I uploaded a legit Office ISO I downloaded from MSDN to SkyDrive (as it was called back then) to test throughput up and down.
After 3-4 hours it was gone.
My data isn't going near it.
Edit: just to clarify... I think they hash incoming files and delete known ones as part of a takedown system. This was an ISO that had been shared on TPB as well as MSDN. Of course their policy allows these measures but I'm not happy putting something up there on the basis that they can arbitrarily delete it.
Hey pling, I work on the OneDrive team. We definitely don't do the type of content scanning that you're describing. I wouldn't be comfortable with that. The only time we currently use file hashes for automated takedown is when known child pornography is re-uploaded to the service after being reported.
For copyrighted content, we have to respond to DMCA notices like other services. Sharing content to the public and getting reported by a third party is the only path for that. And in those cases, you definitely get a specific notice about the takedown. The web UI would also show you exactly which file was affected, and prevent you from sharing it again. It doesn't just delete files. (That would be unacceptable.)
Note that there's currently a 2 GB file size limit. It seems like the most likely explanation is that you put a large ISO in your SkyDrive folder, and it never succeeded in uploading because it exceeded the limit.
The file was 600Mbish. It successfully uploaded via the desktop client then was later downloaded on another machine via the desktop sync thing. Later that evening it was gone. I didn't delete it (it wasn't in the recycle bin) and I confirmed it was the correct live account I was signed in as. To be clear it was still on the source machine but not the destination. No antivirus had quarantined at either end.
That by elimination would suggest that either:
1. There is a reliability limit somewhere which is unknown and unpublished or a synchronisation bug.
2. You're unaware of a process or a false positive.
I should have opened another account to test this against with the same file but to be honest if I found a bug, windows live support has been abysmal. Hell they couldn't even work out how to close my account when the close account page refused to work...
Yuck. Sorry that you had a bad experience. It sounds like you hit a nasty sync bug on the destination machine. We've been patching a bunch of issues with client sync reliability over the last year. It's hard to diagnose at this point, but please reach out if you can reproduce it on the current version.
FWIW, I can say with confidence that your issue had nothing to do with the fact that the file was an Office ISO.
There are 3 processes: PhotoDNA hashing [1], automated flesh tone detection, and manual review.
1. PhotoDNA runs on every upload. It's only used to identify known child pornography that has already been reported, to make sure it can't be re-uploaded.
2. Automated flesh tone detection only runs when a photo is shared. (This is a change in policy; it used to run on upload.) There are heuristics that try to measure whether it's personal sharing or broad sharing, and we're continually improving those. The goal is to make flesh tone detection only run during broad sharing.
3. If the broad sharing criteria is met and automated flesh tone detection triggers a positive result, that is the only case in which an item is anonymously sent to manual review. It's some highly controlled clean-room environment where a dedicated team tries to determine whether the content is a legal risk or not. Clear cases of shared child exploitation porn are reported. (A parent's "baby in bathtub" type of photos are not the target here.) In most cases, it's adult pornography or family photos. In those cases, the folder is marked as porn and simply can't be shared again. (There's a user-visible message on the web UI.) It's not deleted, and it continues to be fully accessible to the owner across all machines.
The scanning policy used to be more aggressive and didn't exclude content that was unshared or only shared to a small set of people. None of us liked that policy to begin with, and then some high-profile false positives helped force the policy to be revised.
I keep reading that OneDrive lets users upload adult porn either through here, or reddit AMAs, etc.
However, the terms that are linked to me at the bottom of OneDrive.com specifically tell me that uploading porn is not allowed and presumably (haven;t double checked) tell me that if I do my MSA will be deactivated.
It's nice to have you and co. tell me that you allow porn, but the fact that the terms I legally agree to contradict what you say sort of puts me in an uncomfortable position.
Have you thought about changing the terms of use to accurately reflect your policies?
Why don't you encrypt those pictures before getting them out of your control on the "cloud"? I would extend this suggestion to every other file but those in particular kind of scary me to be available somewhere else without encryption.
Might be a dumb question ("have you tried restarting your computer?") but does the ISO come up through the web browser at onedrive.com? You only mentioned checking the sync folders.
They really need to increase the maximum file size to be competitive. As a comparison, Dropbox files can be up to 10 GB each[0], and Google Drive files can be up to 1 TB each[1].
Its disingenuous to say that Dropbox has a file size limit of 10GB, when the first thing written on that page you cited says otherwise... The 10GB limit only applies to files uploaded through the web interface. Files uploaded through the OS/mobile client have no file size restriction. [0]
Last year a friend couple uploaded photos of their one-year son (I understand it were those "bathtub photos" parents like taking to embarrass the children when they grow up) just to get their paid account blocked. They panicked because they used Skydrive to "securely" store lot of pictures, including their travels, honeymoon, etc. The husband was a bit tech-savvy, but I failed to convince him to always PGP-encrypt the files and rename them to non-significative names before uploading. At least, I made them never trust these services again.
I, personally, never use these file storage services to hold anything but encrypted data assuming that such data can disappear overnight without any warning.
Hmm what you describe conflicts with what u/m0dest mentioned above. I'd like to hear word from him/her about the matter. If your friend's content wasn't shared, the the image must have been someone processed for known nudity patterns
I suppose Microsoft started using some fuzzy/NN/heuristic/etc. pattern matching algorithm to identify pornography, so it caught the photos my friends uploaded even if they didn't came from a know database.
I just use GnuPG with some specific temporary keys (eg. "Project P File Transfer Key"). All transfer are among desktop/laptop machines, so mobile apps are not a requirement. And I don't use GDrive to sync data to my phone.
I wasn't sharing it. To be honest if they're checking for CP then they're messing with your files. There isn't a sudden distinction when you bring in "think of the children"...
I think there's a clear distinction between possessing child porn, which is illegal and subject to a jail term, and so-called "piracy", which is a civil dispute.
There are very few digital things that are illegal to possess (and no, a digital copy of The Matrix is not illegal to possess), and I believe Microsoft has both a legal and moral obligation to ensure the files on its servers are not child porn.
Putting aside the obligation(s), the mere fact they (and to be fair, likely other clouds) have an automated deletion process for unwanted content reduces their reliability. There may be bugs, possibly poor hash distributions, malicious misreporting, erroneous classifications, or misappropriation of the tool for other purposes.
I don't think this measure is effective (it's trivial even for non-techies to circumvent hash-based detection) nor proportional to the likely incidence/impact of this crime. While I cannot speak to what their legal obligations are, I don't think we should encourage invasion of privacy for no particularly good reason. As such, I strongly object to the notion they have a moral obligation to commit this particular harm. Facetiously claiming that doing so somehow protects children is just a joke in particularly bad taste.
Child porn is a "everything must be done against it" topic and while that is what should be done, it means that it makes a perfect "no arguments against it" argument for snooping.
But it is my belief that file hosters have a legal and moral obligation not to know what they are hosting for their customers. It is not the obligation of a host to look at a customer's files and decide what is ok and what is not. It is the same thing with Tor nodes or if you decide to encrypt files. I actually think that any online sync host like this or like Dropbox should not have any chance of knowing what I store with them. That's my private business and there is zero reason for them to know, is there?
Your belief doesn't have any grounds on reality and/or current laws. Once notified of child pornography, Microsoft cannot keep that content stored in its network. Period. Otherwise the next request they will get from a judge is to close the service down.
I actually think that any online sync host like this or like Dropbox should not have any chance of knowing what I store with them
Cryptography is readily available to anyone who cares to use it.
1. It doesn't sound like anyone is "notifying" Microsoft in any way. They're almost certainly just using the NCMEC hash set (which they helped develop) to identify known images.
2. You ought to provide some kind of legal citation for your claim that a judge can order a service like Onedrive to shut down after just two allegations of illegal content.
Truecrypt is far from done. But wouldn't be the fact that it's open source be enough for you to deem it trust worthy? Of course not, as recent events have demonstrated.
Although we all have reason to believe every single encryption tool out there is compromised, where does that leave us? Paralyzed. IMHO, we won't have 100% trustworthy software ever and we're better off using what we have then not using anything at all. Remember, in this thread we're talking about our privacy, not some top-secret project for which developing a encryption tool from scratch would be affordable (that'd be cool though).
Well, there might actually be value in knowing the content for e.g. searching, analysis, compression, deduplication, and advertising purposes. I'm not terribly in favor of exploiting these uses, but there certainly are conceivable reasons for the online service to examine the content of the stored files.
There was also some discussion about metadata being changed once the files were uploaded to OneDrive. So if you plan to use it just for plain file storage then it might be an issue.
That was something completely different, and a result of Microsoft's naming screwup: Sharepoint adds/changes some metadata of MS Office files (for collaboration, etc.). OneDrive for Business is essentially Sharepoint in the cloud.
This OneDrive does not change metadata, it's a 'simple' cloud storage.
BTW: interesting, I've submitted this link an hour or so ago, and it was immediately flagged as dead. :)
That's only OneDrive for Business [1], a product that (fortunately) shares nothing but branding with the consumer product. Not so say the latter doesn't have its own warts...simply that it doesn't have that particularly egregious one.
Shameless plug for my product, ExpanDrive. Version 4 came out a week and a half ago and adds support for OneDrive along with a ton of other cloud storage providers.
Right now the best Cloud-storage desktop clients: Dropbox/Google Drive/Box/Copy/OneDrive, all do sync of the entire repository (unless you're willing to do the work of selective sync). Apart from that you're not left with many options, other than the web, for moving data to and from your giant 1TB account. ExpanDrive bridges that gap by providing access as a network drive. You connect and interact with the data without needing to bring it all in. We keep a big local cache, and do writes in the background so your saves feel instant, like Dropbox. If you've not checked out the software recently, take another look.
Very cool - somehow I hadn't seen this before, and you've been around for 10 Years, and I try and follow all things storage. Not sure how I missed your product.
I know AWS is fine with this sort of usage (they charge for storage + data access) - any sense as to whether Dropbox/OneDrive/Google Drive are okay with applications being written on top of their cloud storage?
I.E. is this a hack, or something I should feel comfortable using as a storage option. And, other than AWS, are there any vendors you feel are most likely to be okay with using their service in this way?
Could you please put your price on the landing page?
I just got a download link and further down the page the price of a upgrade from a older version.
Before I download I am more interested in what I am downloading (is it a time limited demo?) and what the price is if I want a license. Otherwise its not worth my time to try the demo download.
Excellent product; I've used ExpanDrive in the past and it works remarkably well.
Curious--any chance you can put together support for OneDrive for Business? Microsoft currently lacks a proper client for that service on the Mac, and it's a minor pain.
Hey,
I'm just about to buy the upgrade from 3 to 4 but I'm wondering if you're going to make it behave more like a native Windows app? The panel that pops up from the system tray has some weird webview-like behaviour on right-click.
I also managed to bring down Explorer when opening Google Drive but I'll get a better bug report to you soon.
The only thing that makes me sad is that CBFS (what ExpanDrive uses as its backend) is really the only solution for doing filesystem stuff on Windows. Dokan just needs some love and a code signing certificate or two.
OneDrive in Windows 8.1 is built into the OS - it shows up as a folder in Explorer. After reading your site, I'm still confused; how is ExpanDrive different / better than the OneDrive OS integration? Can you describe a scenario where ExpanDrive is superior to OneDrive + Windows 8.1? Also, once you've done that here, it would be great to add that to your advertising copy on your site - perhaps with a walk-through of the product to show how it's better than the built-in OS support :)
A major frustration for me is that OneDrive does not show up as a folder in Windows 8.1, unless you link your Windows account with a Microsoft account. I absolutely won't be logging into my computers with my Microsoft account, which has made OneDrive much more difficult to use. It works well from Office, but nothing else. I've tried installing the old version of the client, and it fails with an error that I already have a newer version.
It sounds like ExpanDrive would probably solve this issue for me. (At least until Microsoft hopefully adds back support for using OneDrive with local accounts at some point.)
OneDrive in Win8 breaks quite a few applications that measure disk space or read files without knowing about the new weird symlinky stuff that OneDrive uses.
I love ExpanDrive and use it every day. Thanks for adding OneDrive support in v4 :)
ExpanDrive's WebDAV performance has been kind of rocky, though. From what I can tell, it doesn't appear to support byte range seeking. To get to the middle of a 2 GB file, it tries to download the first 1 GB. Is that something addressed in the v4 update?
Definitely support it. Perhaps a server incompatibility? Can you re-ping support@expandrive.com ? If you have some temporary credentials for us to test with, it would be super-helpful
I'm a bit disappointed about the paid upgrade, it really feels like ExpanDrive is only working properly since this last version. For me, v3 has always been dirt slow with cloud storage.
Hrm. I used to be a very frequent user of ExpanDrive, then I changed jobs and I haven't needed it for what I was using it before. I may take a look at it for personal use now, though.
Browsed around your site - how do you guys handle encryption of data? Or do you even? I'd look into using this with S3, but only if client side encryption is somehow offered.
Too bad Onedrive is known for altering files, scanning your photos for nudity (or partial nudity) and deleting/restricting content it deems "questionable". Otherwise it might seem like a good deal.
Altering text files is sometimes an issue in OneDrive for Business, which is a totally separate service based on SharePoint. Consumer OneDrive never alters your text or binary data.
Photos are only scanned for nudity if they're broadly shared. The definition of "broadly" is changing. It's designed so that content isn't scanned if it's unshared or if it's only shared with a small number of people. The goal is just to make sure that people aren't using the service to host massive public porn collections.
Why call both products OneDrive then? The only thing I care to remember from the discussion earlier is "OneDrive == data files are modified" aka stay the heck away. By sharing the name, surely you want us to think it is the same product?
Would you trust a sync service called "File Destroyer for Consumers"?
I'm currently using Dropbox and sync all my coding folders (mostly Rails/Node.js/Go/C#). I'd be willing to switch if one of the other providers would have smarter folder exclusion (something like .gitignore or I would even take having to make a sentinel file like .nosync in every folder).
I'd like to exclude things like node_modules, build folders etc. It's gotten to a point where I have to disable Dropbox during development and let it catch up later otherwise it chokes up CPU at 100% doing it's hashing.
Dropbox does realtime, automatic backup of your work with file version history in case you accidentally deleted or overwrote something. Git solves other problems.
Dropbox does those things, however when you are programming you are generally not working in a single file. You are working across many files with many various temporary files.
This complicates the state of a development folder. If Dropbox went down mid upload or you hibernated your computer before it had completely uploaded (it happens), you then work on another computer and that uploads some files, suddenly you are going to get a merge conflict which Dropbox cannot easily help you with.
Software development is not one file being edited, its a collection of files in a particular state that give it meaning. Dropbox is good, its gotten better but its still not the right tool for the job.
Git (or any DVCS) is good enough that you can commit and push every 5mins if you wanted. The point is that the state a a whole makes sense.
Plus what about when you start working with other developers, you cannot all work in Dropbox, you'll get merge conflicts every day. What about bug finding features like bisect? Or just having a log of when thing happened?
I started doing it primarily so that I could leave my work computer and start working almost instantaneously on my home computer. Since the Retina, I've been using the same machine for both but it's been less of an issue but it's still nice to know that you could lose the machine and not lose any work in any repo in your ~/dev folder.
Sounds like the only way to do it right now is via the Seadrive client proposed below - will definitely move to the first major provider that offers this service.
SeaFile has a .ignore file with pretty much the same syntax as a .gitignore. And it can also operate on multiple independent directories, has client-side encryption, it's open source and you can host it yourself. So you could actually still use dropbox as backend for the storage, and run both client and server on your machine if you wish. Link: http://seafile.com/en/home/
I've been using seafile for 7 months now and cannot praise it enough. A really nice piece of free software. Hopefully some smart people will do code reviews and improvements in the background to ensure behind the scenes everything is just as nice.
Agreed. My wife had to upgrade her dropbox plan recently to the $41.60/mo 500GB plan. I had to really weigh the pros and cons of switching. In the end, I decided the costs of me having to provide "technical support" to my wife was worth the roughly $30/mo in the short term over Google Drive (and now OneDrive), but figured we would start trying to convert her over the next year or so.
Dropbox is in a really tough spot, because if they even cut their prices in half (which would still be significantly more expensive than OneDrive), their revenue would drop tremendously right before an IPO. My guess is that the primary options are to stay the course, go public ASAP, hope you don't get bled too much from Google/Microsoft and try to find more reasons for people to pay a premium for Dropbox, or to sell to Apple, which is the only big player without a meaningful competitor.
>or to sell to Apple, which is the only big player without a meaningful competitor.
iCloud Drive?[1]. The Apple buying Dropbox ship has sailed. Steve Jobs tried to buy them and Dropbox said no. Turns out it was a good choice on their part, but there is pretty much no chance of it happening now.
>You've got to love competition, but I wonder at what point Onedrive's race to the bottom in terms of pricing starts to impact Dropbox's valuation?
eh, I've looked into getting into this market, and the price I would feel comfortable with (at my scale... which is not large) would be around a penny per gigabyte per replication per month. 2 replications is about the minimum I'm comfortable with, so the $0.02 per gigabyte/month seems pretty reasonable to me, especially because the big players have access to some pretty dramatic economies of scale that I do not.
Hard drives are what, $150 per 4tb drive or so, to purchase? Figure that it's another $2000 for every 36 drives for a low-end motherboard and chassis; figure a 36 month life, to be conservative, and that's $5.50/month in capital. figure $200/month per kw usable. a hard drive is going to use 5-10 watts That's $1-$2/month per 4tb. so total cost is going to be around $1.88 per tb per month. Now, multiply by 2.2, as I'm going to have 2x replications and make each replication raid6, (10 disk stripes) so my cost is $4.14/month/tb If I'm charging $0.02 per month per gigabyte, that's $20/month per tb revenue. (Of course, this is all seagate gigabytes. It's more complex if you use GiB.)
That's plenty of margin. Now, this doesn't count over-subscription, and if you sell in 100gb blocks, not all of it is gonna get used.
Now, especially if you are letting users use this for more than just backups, you have per-account overheads like abuse handling.
But yeah, overall? from where I stand? the "race to the bottom" isn't even keeping up with hard drive prices. In a real "race to the bottom" someone at my scale wouldn't be able to make reasonable margins.
The biggest problem I see with the market is that most consumers don't need that much storage. I'm going to need a lot of customers to just fill my first 74 disk cluster. Then, if I let customers share the files, I'm going to have to deal with dmca bullshit, and I ain't doin' that for free.
> You've got to love competition, but I wonder at what point Onedrive's race to the bottom in terms of pricing starts to impact Dropbox's valuation?
Unless you're a Dropbox equity holder why would you care? As a consumer all I care about is cost and reliability, neither of which are impacted by their valuation.
Yes - Google Drive was probably an impetus for this, and it will be interesting to see what they introduce at IO. I think this price drop is a bigger deal than the Google Drive Drop, as I'm pretty confident that Microsoft is in this for the long haul, and that OneDrive is going to be around in 10 years, and show great enterprise integration.
Unfortunately for DropBox, Google and Microsoft can almost give away storage for free as loss leaders for their other products. Hard drive space is a commodity.
I was a bit late to the online storage game and at $2 per month for 100GB, signing for Google Drive was a no brainer over DropBox.
Getting 50GB for two years with my phone (Moto X) makes Dropbox look pale in comparison. And they still don't have something akin to Google Docs or Office Online. Space is indeed a commodity. Office, Play, Google Apps, Ads, etc. are the money makers.
If the Skydrive team is listening, I love the All Photos feed, but can we get something like that for non-photos? I would like to see everything else that has been synced recently. I am not sure what Recent Docs does, but it is definitely not what I expect.
I wish they would fix their API along with these improvements. Currently there's no way to upload a file to OneDrive without knowing the file size. Google and DropBox support that with their APIs (via slightly different forms of chunked uploads).
This is relevant to me for http://emailitin.com/ because with email attachments there's no content-length. Since I don't want to store attachments on my end (even temporarily) I'd rather just pipe them directly to OneDrive (as I do with GDrive and DropBox). With the current API limitation I have to pipe to a temporary file, stat the file, and then upload. Really annoying.
Accuracy note: SkyDrive launched with 25 GB free, then reduced that to 7 GB unless you knew to click a link to be "grandfathered". So now they're at a fashionable 15 GB free. Good, but not as good as it once was ;-)
Either way, paying for the 100GB if you need the storage is a no-brainer. And OneDrive is still one of the few truly cross-platform storage services that's also ships natively with an OS. Now that Apple's offering additional cloud options on iPad, I could see myself picking one cloud provider and sticking with it ....
I really like where the online storage space is going but why don't they offer support for standard transfer protocols? Things like ftp, sftp, rsync, etc. I don't want to install a custom client and uploading via a web browser is tedious.
Question, does OneDrive handle large amounts of files/data? Google's Windows software has issues due to it's 32bit/memory limiting nature which makes it almost unusable for me for backing up client files.
I uploaded a legit Office ISO I downloaded from MSDN to SkyDrive (as it was called back then) to test throughput up and down.
After 3-4 hours it was gone.
My data isn't going near it.
Edit: just to clarify... I think they hash incoming files and delete known ones as part of a takedown system. This was an ISO that had been shared on TPB as well as MSDN. Of course their policy allows these measures but I'm not happy putting something up there on the basis that they can arbitrarily delete it.