* For files you'd like to distribute, put them into the Dropbox public folder. Generate your own short links with your own shortener.
* distribute the shortened links
* If Dropbox goes down, copy files to other webspace. Adjust URL-Shortener entries to new location.
If you don't trust Dropbox or any other file storage service, rent some webspace and sync your files there. There are a couple of 'How to build your own OpenSource Dropbox clone' recipies out there. (https://duckduckgo.com/?q=dropbox+clone). AFAIR they all suck in different regards. Simply choose the one that does the job and sucks least.
If you are not capable of doing stuff like that, then contact your friendly neighbourhood tech collective. Where to find them? Start here: http://www.hackerspaces.org . Don't ask them to do stuff for you. Ask them to teach you how to do it. Then donate. DONATE!? Yes, donate. And remember, with all the commercial services you have been cheapsurfing on, if you are not paying for it, then you are not the customer, but the product.
The interwebs have offered us the opportunity of an empowered, self organized distributed digital information society. But alas! we lazy bums are opting for the cheap consumerism solution. And on top we are whining and sobbing, when the freebies are being taken away from us.
I have little compassion for people who store their files in the cloud only.
On the other hand, one of the reasons Normal People dislike the hacker community is the prevalence of "see I told you so" and/or "bad things wouldn't happen to you if you weren't such a dumbass" culture.
The fact that a technical workaround exists for this particular brand of destructive and capricious behavior by the U.S. Federales is not, in itself, a great reason to transform the story into Yet Another Personal I.T. Teaching Moment.
The safety deposit box example is apt here. If my local bank gets busted for some shady-ass shit, and the Feds confiscate some family heirloom along with all the bricks of heroin from the bank vault, what should we demand from our government in that case?
And if we're not likely to get what we feel entitled to demand, what are our realistic options for doing something about that?
The Libertarian community has been on top pf this sort of thing for decades and would surely be able to offer a lot of "see I told you so" as well. Remember that analogy about how people said SOPA provisions were like shutting down the Ritz Carlton because occasionally politicians cheated on their wives there? Take away a few layers of class, and there have been some motels that the government has seized (or tried to sieze) because occasionally tenants would do drug deals there.
Note for the future: This adds no value to your comment, and makes you look like you're trying to spin this story in someway to benefit your political alignment.
It's a shout-out to the parent poster's use of the phrase "the hacker community" and its own attendant "I-told-you-so"-ism (which I'm pretty sure is construed as a negative). It's a community I personally completely identify with but I've read some of their work and respect certain parts of it. Here, let me write a 50-page essay on the minutae of my political views, that'll be real interesting reading for the HN people.
somehow i dropped the words 'not' out of 'a community i personally completely identify with'. I blame acute lack of caffeine. my shipment of Tonx coffee was delayed 2 days on account of MLK day and the local postal worker.
The cops at various levels do this kind of thing all the time. Let's say you shoot someone breaking into your house. Let's say it's a clean shoot - the guy was a serial killer (or whatever) and you're 100% inside the bounds of the law. The cops show up and take your gun. "We'll give it back after the investigation," they say.
Time stretches on. They investigate. The DA agrees it's a clean shoot and declines to file any charges. It's been 18 months. You ask for your gun back.
"No," they explain. And that's... all, pretty much. They have no legal right to keep it. They offer no explanation. You can always spend ten grand suing over an item worth less than $1000, but you won't and they know it.
So if you had files at Megaupload, even though (I think we agree) you have a perfect right to expect the feds to return your property, you probably shouldn't actually expect them to do so.
I don't get this. We're* quick to shoot down any arguments which equate online piracy to real world piracy, but when it's "our" files which are affected, we're quick to go back to the online-real world analogies.
*"We" might not include you, OP, so apologies. Not directed at you. Just noticing a trend.
After the countless threads about this topic, I don't get how the distinction between copying bits and deprivation of property isn't clear. If the FBI mirrored megaupload's entire data store (ala piracy), none of those tweets would exist and most people wouldn't even be aware anything happened (since copying a sequence of ones and zeroes has no quantifiable impact on one's property). I'm not defending megaupload for copyright infringement, but your allusion to hypocrisy makes no sense since these people are being denied access to their legal IP.
Probably because we* have stupendously weaker protection of our data than pirated-content-providers, be it in the form of multiple backups or the quality of the hosting. When MegaUpload went down, I doubt any software companies lost their only copies of what they were building, or any music groups completely lost their albums. An Average User™ with files on MU though...
*"we" intentionally including non-tech-savvy people.
"If my local bank gets busted for some shady-ass shit"
Except that you will probably not put your money in a bank that's widely known for being a drug dealers haven, will you?
I also am not a big fan of the "see I told you" attitude, but it seems to me that no sane person would ever put some valuable/important things on megaupload.
Of course there is not guarantee that services like icloud or dropbox will never get shut down, but they do look much more reliable than megaupload..
As others have said, "widely known" is an awfully big assumption to be granting yourself with no argument. There is a wide gulf between a user expected to competently interact with a web front end, per the features and cost/benefit directly expressed by that front end, and a user who is expected to evaluate (on what basis, exactly?) the probability with which a given Company/Ownership is likely to be obliterated by fiat.
What's worse, HN readership is arguably an upper-crust-of-savvy environment for making that sort of appeal, but imagine:
- two weeks ago, someone offers HN readers $100 bets that megaupload will get raided / shuttered / data frozen in the next two weeks
- if you take the bet, and you win (megaupload raided), you get $200 back
- if megaupload doesn't get raided, you get $90 back (i.e. you pay as much for losing the bet as a megaupload user pays to access to service)
Do you honestly think more than 10% of HN readership would have taken the bet and tried to double their money? Or would the "smart money" (and again, some of the smartest money available on the internet) been on megaupload staying up and available?
You're right, my apologies for going overboard with a non-justified argument. When I succeed in looking further than my tech-savvy like-minded friends, I fall into the trap of thinking about other people about my age.
I don't know about you, but my facebook stream has been polluted with dozens of messages crying over what happened to megaupload (and not because they had there work uploaded on it), which (wrongly, I know admit) let me to think that everybody knew about megaupload shadiness.
Now as you and others rightly pointed out, I forgot about the rest, maybe the majority of people who used in a totally legal way.
no sane person would ever put some valuable/important things on megaupload
How do we explain to sane, but non-internet-savvy, people what rules they should use to tell "safe" places to store their data from "unsafe" ones.
Megaupload took pains to not show infringing content on their home page and they did not provide a search engine that would return it. I'd ended up at the site several times and, though it set off a few of my red flags, I can't really explain why.
This is what I usually tell non-tech-savy people to do. "Remember to make backups" seems to be too abstract and thus they tend to procrastinate the "make backup" topic away.
"Copy your important stuff to at least one other place, be it an external hard disk, a USB-Stick, a DVD or an online storage service."
And then I usually configure Dropbox for them and show them how to use it. And I tell them not to put sensitive information like online banking PINs on there. And tell them that I can also show them a way to further secure the data with TrueCrypt.
But some are even resistant to this. I don't bother pushing them, because I know they will lose data at some point. When that happens I "told you so" them once and after having a good laugh at their dangling unmentionables I help them setting up backup/redundant storage.
A great answer...but to a slightly different question.
Which, I think, confirms my suspicion that with both financial institutions and websites it's probably impossible to explain to nonexperts how to judge their credibility.
I think you overestimate the "common" knowledge that Megupload is used for illegal file sharing. I can bet you that 90% of my parents' friends have no idea.
And remember, with all the commercial services you have been cheapsurfing on, if you are not paying for it, then you are not the customer, but the product.
Also realize that Dropbox's architecture leaves an evidentiary trail - nothing is ever actually deleted from your account. If you upload anything copyrighted, you have opened yourself up to the possibility of being sued or prosecuted for copyright infringement. For most, that's a minuscule chance, but it exists and you have no ability to delete your history - http://forums.dropbox.com/topic.php?id=48975
Dropbox has builtin 30 day history for everyone, through the web interface. You're saying they keep track of things indefinitely (when you haven't purchased that addon)? Do you have a citation for that?
Yes you can. If you delete an item from your Dropbox you can see it by choosing "Show deleted files" from here you can choose to permanently delete the file. In my testing this also removes any trace of the file ever being created from Events. While Dropbox certainly could be keeping an undeletable log of everything you ever upload, there is no evidence that they are doing so.
While Dropbox certainly could be keeping an undeletable log of everything you ever upload, there is no evidence that they are doing so.
It is safer to assume that they are than to assume they are not. Maybe they got an NSL with a gag order that requires them to silently store logs indefinitely. There's no way of knowing, so just assume that's the case and plan accordingly (e.g. don't upload embarrassing college photos that would cause you problems if the upload logs were hacked and released to the public).
In Germany it is allowed to make a small number of copies for friends and family (Privatkopie). So if I transfer a song to DB for a friend, the evidentary trail will also show that the file has only been downloaded very few time, which is legal.
Wow, that's actually a very nice law. And yet, despite reading a bunch of threads about copyright, this is the first time I've run into it. I wonder why something like this doesn't get brought up more often.
Of course the copyright industry is trying to kill this law and is undermining it by running ads that constantly repeat that copying is illegal. Lots of people in Germany have no idea that they are legally allowed to make a small number of copies (up to seven) for personal purposes.
It is even allowed to make a copy of a copy. So if I recieve a song from a friend, I am allowed to give it to a couple of my friends. But I am not allowed to simply seed it to strangers through anonymous filesharing.
You can change your last sentence to be about anything a consumer buys though.
"Why should consumers have to know the healthy food? All they want is to pay for a solution to their hunger."
"Why should consumers have to know which cars have good gas mileage? All they want is to pay for a form of transport."
Because there are advantages to consumers in being knowledgeable about what they buy. Like knowing your cloud storage isn't (and can never be) perfectly reliable.
I don't care how cars work, I trust the mechanic to fix the problem.
I don't care how the financial markets work - I trust my 401k to pay for my retirement.
Life is far too short for me to want to know about things that don't interest me. One of the points of an advanced society is that we can pay people to do things for us.
People shouldn't have to second guess every professional service they use. Maybe it's time to add legal guarantees to the cloud?
"Maybe it's time to add legal guarantees to the cloud?"
So... Lets make it illegal for a site to lose your data by being shut down by the FBI? Seriously though, is it really a good idea to make more (artificial and unsolvable) problems for cloud service providers to worry about?
If I was driving in the desert, of course I would learn how to fix a car. You might as well have said, "if you go scuba diving don't whine if you get decompression sickness while surfacing". What a really bad analogy.
Where do you draw the line? Do you make your own yoghurt? What about milk your own cows? I very much doubt you do that. My time is valuable enough that I'm comfortable paying people to do these things for me.
If person A offers a service to person B, there needs to be some level of trust and expectation. In this instance, the government is responsible for destroying people's assets and I hope they get sued to oblivion for screwing up. Other times, companies are at fault.
Gotta love the Libertarian mindset that appears to prevail here. Sheesh.
My time is valuable enough that I'm comfortable paying people to do these things for me.
I think it's still worthwhile to have a superficial understanding of the services you buy, as this allows you to maximize the value of your dollar and avoid getting fleeced.
They're not going to be able to get around the fact that the third-party they're entrusting their files to don't care about their data as much as they do. Its not a technology problem. You could pay more for a service that has a contract with an SLA, but all that does is give you legal recourse if they do lose your data. It doesn't mean that they're actually protecting it.
Today it was the Feds. Tomorrow, it could just be a poorly run company going out of business. Or a massive failure in a technology stack without redundancy. Consumers can't reasonably predict these sorts of thing, so the only reasonable course of action is to keep redundant copies of your data. Use SpiderOak and sync a few computers. Get an External HD.
So what the consumer should take away is that they shouldn't trust a third-party with the only copy of their unrecoverable data. The fact that they don't want to care doesn't mean that they shouldn't or that they can actually not care.
Welcome to the cloud indeed. And what we discovered that just coping data to your home computer in a format which can be used back in some other cloud services is gettings harder and harder as virtualization of data and information increases. And you need to upload all that data again...
So the right solution is to have your (important) data replicated in a couple of different cloud services (Google Docs replicated with Dropbox, etc.).
That is reason I started cloudHQ: just sync and replicate data between cloud services in real time. Nothing sexy: but fast and reliable.
Because if you use your own shortener, then you can switch the storage without breaking the links. And using you own domain and service gives you control.
Obviously this only works when you use your own personal URL-Shortener and not one of the ubiqious cost free shortening services like bit.ly et.al.
This is not a welcome to the cloud, this is a welcome to the crappy legislature. Dropbox provides 2gb free, how much time will it take to have a megaupload v0.2?
Cloud storage providers can go down for different reasons. Crappy legislature is one of them. If you entrust your valuable data exclusively to one provider without having copies and/or backups somewhere else, you are doing it wrong.
I agree. It's 2012 for God's sake, How times do you have to see the commercials and ads about not backing your stuff up before you get a clue?? I would also add if you think using shady file serving companies to store your legitimate files is a good idea, then you're also doing it wrong.
So basically police raided and closed off post office and now they feel entitled to hold and read throuh all letters and all the security deposits of random people because they have a valid suspicion that some of them contain cd's with copied music?
I agree with the sentiment, but in this case, the police raided a private business with probable cause, and will hold all assets of that business as possible evidence in a criminal investigation. If your car is found full of drugs, they will also impound it and inconvenience the other possibly innocent passengers. If they find a body in a storage facility, they will probably deny everyone else access to the facility until they have gathered all the evidence they need.
If your car is found full of drugs, they will also impound it and inconvenience the other possibly innocent passengers.
While we're coming up with analogies, this seems more like impounding all the other cars in a public parking lot because a percentage of them had drugs.
If they find a body in a storage facility, they will probably deny everyone else access to the facility until they have gathered all the evidence they need.
Shutting down MegaUpload isn't to "gather evidence", it's a punitive, open-ended action.
But if you knew 60% of the cars had drugs, and knew the parking attendants were mixing in drug and non-drug bearing cars to hide the cars with drugs, then I suspect you could get a warrant from a judge.
That's a reasonable argument to make, but there's a difference between a temporary inconvenience and permanently losing data. It's not yet clear which of those this will be.
Unless the MegaUpload business continues to operate somehow, I can't imagine how they would allow people to access their data once again. Would the police run the business so that people can get their data back? Hard to imagine them absorbing the cost of doing that.
Try to avoid metaphors when dealing with the Internet. It doesn't help understand the situation and just spawns the inevitable thread in which people argue about which inapplicable metaphor is the least inapplicable.
The Feds confiscated a cloud storage service used for both lots of copyright infringement and lots of valid files. The situation isn't so complicated to understand that we need metaphors anyhow.
The problem we're dealing with is not understanding the mechanics of what's going on, but of the legality of it. That's why we reach for the metaphors: to relate it to something that has legal precedence.
Police raided a warehouse used for storing alcohol by Al Capone and various other bootleggers. It just so happens that numerous other people used the same warehouse for storing their entirely legitimate possessions. The raid occurred as it did because the warehouse owners had full knowledge that their warehouse was storing illegal merchandise and looked the other way as they were paid handsomely by Al Capone and the other bootleggers for their services.
While police investigate the warehouse's dealings with Al Capone, others are unfortunately inconvenienced as their belongings are inaccessible. Those who had legitimate possessions in storage should question why the warehouse owners put their belongings in jeopardy by knowingly storing illegal material rather than taking responsible measures to curb illegal use.
That makes sense, if MegaUpload ever goes back up again - doubtful. That makes sense, if the feds return people's private intellectual property - doubtful.
This is more like the FBI burning the warehouse to the ground, with everyone's stuff still inside.
In a physical warehouse, keeping people's property would be considered theft as it deprives them of the property. In this case, it's only a copy of the data so there is no theft.
The feds didn't create a copy, they seized possession of an existing copy and took it offline. That actually deprived users of the contents (at least those who didn't have another copy elsewhere).
If you've a militaristic mindset, and there's a bad guy in the warehouse, this is exactly what happens. A siege mentality, and the simplicity and effectiveness of execution reinforce the approach.
Not only that, but the owners were making money (gasp) by charging users to send letters! And if you want your letter sent really fast, you had to pay extra.
Not that I think this analogy holds, but I believe they would have the right, unless there is an international treaty that forbids them from doing so. That's what sovereignty is about. It is a privilege to use a US airport for this purpose, not a right.
Let's use the example of of a private logistics company who is suspected of say drug smuggling (as in that's their primary business and the logistics part is just a cover to hide drugs among large numbers of packages), should the police only open packages which they're sure of being drugs or would they be remiss in not investigating the other packages which statistically speaking are likely to contain drugs ?
It depends where you live.
In a world where privacy is valued they should not open the other packages if they don't have a valid reason (backed up by a court order).
If you start thinkging that "statistically speaking" is a valid reason to violate someone privacy then you are opening a scary pandora's box.
That's my main concern. That all the communication that was going through there now is in hands of police and that they feel entitled to read it all. Isn't there some laws in the US that ensure confidentiality of communication unless theres criminal investigation against you?
Ignoring the backing-up data issue, this seizing of sites raises a couple of questions. I had never used Megaupload and I don't have a clue about what that site did. Assumming, I had stored a bunch of files on Megaupload:
1. Shouldn't the Feds return my files? After all those files are my property. Irrespective of whether or not I had back ups, what gives the Feds the right to seize my property indefinitely.
2. Does seizing the site, give the Feds the right to read through my files? what if I had been working on the next big super-duper idea, and they steal my ideas?
3. Would the 'unreasonable search & seizure' amendment apply to people's files?
These questions would apply to all cloud-storage companies. Can someone with more legal experience shed some light?
> 2. Does seizing the site, give the Feds the right to read through my files? what if I had been working on the next big super-duper idea, and they steal my ideas?
Regardless of precise laws (it will take years to make a precedent) it would seem extremely naive to assume that anything you upload could and will not be read by the federal authorities, or others (megaupload owners, some guy at your ISP, etc.)... This is one of the major issues with using 'the cloud' as a platform for anything sensitive, and doesnt get enough attention.
As a side note I can see several people in this discussion refer to files as 'property'. While you may have intellectual property rights over the content of the files the only actual property is servers and HDDs which you certainly do not own. I don't think the FBI has taken anyone's property except Megauploads.
Would the 'unreasonable search & seizure' amendment apply to people's files?
I would speculate: no. Once something was uploaded to megaupload, it was made available for download to anyone with the url for the file.
If the file is public, its going to be very very hard to successfully argue that a LEO looking at it constitutes an unreasonable search.
There may have been no comfortable file navigation tools built into megaupload, but I believe they would still be considered 'public' by nature of the fact anyone could download them.
edit: I'm assuming that the public nature of the files would be the best choice to argue that it is not a unreasonable search. Of course there may still be reasonable searches if they're not public, but I think one could make a case that the files were public. Is this what you're disagreeing about?
I used it to store embedded linux distro images that I made up for flash cards. 250meg each. Now I've got a bunch of broken links and some work to do. Looks like I'm going to have to suffer through all of Rapidshare's junk now.
If they don't happen to have some condition which makes them hard to use for your situation, I would recommend http://www.mediafire.com. I've not used them as an uploader myself, but to me they seem to have the cleanest, most modern interface and no annoying timers for downloading and so on. That should be encouraged.
Isn't that replacing one dubious service with another though? Right now, I'd imagine that something akin to Amazon S3 is the only reliable solution, and even then I bet they have their fair share of infringing material stored.
It's quite the rabbit hole the FBI have gone down with this action.
They don't have the shady history that Megaupload did, and appear to actually comply with DMCA-requests. That will hopefully keep them safe for a while. If it doesn't, hosting files for "everyone" is a doomed business.
Megaupload complied extremely quickly with DCMA requests by all reports. The non-compliance cited in the indictment appears to be somewhat of a technicality - at worst, only removing links instead of the file. Are you sure Mediafire complies more zealously than Megaupload did?
I don't understand why you view removing the links and not the content as a technicality and not the crux of the issue. If you're ordered to remove content from your servers and do not do so, it's unsurprising that you aren't really complying with the DMCA.
Removing links isn't the same as removing content.
Re-reading the DMCA yesterday was the first time I realized that it actually does require a service like Dropbox to remove every user's copy of a file upon receiving a notice of infringement even if only one of those copies is not allowed and the rest are entirely legal.
Mediafire also don't give incentives for people to put popular files on their system as far as I can tell.
With most services like MegaUpload/Rapidshare you get paid when people download your files, hence their popularity, its a business for a lot of uploaders.
While I agree that you should encourage proper business, I don't think that Mediafire is a good solution for the mentioned purpose. They take $9/month for 4 GB storage, and $49/month for 10 GB storage. That's really expensive!
For $10/month you can easily get a VServer with 20 GB disk space or more. For $50/month you can rent a Dedicated Server with 2000 GB hard disks. (... assuming that someone who works with embedded linux images has no problem with installing a tiny webserver and making regular security upgrades)
I do have my own $50 Dedicated server that serves the web portion but if I have to serve the large files as well, I overrun my bandwidth allocation. File-locker services seemed like an easy solution.
If you're providing resources for the community which are being well-used, then I suggest sending round some emails to various well known hosting companies or other tech firms asking if they will host you for free in exchange for some sponsorship/advertising. This is pretty common.
Also, if youre just hosting linux images, can you not put them on github, google code or similar?
Out of interest, is there any reason you don't store and serve them from Amazon S3? It's pretty easy to upload files to that using their web interface, or Panic's Transmit client if you're on OSX ( http://panic.com/transmit/ )
I seem to remember S3 also makes it easy to turn on an optional .torrent link, to save you some bandwidth charges.
Last month's transfer (if everyone who clicked the link finished the DL) would have been more than $100 on S3. Its just a hobby. I really was hoping not to spend much if anything on it.
Depending on where you are, but: OVH is known to offer dedicated servers with very generous bandwidth allotments for very little money. E.g. their Dutch budget brand http://www.isgenoeg.nl offers a basic server with 5TB, then 10Mbps bandwidth for EUR 15/month, and their UK http://www.kimsufi.co.uk/ is similar.
(No personal experience, offer seems valid for nationals only, WebHostingTalk suggests there's little support, OVH apparently change their upstream providers all the time to get the best possible deals - you get a lot of bandwidth but latency varies from day to day. Seems acceptable for a simple file server.)
Amazon doesn't break S3 out in their financial reports, but estimates are that they made half a Billion dollars in revenue in 2010, and certainly more than that in 2011.
That was a question to parent. _Of course_ S3 costs money. That's why it's not reasonable to compare it to a service like Megaupload, where you only needed to pay if you wanted to store over 200GB total, or have individual files larger than 2GB.
Get a DreamHost account and use their "Files Forever" feature. If you don't want to pay for it, I'll happily host stuff for you (I'll give you a shell account to upload to). Send an e-mail to me via my profile if you're interested.
From the ToS: "We have a policy of terminating, without notice and without recourse, accounts of subscribers or account holders who are repeat infringers of copyright, and you agree that we may apply that policy to your account or subscription in our sole judgment based upon a suspicion on our part or a notification we receive regardless of proof of infringement."
So they'd terminate purely based on their own 'suspicion'? Seems a little harsh.
edit: A bit of context that I wasn't clear on in this post: Taking down files you are aware of, but before they've been found by a court to be infringing is the only way to maintain safe harbor protection.
Acting on anything short of proof, is acting on suspicion. Now what constitutes proof as far as copyright infringement? I can't think of anything short of a court decision. DMCA takedown notices aren't proof, they're just when the complainant swears they have a good faith belief that the file in question is infringing.
If they're taking that material down to stay legal, as far as the DMCA is concerned, when they become aware of information that makes it apparent the material is infringing they will lose safe harbor protections if they do not take it down.
Typically, this is covered by the "we can do whatever we want"-type clause in other file providers TOS, bayfiles is just limiting their purview to more specific situations.
My point with my previous point was that any harshness was not on the part of bayfiles.
There's nothing right about this, but I honestly can't have much sympathy for people who store their only copies of work files at a site that's notorious for its association with illegal activity.
Not everyone has the same familiarity with the reputation of internet sites as you do.
I really don't have any idea if my webhost is complicit in hosting illegal activity. If they were to get shutdown to hosting child porn, that's all well and good, but I'd still want my sites back.
Good points. YouTube is pretty notorious, lots of illegal uploads there. I wonder if that guy is suggesting we should stop using YouTube? Also lots of links on Google to illegal content, such as the whole Google Books thing, Google's pretty clearly a rogue site.
On the other hand, it seems that for many the distinguishing factor of legal vs illegal is that legal sites are financed by venture capitalists and illegal sites are privately owned.
More importantly, what's the difference between your site (data) and an mp3 (data)? Your site was "taken from you" but you didn't take that artists mp3, just a copy?
> Your site was "taken from you" but you didn't take that
> artists mp3, just a copy?
I realize that you're just trolling, but I'm bored so I'll bite.
If you copy an mp3, there are now two copies of an mp3. One in the original 'owner's possession, and one in yours.
If I take the hard drive that an artist is storing the only copy of his/her mp3 on, then I have 'stolen' the mp3 because I have deprived the artist of possession.
When the FBI took down MegaUpload, if the only copy of my files were on MegaUpload, the FBI has taken physical possession of them through the seizure of MegaUpload's servers.
What the FBI did would only be analogous to pirating if they copied all of the data off of MegaUpload's servers, but left the servers intact (thereby allowing the original owners to still have access).
> I realize that you're just trolling, but I'm bored so I'll bite.
I wasn't. However, you're comment is clearly a thinly veiled attempt to discredit my comment without actually contributing anything back. That you'll bite is you attempting to play the part of the "bigger person."
The reality is, you start off by being ill-mannered, insulting, and petty.
Don't bring that stuff to HN. You should know better.
> If I take the hard drive that an artist is storing the only copy of his/her mp3 on, then I have 'stolen' the mp3 because I have deprived the artist of possession.
Actually, no. In this case, the original had to come from somewhere. Data was copied from one location to another. What is up on MU is, in essence, a copy. If the original owner then removes that original copy, it doesn't bless the copy with special privileges. Hell, if you want to get technical, the artist never had possession of the only mp3 up on MU's server. MU had possession. The artist had access, but not possession. He has, effectively, given MU the right to possess the copy.
Regardless, this example, as much as yours, is silly, because it's data. We aren't talking about a physical thing. You're trying to argue that data, somehow, can be stolen (1s and 0s, something we've long argued can't be "stolen").
Honestly, I can't take any of these arguments seriously, if only because they are using the same arguments the MPAA/RIAA have been attempting to use against us for years.
> 1s and 0s, something we've long argued can't be "stolen"
I don't understand this argument. Because it's "1's and 0's" doesn't mean that it can't be stolen. If I take a bunch of photos on my digital camera, and my camera is stolen, are my photos not also 'stolen' from me as I no longer have possession of them?
> Honestly, I can't take any of these arguments seriously,
> if only because they are using the same arguments the
> MPAA/RIAA have been attempting to use against us for
> years.
The MPAA/RIAA argues that making a copy while not depriving the original owner if his/her copy is stealing.
What is being argued here, as I understand it, is that depriving the original owner of their only copy is being called stealing. As I stated in my original comment, the FBI confiscated the drives that those copies are being stored on.
> If I take a bunch of photos on my digital camera, and my camera is stolen, are my photos not also 'stolen' from me as I no longer have possession of them?
Your camera is stolen.
If someone left you your camera, and merely deleted the pictures, and copied them onto their system, that would be copyright infringement at best (ignoring the act of hacking your camera, etc).
Whatever other philisophical argument you want to present is meaningless without an actual law backing it up. While it might feel like theft, it's not.
> is that depriving the original owner of their only copy is being called stealing.
That's the argument. It's flawed. If you make a copy of something an upload it to MU, MU now has a copy. If you delete your original copy, that doesn't bless the copy with special protection. Indeed, by uploading to MU, you probably gave them permissions to distribute the download, as well as other rights. In fact, I'd be surprised if any cloud service like what we are discussing gave you special rights over the hardware that was storing your devices.
MU is the bad guy here. They are the ones that were allegedly doing illegal things while accepting honest customers. It's a shame, yes, but the reason people are up in arms is because MU is the "little" guy fighting against the "evil" government and the vile "MPAA/RIAA." Sorry, but I don't sell out just because I don't like one side.
It's nothing to do with illegal activity, it's just dumb to have only a single instance of an important file wherever it's stored.
Worth noting that some of them were moaning that this was their backup. Not sure I see the issue there, just move them somewhere else - if it's a backup they still have originals presumably.
It leads to a bigger discussion, though, about what happens to your files when a cyberlocker (Megaupload, Dropbox) or backup provider (Backblaze) shuts down.
I definitely agree that the lingering wide spread implications are quite serious as more of our data and services are hosted by third parties.
But for the Megaupload users, I would like to quote one of the boards I saw held up by SOPA protesters: "Dear congress it is no longer ok to not know how the internet works". Dear users, that goes for you to. And trusting your valuable data to a provider who is suspected of all kinds of shenanigans is naive. You get what you pay for.
In the case of Backblaze (which I use and highly recommend) wouldn't it just mean changing providers? As long as your hard drive doesn't fail before you get a full backup done with another solution you should be fine.
We generate a new 2048-bit RSA public/private key pair when our client is installed, store the public key on the local disk and transmit the private key to our datacenter via https. Then, for each backup session, we generate a new random 128-bit AES symmetric key which we use to encrypt the user’s data. We secure the 128-bit AES key by encrypting it with the user’s public key and transmit the encrypted file along with the encrypted key to our datacenter over https. We destroy the unencrypted 128-bit AES key at the end of each backup session and never write it to disk. To decrypt a file, the user’s private key is used to decrypt the 128-bit AES which is then used to decrypt the file.
You can specify your own password for the keystore. If you do this, they can't access the keys (well, outside of nefarious sniffing we'll assume for the moment they aren't doing). You also can't access your data if you forget it.
And yet it took 2 years of law enforcement work to investigate that notoriety. I have easier time finding infringing (or is it?) content on Youtube than I ever had on Megaupload but you won't see them ever going down the same way. Agreed, however, that storing a single copy of important work isn't safe.
Yesterday I uploaded a video to Youtube w music in it that was immediately identified, credited to the artist on the video page, and I know that royalties are paid for that video. I'd say that's a pretty big difference in behavior of the two companies.
I can excuse them for the "association with illegal activity"-part, but having only one copy of your data, located on such a site, or in the cloud at all, is very risky. It will be interesting to see how the feds handle this one, considering Megaupload was used for plenty of legal activities as well.
There is little question in my mind how the Feds will handle this. Kiss the files good-bye. Actions like these show the government doesn't believe all binary data has value. Rather, it shows they believe the majority have no value except for that distributed by the MPAA and RIAA.
but having only one copy of your data, located on such a site, or in the cloud at all, is very risky
I agree with you, but think it's harsh to judge the users by it. It's not that long ago that it was nothing short of a miracle if the average home user - or small business for that matter - had any backups.
Cloud storage is clearly being marketed as safer than self storage, with multiple location, site backups and even diesel generators touted to prove their supposed reliability.
Clearly we now see that cloud storage is not reliable at all and can not be trusted because even though my data is completely legal, just because someone else misused the service in violation of its TOS, everybody's data property gets confiscated by the feds. That's not safe at all. Cloud is not safe. Owning your own server, at least you have control over what else is on it.
What I'd be concerned more about in the long term is if you don't get an option to save your stuff anywhere else.
For example using a cloud application to actually do your work whereby all your data is saved by your app to their storage platform and there's no way to get it out.
If that cloud app gets shut down because of SOPA or whatever then what happens to your data?
To me, this is a bit like people complaining that the feds seized their car that was legally rented from them, by their dope dealer. I'm not surprised that people used the service for legal means, but I am surprised that people can expect us to think that they didn't know the service was mostly profiting from piracy.
I feel really bad for some of these users; certainly, for the less technically-inclined or interested, how were they to know that an otherwise legitimate and professional-looking website would disappear with their data overnight? Whether it's RapidShare, MediaFire or Amazon S3-backed others, to the regular user they all look the same.
In the long run, if high-profile removals happen like this, I can see it causing a general lack of trust in SaaS for the average home user.
I can see it causing a general lack of trust in SaaS for the average home user.
As it should. Unfortunately, current tech isn't there for the regular user; it still isn't even there for the technically-inclined user who has a better grasp on the risks going in. There are very few solid services out of there right now, and the vast majority of them are only a platform for the techie to build the user-facing services and/or are highly domain-specific.
I totally agree there is no good way for a regular, or even techie, user to tell when a service is a fly-by-night. What do you have to gauge them on? How good of graphic design they have for their website only tells you how much they care about putting up a pretty face, which is not necessarily tied to the quality of product at all. The internet is so full of both PR and unwarranted rage, where do you even start to gauge the quality of a service?
It gets really, really difficult. I thought megaupload was a look-the-other-way-as-much-as-legally-possible-while-piracy-happens operation because I was only knew about it because of people who used it to pirate. But at the same time there were plenty of people who thought they were what they advertized themselves as, I even had buisness contacts at large reputable organizations that used them to email me big files all the time.
It's not a backup if it's your only copy. Moving data exclusively to the cloud is dangerous yes, but backing up isn't. At worst you get into a situation where you local copy is your only copy until you can back it up to a different cloud. Like you said, that's why it's good to have multiple backup locations.
I'd like to get upset about this, but the legal precedent for seizures is already well established. The government takes something, you get it back When They Feel Like It.
Your files are gone. Restore them from your backup.
My prediction: Client-side encryption is going to become more popular. All users encrypt files before sending to cloud. Then users decide who gets access to their information. This is just common sense. It might help in areas like medical records (HIPAA) as well.
If you give Dropbox write-access to your Desktop and all your unencrypted original files, you are 0wned.
This is already common with Megaupload/Rapidshare piracy. People upload password-protected RARs to prevent the files from getting pulled via hashes or manual inspection.
How hard would it have been to give people a warning and let them pull their legitimate files first ? There's a whiff of malice behind seizures of this kind.
Law enforcement steals personal property all the time, with no recourse for the owner. All they need is an excuse to link it with an investigation. Even if nobody is ever accused of a crime, and nothing goes before a judge. Then later they sell it at auction and put the proceeds in their own pocket.
Worried about your files? Try worrying about your car or house, they're equally at risk. Not all cops are evil, but they'll all stand behind each other regardless.
Putting your files on a 3rd party site like MegaUpload is a lot like buying food at a random food cart in a 3rd world country. You might not get sick, but there's no guarantee. If there was a motto for life, it would be Caveat Emptor.
If they are governed by US laws, it's possible the FBI would return assets to lawful owners, much like the wind-down of MF Global, but that type of thing takes quite some time. Also, as possibly bad as that sounds, if MegaUpload had actually been the cause of data loss instead of an FBI take down, there is no recourse...other than pursuing MegaUpload via a court system! While I don't actually think this take down was reasonable, any expectation of warranty in MegaUpload's service can only be assumed by accepting the laws of the countries MegaUpload operates in.
> Although it's not clear if a removal from Dropbox servers could trigger a deletion into my own Dropbox. Perhaps someone at HN knows? Please advise..
Of course it's technically possible, and Dropbox could probably be compelled by one law or another to make it happen. The question isn't "could it happen", but "would it happen".
Dropbox could definitely tell the client that all the files are gone, but in that case you have a three-day local backup in the .dropbox.cache folder. This has all the files in flat storage, and there exist scripts to put them back at their original paths.
Dropbox is probably not capable of triggering an actual immediate deletion of anything, unless they left some kind of backdoor. But any app could theoretically have a backdoor.
This is both a volatilte issue, and a huge opporunity. Someone who hosted business (or even personal, but business would be stronger) files with MegaUpload should immidiately contact their lawyer and pursue a court order demanding the return of their property, just as they would if a delivery service was shut down for drug smuggling. Whether or not not they are able to get it back, the ensuing legal and political battle (including whether or not one occurs at all) may prove to be an important factor in the building copyright war. I didn't personally have anything stored on MegaUpload, but I'm making a plea for someone who did to contact their lawyer and find out how to pursue a court order for the return of their property.
I think the crack house analogy is wrong. What if instead of a crack house, you stored your goods in an apartment complex where some people used their apartments for illegal activities? Police wouldn't be justified in entering or seizing apartments that they didn't have probable cause for.
The server hard drives contain illegal and legal data and they are not separately owned/occupied like buildings are. The alleged criminals own all the hard drives. Cops aren't going to weed through all of that data and then figure out who owns the legal data and then make an effort to contact and return it to them... there's no way they can do that.
There's the rub. The suspects own a company that owns the drives, but you still own your data and the copyright to it ... it's a data warehouse; it gettingg raided doesn't alter your ownership.
Why is this the #1 story on HN? Keeping anything important in one place is a bad idea.
Btw, we all have our source in git or mercurial (vcs with full history) with an offsite repo, right? also, RAID isn't a backup. How many lessons do people need to keep relearning?
What part of keeping your information in one place is a bad idea don't you understand? Maybe that group would just decide to take the money and run and shut down all their servers.
I dont think thats the point this article is making, especially here. Its just showing that megaupload really wasn't the all nefarious piracy centric site that the DoJ/FBI is making it out to seem. It was being used for legitimate purposes, and those people are fucked because of our government, the ones supposed to protect us.
That isn't a reasonable argument to make for regular (non-techie) users. How are they to know backup best-practices any better than you or I might know about the best-practices of a field that we haven't studied?
In that case I still wouldn't call it a backup. I'd just say that the array itself was failure-resistant enough that you've chosen not to maintain a backup.
Guys, I have some spare time. Any interest in a cross-platform app that acts as a kind of "raid-1" (mirror) across two or more of these popular services (e.g. DropBox), any one of which you more or less "trust", but, on the theory that the Government can take them away? (or if you don't consier that likely, then just on the theory of "don't put all your eggs in one basket")
The idea is that each service would think you're "just" using them; meanwhile, you're really hedging your bets. Should ANY ONE of these disappear, in spite of general internet connectivity on your part, software panics and downloads ALL your data to your local hard-drive instead (on the theory that perhaps the government is about to make ALL of them inaccessible to you), sends you an email and SMS?
Another feature would be local encyrption. Let me know if there's interest in this. Basically, this is like a raid-1 layer on top of two or more disjoint services such as DropBox, optionally with local encryption.
git-annex can do this. Currently it supports Amazon S3, The Internet Archive, Tahoe-LAFFS, and rsync.net as cloud providers (with optional gpg encryption), as well as various options involving your own VPS, local hard drives, etc. Adding more cloud providers is a simple matter of haskell programming, or if you don't do haskell, shell scripting.
This is ludicrous. How anyone can call MegaUpload a legit site is beyond me. Everyone knows MegaUpload has been primarily used for storing and sharing pirated works and while the site can be used for legitimate purposes, by and large it wasn't. I do feel for the people who honestly did have legit stuff stored there but I think TorrentFreak's attempt to spin this story like a legit site got shut down for no reason is laughable.
So every major city has one of those "massage parlors" that are really just fronts for getting a happy ending. I'd liken this story to a hypothetical "Massage Parlor/rub and tug shop" getting shut down and then having a major local newspaper like the Chicago Tribune run a piece on how we should be outraged that a legit massage place got shut down because of a few bad employees and customers.
Give me a break, everyone knew what MegaUpload was doing and while I don't doubt the possibility that some people didn't know and really were using it legitimately, overall stories like this only give the pro-SOPA people more ammunition to try to make our side look like a bunch of entitled, unethical, lawbreakers. Or, as they like to say, "pirates" except when they say it it implies something totally different than what some of us see it as.
Only the most pedantic of the pedantic could not pick this story enough to try to make a case for defending MegaUpload. It's not like MU were hiding what they were doing very well. They only had plausible deniability with their cute disclaimer in the FAQ and the fact that it could be used legitimately but largely wasn't. There's no shortage of affordable, popular "file locker"/sharing sites that are legit out there.
When you try to defend MegaUpload and say "this is what happens when laws like SOPA take effect" what people outside this community actually hear is:
"look how SOPA can stop those law breaking pirates" and it actually makes us look bad.
Instead, the message shouldn't be supporting MegaUpload but actually beating the opposition at their own game by framing it as "look, the Feds can shut down pirate sites just fine as it is so why do we need SOPA-like laws?" then go into the dirty details of how SOPA is bad. Definitions and opinions on piracy, copyright, sharing, etc. are irrelevant in this case. The fact is, it's illegal right now and so it got shut down.
Non-commercial file sharing and piracy are two different things. I hate to get pedantic, and I know what you mean but I have to preface what I'm about to say with this disclaimer lest some other pedant starts mincing words with me.
Anyway, our opinions on what should be legal are totally irrelevant. Fact is, piracy is illegal and there are laws already in place and enforced on it. You can't just break the law en masse and call it a protest. The opposition just ends up marginalizing you as "a group of bad apples" no matter how many people do it.
I favor copyright and don't much like piracy only because I wouldn't want my work to be pirated, however I do see the danger in SOPA and the extension of copyright so I would definitely protest with you guys here. The problem is we can't make change and be comfortable at the same time. If you want to see a change in policy you have to imcomvenience yourself a little in this case. Sitting on your computer and downloading torrents all day them writing a blog post about it doesn't do anyone but preach to the choir. You have to get active and get out into the streets. Protest in front of the offices of Universal, make t-shirts, formally organize, and start talking to the non-techie public in a way they understand. Unfortunately, us nerds seem to be terrible at doing that. We're all so pedantic, we argue amongst ourselves over the little things, and when we do try to educate the public we all spew out different, non-unified messages that the public doesn't see a reason to care about. We're all so enamoured with our ability to disrupt systems and do things our own way that we think we can always play by our own set of rules. I think thats hubris on our part and it's hurting us. In this case I think we need to play by their rules in such a way that we turn their own rules against us. Let's start a PR war. The kind of PR war that uses bumper sticker slogans and tactics the other side uses. We may think its beneath us but would you rather be right or would you rather win?
By non-commercial file sharing I mean file sharing without making a monetary profit from it. This definition covers people using megaupload, but does not cover megaupload itself - who quite obviously made profit from distributing copyrighted works. There is a different discussion on whether closing it this way was the right thing, but I'm not interested in it right now.
What I want to point is that the guy downloading and sharing the movie for home-viewing is definitely non commercial. And this is very much included in the common definition of piracy (along with commercial distribution like bootleg cds).
Now, about how it's not ok to break the laws: I disagree. I view laws as a convenience for having a civilized society, not as sacred rules. I have enormous respect for them and I am perfectly aware that respecting just the laws you feel like when you feel like is a recipe for chaos. But I am also aware that not all laws are just. More to the point, I am aware that historically a huge number of laws were completely absurd, and from a modern point of view they were (also literally) medieval. I have absolutely no reason to believe we are now above having such absurd laws and I think drug and copyright laws are such modern examples, having no basis in fact and rationality. Therefore not only I have no respect for them, but also no compunction about breaking them (other then getting caught).
Prostitution is a different matter btw - in principle I am for legalizing it, but in practice there are ways it could backfire. Human trafficking is real, and while I suspect having prostitution illegal only helps it I don't have the same degree of conviction.
With copyright on the other hand there is no doubt in my mind that it's an absurd law - therefore I am morally free (and somehow obligated) to ignore it.
Your main objection is that breaking the law doesn't help change it - this I do not think is true. Having millions, really having a majority of the population pirating movies and smoking pot - with no catastrophic consequences on either - only helps drive the point that the laws are absurd. If everybody respected the law just because it's the law we'd just have a world of sheep. It's enough we often get the circular reasoning that "all drugs are bad because they're illegal". I have no desire to see it applied to copyright.
Wouldn't they be unaffected when the ATF comes and raids that one storage space? Or would the ATF be so heavy-handed as to barge into everyone's space and shut the company down?
well, by the analogy, the storage company was making money from the cocaine ($10/month to rent the space)
plus they had a gumball machine and two snacks and drinks vending machine in the hall that led to it and other units! they were clearly making money everytime the criminal went there with a client.
I made a FOSS gnome icon theme whose sole host was megaupload (the tarball was too large to upload to gnome-look.org). I hope I have the original on an old computer somewhere.
Everyone gets to go through the oh no I've lost everything what am I supposed to do now. It is almost like a right of passage, most people assume it will never happen to them and once it does the lesson sticks in really well.
Am I the only person who would never consider uploading important stuff to a site mostly full of warez and bootleg videos and whatnot? That is run by a known crook?
Yeah, not a good idea to upload stuff to YouTube, you're right. I don't think it's completely fair to call Eric Schmidt a known crook though. He did ransack the company for a $100 million "bonus", but he retired last year.
Some heuristics for evasion of the observed colateral damage scenario:
* Store your files in several places. For example use Dropbox and link two machines with it. One at home and your laptop maybe.
* Rent a cheap vserver and install your own URL-Shortener (http://freecode.com/search?q=url+shortener&submit=Search)
* For files you'd like to distribute, put them into the Dropbox public folder. Generate your own short links with your own shortener.
* distribute the shortened links
* If Dropbox goes down, copy files to other webspace. Adjust URL-Shortener entries to new location.
If you don't trust Dropbox or any other file storage service, rent some webspace and sync your files there. There are a couple of 'How to build your own OpenSource Dropbox clone' recipies out there. (https://duckduckgo.com/?q=dropbox+clone). AFAIR they all suck in different regards. Simply choose the one that does the job and sucks least.
If you are not capable of doing stuff like that, then contact your friendly neighbourhood tech collective. Where to find them? Start here: http://www.hackerspaces.org . Don't ask them to do stuff for you. Ask them to teach you how to do it. Then donate. DONATE!? Yes, donate. And remember, with all the commercial services you have been cheapsurfing on, if you are not paying for it, then you are not the customer, but the product.
The interwebs have offered us the opportunity of an empowered, self organized distributed digital information society. But alas! we lazy bums are opting for the cheap consumerism solution. And on top we are whining and sobbing, when the freebies are being taken away from us.
I have little compassion for people who store their files in the cloud only.
/rant