Cloud Storage Works | publisher=How Stuff Works | access-date=2013-05-08 | author=Jonathan Strickland | date=30 April 2008 | archive-date=29 April 2013 | archive-url=https://web.archive.org/web/20130429091352/http://computer.howstuffworks.com/cloud-computing/cloud-storage3.htm | url-status=live }}</ref> Security, as it relates to cloud storage can be broken down into: |
|||
=== Access and integrity security=== |
|||
== Services offered == |
|||
Deals with the question of [[Information assurance|confidentiality and availability]], and may be expressed with questions of the kind: Will the user be able to continue accessing their data? Who else can access it? Who can change it? |
|||
Most colocation centres offer different types of services to customers ranging from dedicated suites/rooms or cages to smaller racks or partial racks. |
|||
Some colocation centres also offer some degree of [[Service Level Agreement|service level agreements]] to support a wide range of computer and network related services, for example, server reboots, hardware replacements and software updates. |
|||
Whether the user is able to continue accessing their data depends on a large number of factors, ranging from the location and quality of their internet connection, and the physical integrity of the provider's data center, to the financial stability of the storage provider (because, even if perfectly fit from a technical point of view, if the provider financially goes out of business, then its services go offline too). |
|||
There are a few key differences between a dedicated server and colocation servers. Dedicated servers tend to be owned and rented out, while a colocation server is one that the client owns. |
|||
The question of who can access and, potentially, change, their data, ranges from what [[physical access control]]s are in place in the provider's data center to what [[Data center security|technical steps have been taken]], such as access control, [[encryption]], etc. |
|||
== Trivia == |
|||
Some colocation centres feature a "[[meet-me-room]]" where the different carriers housed in the centre can efficiently exchange data. |
|||
Many [[cloud storage service]]s state that they either encrypt data before it is uploaded or while it is stored. While encryption is generally regarded as best practice in cloud storage<ref name="Techtarget">{{cite web | url=http://searchcloudsecurity.techtarget.com/resources/Cloud-Data-Storage-Encryption-and-Data-Protection-Best-Practices | title=Cloud Data Storage, Encryption and Data Protection Best Practices | publisher=Techtarget.com | access-date=2013-05-08 | archive-date=2 May 2013 | archive-url=https://web.archive.org/web/20130502073605/http://searchcloudsecurity.techtarget.com/resources/Cloud-Data-Storage-Encryption-and-Data-Protection-Best-Practices | url-status=live }}</ref> how the encryption is implemented is very important. |
|||
Most [[peering]] points sit in colocation centres. |
|||
Consumer-grade, public file hosting and synchronization services are popular, but for business use, they create the concern that corporate information is exported to devices and cloud services that are not controlled by the organization. |
|||
These sites are often used for [[web hosting]]. |
|||
Some cloud storage providers offer granular [[Access-control list|ACLs]] for application keys. One important permission is [[Comparison of file hosting services#cite note-append-only-2|append-only]], which is distinct from simple "read", "write", and "read-write" permissions in that all existing data is immutable.<ref>{{Cite web|url=https://www.borgbase.com/|title=BorgBase - Secure hosting for your BorgBackup Repos|website=BorgBase - Simple Borg Repo Hosting|access-date=3 December 2019|archive-date=3 December 2019|archive-url=https://web.archive.org/web/20191203113838/https://www.borgbase.com/|url-status=live}}</ref><ref>{{Cite web|url=https://wasabi.com/blog/use-immutable-storage/|title=Why Use Immutable Storage?|date=11 September 2018|website=Wasabi|access-date=3 December 2019|archive-date=3 December 2019|archive-url=https://web.archive.org/web/20191203113834/https://wasabi.com/blog/use-immutable-storage/|url-status=live}}</ref> Append-only support is especially important to mitigate the risk of [[data loss]] for [[backup]] policies in the event that the computer being backed-up becomes infected with [[ransomware]] capable of deleting or encrypting the victim's backups.<ref name=PB_1>{{cite book| title=PayBreak: Defense Against Cryptographic Ransomware| author1=Kolodenker, E.| author2=Koch, W.| author3=Stringhini, G.| author4=Egele, M.| url=https://www.researchgate.net/publication/315862748_PayBreak_Defense_Against_Cryptographic_Ransomware| publisher=ResearchGate GmbH| date=2 April 2017| |
|||
Most colocation centres have high levels of physical security and multiple redundant power and humidity / air-conditioning systems. |
|||
access-date=5 December 2023| doi=10.1145/3052973.3053035| archive-url=https://web.archive.org/web/20201022012939/https://eugenekolo.com/enwiki/static/paybreak.pdf| url-status=live| archive-date=22 October 2020}}</ref><ref name=AR_1>{{cite book| title=A Roadmap for Improving the Impact of Anti-ransomware Research| author1=Pont, J.| author2=Abu Oun, O.| author3=Brierley, C.| author4=Arief, B.| author5=Hernandez-Castro, J.| url=https://www.researchgate.net/publication/337215603_A_Roadmap_for_Improving_the_Impact_of_Anti-ransomware_Research| publisher=ResearchGate GmbH.| pages=137-154| date=1 November 2019| access-date=5 December 2023| doi=10.1007/978-3-030-35055-0_9| archive-url=https://web.archive.org/web/20191203113831/https://www.cs.kent.ac.uk/people/staff/ba284/Papers/NordSec2019.pdf| url-status=live| archive-date=3 December 2019}}</ref> |
|||
===Data encryption=== |
|||
A typical colocation centre setup would consist of the following hardware and services: |
|||
Secret key encryption is sometimes referred to as [[zero-knowledge proof|zero knowledge]], meaning that only the user has the encryption key needed to decrypt the data. Since data is encrypted using the secret key, identical files encrypted with different keys will be different. To be truly zero knowledge, the file hosting service must not be able to store the user's passwords or see their data even with physical access to the servers. For this reason, secret key encryption is considered the highest level of access security in cloud storage.<ref name="Makeuseof.com">{{cite web | url=http://www.makeuseof.com/tag/5-ways-to-securely-encrypt-your-files-in-the-cloud/ | title=5 Ways To Securely Encrypt Your Files in the Cloud | date=26 May 2012 | publisher=Makeuseof.com | access-date=2013-05-08 | archive-date=7 May 2013 | archive-url=https://web.archive.org/web/20130507025406/http://www.makeuseof.com/tag/5-ways-to-securely-encrypt-your-files-in-the-cloud/ | url-status=live }}</ref> This form of encryption is rapidly gaining popularity, with companies such as [[Mega (service)|MEGA]]<ref>{{Cite web|url=https://mega.nz/security|title=MEGA has been designed around user-controlled end-to-end encryption. MEGA's end-to-end encryption (E2EE) paradigm enhances the overall security by providing 'privacy by design', unlike many of its competitors who only provide 'privacy by policy'.|website=MEGA Privacy|access-date=5 June 2019|archive-date=14 June 2019|archive-url=https://web.archive.org/web/20190614215450/https://mega.nz/security|url-status=live}}</ref> (previously Megaupload) and [[SpiderOak]] being entirely zero knowledge file storage and sharing.<ref name="SpiderOak.com">{{cite web|url=https://spideroak.com/zero-knowledge/|title=SpiderOak - Zero Knowledge Privacy with Encrypted Cloud Backup|access-date=29 September 2014|archive-date=9 October 2014|archive-url=https://web.archive.org/web/20141009131632/https://spideroak.com/zero-knowledge/|url-status=live}}</ref> |
|||
Since secret key encryption results in unique files, it makes [[data deduplication]] impossible and therefore may use more storage space.<ref name="Secure Data Deduplication">{{cite web |title=Secure Data Deduplication |first1=Mark W. |last1=Storer |first2=Kevin |last2=Greenan |first3=Darrell D. E. |last3=Long |first4=Ethan L. |last4=Miller |url=http://www.ssrc.ucsc.edu/Papers/storer-storagess08.pdf |publisher=Ssrc.ucsc.edu |access-date=8 May 2013 |archive-date=22 August 2013 |archive-url=https://web.archive.org/web/20130822211856/http://www.ssrc.ucsc.edu/Papers/storer-storagess08.pdf |url-status=live }}</ref> |
|||
'''Building''': |
|||
*Usually built near a GlassFibre ring. |
|||
*[[Optical_fiber|Fibre]] has multiple access points into building to prevent [[Backhoe]] cuts. |
|||
*Guarded 24/7 and secured with closed circuit cameras. |
|||
*"Clean" rooms to ensure optimal running conditions for computer and network hardware. |
|||
*Empty pipe fire suppression of some sort, and/or [[VESDA|VESDA (Very Early Smoke Detection Apparatus)]] |
|||
*Relay racks, cabinets or cages to mount servers into. |
|||
[[Convergent encryption]] derives the key from the file content itself and means an identical file encrypted on different computers result in identical encrypted files.<ref name="Secure Data Deduplication" /> This enables the cloud storage provider to [[data deduplication|de-duplicate]] data blocks, meaning only one instance of a unique file (such as a document, photo, music or movie file) is actually stored on the cloud servers but made accessible to all uploaders. A third party who gained access to the encrypted files could thus easily determine if a user has uploaded a particular file simply by encrypting it themselves and comparing the outputs.<ref name="Secure Data Deduplication" /> |
|||
'''Power''': |
|||
*Connected to two or more different power stations/grids. |
|||
*Inline power backup using a system of [[uninterruptible power supply|UPS]] batteries (often with a [[diesel]] [[Auxiliary power|standby generator]]). |
|||
*Possibility to connect two different grids of power distribution to one server. |
|||
Some point out that there is a theoretical possibility that organizations such as the [[RIAA]], [[MPAA]], or a government could obtain a warrant for US law enforcement to access the cloud storage provider's servers and gain access to the encrypted files belonging to a user.<ref>{{cite web | url=https://thenextweb.com/apps/2011/09/23/bitcasa-infinite-storage-comes-to-your-desktop-but-so-do-big-questions/ | title=Bitcasa: Infinite storage comes to your desktop, but so do big questions | website=TheNextWeb.com | access-date=2013-05-08 | author=Brad McCarty | date=23 September 2011 | archive-date=22 July 2016 | archive-url=https://web.archive.org/web/20160722061307/http://thenextweb.com/apps/2011/09/23/bitcasa-infinite-storage-comes-to-your-desktop-but-so-do-big-questions/ | url-status=live }}</ref> By demonstrating to a court how applying the convergent encryption methodology to an unencrypted copyrighted file produces the same encrypted file as that possessed by the user would appear to make a strong case that the user is guilty of possessing the file in question and thus providing evidence of [[copyright infringement]] by the user. |
|||
'''Connections''': |
|||
*Because of the high concentration of servers inside a colocation centre most carriers will be interested in bringing direct connections to such buildings. |
|||
*In most cases there will be a larger [[Internet_Exchange_Point|Internet Exchange]] hosted inside a colocation centre, on which customers can connect for peering. |
|||
There is, however, no easily accessible public record of this having been tried in court as of May 2013 and an argument could be made that, similar to the opinion expressed by Attorney Rick G. Sanders of Aaron | Sanders PLLC in regards to the iTunes Match "Honeypot" discussion,<ref>{{cite web | url=https://thenextweb.com/apple/2011/09/16/is-itunes-match-a-honeypot-for-music-pirates-a-copyright-lawyer-weighs-in/ | title=Is iTunes Match a honeypot for music pirates? A copyright lawyer weighs in | website=TheNextWeb.com | access-date=2013-05-08 | author=Brad McCarty | date=16 September 2011 | archive-date=8 March 2016 | archive-url=https://web.archive.org/web/20160308035537/http://thenextweb.com/apple/2011/09/16/is-itunes-match-a-honeypot-for-music-pirates-a-copyright-lawyer-weighs-in/ | url-status=live }}</ref> that a warrant to search the cloud storage provider's servers would be hard to obtain without other, independent, evidence establishing probable cause for copyright infringement. Such legal restraint would obviously not apply to the [[secret police]] of an [[Authoritarianism|oppressive government]] who could potentially gain access to the encrypted files through various forms of [[hacker (computer security)|hacking]] or other [[cybercrime]]. |
|||
Confusingly, one company can operate a colocation centre, another can provide the bandwidth, whereas a third company would rent a cage inside the centre, renting out racks to hosting providers which would rent the servers themselves to actual clients. Any and all of those companies will claim ownership of the facility and will feature photos and descriptions of it on their web sites. At the actual physical location various ID cards with various logos will be present, including those of the company that built/rents/owns the actual building. |
|||
== |
===Ownership security=== |
||
{{Expand section|1=Deals with the questions: Who owns the data the user uploads? Will the act of uploading change the ownership? |
|||
* [[List of Data centers]] |
|||
|date=January 2020}} |
|||
* [[Comparison of one-click hosters]] |
|||
== See also == |
|||
*[[Comparison of file hosting services]] |
|||
*[[Comparison of file synchronization software]] |
|||
*[[Comparison of online backup services]] |
|||
*[[Comparison of online music lockers]] |
|||
*[[File sharing]] |
|||
*[[List of backup software]] |
|||
*[[Shared resource]] |
|||
*[[Cloud storage]] |
|||
== References == |
|||
{{Reflist|30em}} |
|||
{{File hosting service}} |
|||
{{DEFAULTSORT:File Hosting Service}} |
|||
==External links== |
|||
[[Category:File hosting| ]] |
|||
*{{dmoz|Computers/Internet/On_the_Web/Web_Applications/Storage|File hosting services}} |
|||
[[Category:Social software|File hosting]] |
|||
*[http://www.extremetech.com/article2/0,1697,2098943,00.asp Six Free Online Storage Solutions Reviewed] |
|||
[[Category:Records management]] |
|||
Latest revision as of 05:31, 14 August 2024
A file-hosting service, also known as cloud-storage service, online file-storage provider, or cyberlocker, is an internet hosting service specifically designed to host user files. These services allow users to upload files that can be accessed over the internet after providing a username and password or other authentication. Typically, file hosting services allow HTTP access, and in some cases, FTP access. Other related services include content-displaying hosting services (i.e. video and image), virtual storage, and remote backup solutions.
Uses
[edit]Personal file storage
[edit]Personal file storage services are designed for private individuals to store and access their files online. Users can upload their files and share them publicly or keep them password-protected.[1]
Document-sharing services allow users to share and collaborate on document files. These services originally targeted files such as PDFs, word processor documents, and spreadsheets.[2] However many remote file storage services are now aimed at allowing users to share and synchronize all types of files across all the devices they use.
File sync and sharing services
[edit]File syncing and sharing services allow users to create special folders on each of their computers or mobile devices, which are then synchronized across all devices. Files placed in this folder can be accessed through a website or mobile app and easily shared with others for viewing or collaboration.[3]
Consumer products such as OneDrive and Google Drive have made file hosting and sharing more accessible and popular for personal and business use.[4]
Content caching
[edit]Content providers who encounter bandwidth congestion issues may use specialized services for distributing cached or static content. This is especially common for companies with a major internet presence.[5]
Backup and disaster recovery
[edit]Many businesses use file hosting services as part of their backup and disaster recovery strategies. By storing copies of important files offsite in a secure data center, they can quickly recover from data loss due to hardware failure, natural disasters, or other unexpected events.[6]
Storage charges
[edit]Some online file storage services offer space on a per-gigabyte basis, and sometimes include a bandwidth cost component as well. Usually these will be charged monthly or yearly. Some companies offer the service for free, relying on advertising revenue.[citation needed] Some hosting services do not place any limit on how much space the user's account can consume. Non-paying users' accounts may be deleted or suspended after a predefined period of inactivity.[7]
Some services require a software download which makes files only available on computers which have that software installed, others allow users to retrieve files through any web browser. With the increased inbox space offered by webmail services, many users have started using their webmail service as an online drive. Some sites offer free unlimited file storage but have a limit on the file size. Some sites offer additional online storage capacity in exchange for new customer referrals.
Many providers offer tiered storage levels, charging differently based on frequency of access and retrieval latency. There may be a different cost associated with access vs storage. For example, in a cold storage scenario, the price per GB stored over time can be very low, but it may take longer to access an item at a higher per GB retrieval cost.[8] In some cases, users may have to commit to retrieval being much higher latency as well.
One-click hosting
[edit]One-click hosting, sometimes referred to as cyberlocker[9] generally describes web services that allow internet users to easily upload one or more files from their hard drives (or from a remote location) onto the one-click host's server free of charge.
Most such services simply return a URL which can be given to other people, who can then fetch the file later. In many cases these URLs are predictable allowing potential misuse of the service.[10] As of 2005[update] these sites have drastically increased in popularity, and subsequently, many of the smaller, less efficient sites have failed. Although one-click hosting can be used for many purposes, this type of file sharing has, to a degree, come to compete with P2P filesharing services.[11]
The sites make money through advertising or charging for premium services such as increased downloading capacity, removing any wait restrictions the site may have or prolonging how long uploaded files remain on the site. Premium services include facilities like unlimited downloading, no waiting, maximum download speed etc. Many such sites implement a CAPTCHA to prevent automated downloading. Several programs aid in downloading files from these one-click hosts; examples are JDownloader, FreeRapid, Mipony, Tucan Manager and CryptLoad.
Use for copyright infringement
[edit]File hosting services may be used as a means to distribute or share files without consent of the copyright owner. In such cases one individual uploads a file to a file hosting service, which others can then download. Legal assessments can be very diverse.
For example, in the case of Swiss–German file hosting service RapidShare, in 2010 the US government's congressional international anti-piracy caucus declared the site a "notorious illegal site", claiming that the site was "overwhelmingly used for the global exchange of illegal movies, music and other copyrighted works".[12] But in the legal case Atari Europe S.A.S.U. v. Rapidshare AG in Germany,[13] the Düsseldorf higher regional court examined claims related to alleged infringing activity and reached the conclusion on appeal that "most people utilize RapidShare for legal use cases"[14] and that to assume otherwise was equivalent to inviting "a general suspicion against shared hosting services and their users which is not justified".[15] The court also observed that the site removes copyrighted material when asked, does not provide search facilities for illegal material, noted previous cases siding with RapidShare, and after analysis the court concluded that the plaintiff's proposals for more strictly preventing sharing of copyrighted material – submitted as examples of anti-piracy measures RapidShare might have adopted – were found to be "unreasonable or pointless".[13]
By contrast in January 2012 the United States Department of Justice seized and shut down the file hosting site Megaupload.com and commenced criminal cases against its owners and others. Their indictment concluded that Megaupload differed from other online file storage businesses, suggesting a number of design features of its operating model as being evidence showing a criminal intent and venture.[16] Examples cited included reliance upon advertising revenue and other activities showing the business was funded by (and heavily promoted) downloads and not storage, defendants' communications helping users who sought infringing material, and defendants' communications discussing their own evasion and infringement issues. As of 2014[update] the case has not yet been heard.[17][needs update] A year later, Megaupload.com relaunched as Mega.
In 2016 the file hosting site Putlocker has been noted by the Motion Picture Association of America for being a major piracy threat,[18] and in 2012 Alfred Perry of Paramount Pictures listed Putlocker as one of the "top 5 rogue cyberlocker services", alongside Wupload, FileServe, Depositfiles, and MediaFire.[19]
Security
[edit]The emergence of cloud storage services has prompted much discussion on security.[20] Security, as it relates to cloud storage can be broken down into:
Access and integrity security
[edit]Deals with the question of confidentiality and availability, and may be expressed with questions of the kind: Will the user be able to continue accessing their data? Who else can access it? Who can change it?
Whether the user is able to continue accessing their data depends on a large number of factors, ranging from the location and quality of their internet connection, and the physical integrity of the provider's data center, to the financial stability of the storage provider (because, even if perfectly fit from a technical point of view, if the provider financially goes out of business, then its services go offline too).
The question of who can access and, potentially, change, their data, ranges from what physical access controls are in place in the provider's data center to what technical steps have been taken, such as access control, encryption, etc.
Many cloud storage services state that they either encrypt data before it is uploaded or while it is stored. While encryption is generally regarded as best practice in cloud storage[21] how the encryption is implemented is very important.
Consumer-grade, public file hosting and synchronization services are popular, but for business use, they create the concern that corporate information is exported to devices and cloud services that are not controlled by the organization.
Some cloud storage providers offer granular ACLs for application keys. One important permission is append-only, which is distinct from simple "read", "write", and "read-write" permissions in that all existing data is immutable.[22][23] Append-only support is especially important to mitigate the risk of data loss for backup policies in the event that the computer being backed-up becomes infected with ransomware capable of deleting or encrypting the victim's backups.[24][25]
Data encryption
[edit]Secret key encryption is sometimes referred to as zero knowledge, meaning that only the user has the encryption key needed to decrypt the data. Since data is encrypted using the secret key, identical files encrypted with different keys will be different. To be truly zero knowledge, the file hosting service must not be able to store the user's passwords or see their data even with physical access to the servers. For this reason, secret key encryption is considered the highest level of access security in cloud storage.[26] This form of encryption is rapidly gaining popularity, with companies such as MEGA[27] (previously Megaupload) and SpiderOak being entirely zero knowledge file storage and sharing.[28]
Since secret key encryption results in unique files, it makes data deduplication impossible and therefore may use more storage space.[29]
Convergent encryption derives the key from the file content itself and means an identical file encrypted on different computers result in identical encrypted files.[29] This enables the cloud storage provider to de-duplicate data blocks, meaning only one instance of a unique file (such as a document, photo, music or movie file) is actually stored on the cloud servers but made accessible to all uploaders. A third party who gained access to the encrypted files could thus easily determine if a user has uploaded a particular file simply by encrypting it themselves and comparing the outputs.[29]
Some point out that there is a theoretical possibility that organizations such as the RIAA, MPAA, or a government could obtain a warrant for US law enforcement to access the cloud storage provider's servers and gain access to the encrypted files belonging to a user.[30] By demonstrating to a court how applying the convergent encryption methodology to an unencrypted copyrighted file produces the same encrypted file as that possessed by the user would appear to make a strong case that the user is guilty of possessing the file in question and thus providing evidence of copyright infringement by the user.
There is, however, no easily accessible public record of this having been tried in court as of May 2013 and an argument could be made that, similar to the opinion expressed by Attorney Rick G. Sanders of Aaron | Sanders PLLC in regards to the iTunes Match "Honeypot" discussion,[31] that a warrant to search the cloud storage provider's servers would be hard to obtain without other, independent, evidence establishing probable cause for copyright infringement. Such legal restraint would obviously not apply to the secret police of an oppressive government who could potentially gain access to the encrypted files through various forms of hacking or other cybercrime.
Ownership security
[edit]![[icon]](/enwiki/wiki/File:Wiki_letter_w_cropped.svg){kind=small} | This section needs expansion with: Deals with the questions: Who owns the data the user uploads? Will the act of uploading change the ownership?. You can help by adding to it. (January 2020) |
See also
[edit]- Comparison of file hosting services
- Comparison of file synchronization software
- Comparison of online backup services
- Comparison of online music lockers
- File sharing
- List of backup software
- Shared resource
- Cloud storage
References
[edit]- ^ "Share OneDrive files and folders". Microsoft Support. Archived from the original on 2 June 2023. Retrieved 22 April 2022.
- ^ Geel, Matthias. "Cloud Storage: File Hosting and Synchronisation 2.0" (PDF). Archived from the original (PDF) on 31 July 2017. Retrieved 5 August 2014.
- ^ Metz, Rachel (9 July 2013). "How Dropbox Could Rule a Multi-Platform World". MIT Technology Review. Retrieved 5 August 2014.
- ^ How to transfer files from Dropbox to Google Drive Archived 12 November 2016 at the Wayback Machine. Retrieved 24 December 2014
- ^ "Macworld.com". Archived from the original on 13 March 2007. Retrieved 7 February 2007.
- ^ "Introduction to Backup and Disaster Recovery | IBM". www.ibm.com. Archived from the original on 5 June 2023. Retrieved 8 March 2023.
- ^ Cahane, Amir (15 September 2021). "The Right not to Forget: Cloud Based Services Moratoriums in War Zones and Data Portability Rights". Rights to Privacy and Data Protection in Armed Conflict. SSRN 3944667. Archived from the original on 22 December 2021. Retrieved 27 June 2023.
- ^ Stockton, Ben (20 November 2020). "Hot Storage vs Cold Storage in 2023: Instant Access vs Archiving". Cloudwards. Retrieved 14 August 2023.
- ^ "Cyberlockers Take Over File-Sharing Lead From BitTorrent Sites". Archived from the original on 17 July 2011. Retrieved 12 July 2011.
- ^ Nikiforakis N., Balduzzi M. Van Acker S., Joosen W. and Balzarotti D. "Exposing the Lack of Privacy in File Hosting Services Archived 15 September 2011 at the Wayback Machine
- ^ Roettgers, Janko. "Piracy Beyond P2P: One-Click Hosters", Retrieved: 5 January 2008.
- ^ "RIAA joins congressional caucus in unveiling first-ever list of notorious illegal sites". RIAA. 19 May 2010. Archived from the original on 26 October 2017. Retrieved 16 January 2011.
- ^ Roettgers, Janko (3 May 2010). "RapidShare Wins in Court". Gigaom.com. Archived from the original on 26 February 2011. Retrieved 16 January 2011. Citation from ruling: "Es ist davon auszugehen, dass die weit überwiegende Zahl von Nutzern die Speicherdienste zu legalen Zwecken einsetzen und die Zahl der missbräuchlichen Nutzer in der absoluten Minderheit ist." ("It is to be expected that the vast majority of users use the storage services for lawful purposes and the number of abusive users are in the absolute minority.").
{{cite web}}: CS1 maint: postscript (link) - ^ From the Atari v. RapidShare ruling: "entspricht einem Generalverdacht gegen Sharehoster-Dienste und ihre Nutzer, der so nicht zu rechtfertigen ist" ("corresponds to a general suspicion against shared hosting services and their users, which is not to justify such").
- ^ Department of Justice indictment, on the Wall Street Journal's website Archived 15 July 2012 at archive.today – see sections 7–14.
- ^ "Release For Victim Notification United States v. Kim Dotcom, et al, Crim. No. 1:12CR3 (E.D. Va. O'Grady, J.)". United States Department of Justice. Archived from the original on 27 October 2014. Retrieved 10 November 2014.
- ^ Prabhu, Vijay (17 October 2016). "Yet Another Video Streaming Service Bites The Dust, Putlocker Shuts Down". TechWorm. Archived from the original on 19 October 2016. Retrieved 10 November 2016.
- ^ Sandoval, Greg (31 March 2012). "MPAA wants more criminal cases brought against 'rogue' sites". CNET. Archived from the original on 9 March 2018. Retrieved 10 November 2016.
- ^ Jonathan Strickland (30 April 2008). "How Cloud Storage Works". How Stuff Works. Archived from the original on 29 April 2013. Retrieved 8 May 2013.
- ^ "Cloud Data Storage, Encryption and Data Protection Best Practices". Techtarget.com. Archived from the original on 2 May 2013. Retrieved 8 May 2013.
- ^ "BorgBase - Secure hosting for your BorgBackup Repos". BorgBase - Simple Borg Repo Hosting. Archived from the original on 3 December 2019. Retrieved 3 December 2019.
- ^ "Why Use Immutable Storage?". Wasabi. 11 September 2018. Archived from the original on 3 December 2019. Retrieved 3 December 2019.
- ^ Kolodenker, E.; Koch, W.; Stringhini, G.; Egele, M. (2 April 2017). PayBreak: Defense Against Cryptographic Ransomware. ResearchGate GmbH. doi:10.1145/3052973.3053035. Archived (PDF) from the original on 22 October 2020. Retrieved 5 December 2023.
- ^ Pont, J.; Abu Oun, O.; Brierley, C.; Arief, B.; Hernandez-Castro, J. (1 November 2019). A Roadmap for Improving the Impact of Anti-ransomware Research. ResearchGate GmbH. pp. 137–154. doi:10.1007/978-3-030-35055-0_9. Archived (PDF) from the original on 3 December 2019. Retrieved 5 December 2023.
- ^ "5 Ways To Securely Encrypt Your Files in the Cloud". Makeuseof.com. 26 May 2012. Archived from the original on 7 May 2013. Retrieved 8 May 2013.
- ^ "MEGA has been designed around user-controlled end-to-end encryption. MEGA's end-to-end encryption (E2EE) paradigm enhances the overall security by providing 'privacy by design', unlike many of its competitors who only provide 'privacy by policy'". MEGA Privacy. Archived from the original on 14 June 2019. Retrieved 5 June 2019.
- ^ "SpiderOak - Zero Knowledge Privacy with Encrypted Cloud Backup". Archived from the original on 9 October 2014. Retrieved 29 September 2014.
- ^ a b c Storer, Mark W.; Greenan, Kevin; Long, Darrell D. E.; Miller, Ethan L. "Secure Data Deduplication" (PDF). Ssrc.ucsc.edu. Archived (PDF) from the original on 22 August 2013. Retrieved 8 May 2013.
- ^ Brad McCarty (23 September 2011). "Bitcasa: Infinite storage comes to your desktop, but so do big questions". TheNextWeb.com. Archived from the original on 22 July 2016. Retrieved 8 May 2013.
- ^ Brad McCarty (16 September 2011). "Is iTunes Match a honeypot for music pirates? A copyright lawyer weighs in". TheNextWeb.com. Archived from the original on 8 March 2016. Retrieved 8 May 2013.
