In the wake of Megaupload, security experts warn businesses that rely on cyberlockers to include service loss in their disaster and continuity planning.
12 Epic Tech Fails of 2011
(click image for larger view and for slideshow)
Can cloud-based file-storage services be relied on for business use?
The FBI's takedown of cyberlocker site Megaupload last week sparked an international outcry from disenfranchised users, who had relied on the site for legitimate purposes. Many users have been left wondering: will their file-sharing website be next?
Some leading file-sharing sites have been suggesting otherwise. Notably, Tom Langridge, corporate communications director at Houston-based MediaFire, said on the company's blog that the company's premium services "are based on a user's ability to upload data and pay to distribute it," and said uploads for non-premium users were limited to 200MB per file. "We caution new users to read our terms of service carefully and understand that MediaFire takes violations of our terms of service very seriously," he said.
Similarly, Derek Labian, MediaFire's CEO, told Venturebeat, "We don't have a business built on copyright infringement," and if Google searches do turn up copyrighted files on MediaFire, that's Google's issue for indexing those files. In addition, he said, MediaFire maintains a "good relationship" with various government agencies, and has a program in place to comply with takedown requests by copyright holders, as is required by the Digital Millennium Copyright Act (DMCA).
Similarly, file-sharing service RapidShare said it didn't fear a shutdown at the hands of U.S. authorities. "We distinguish ourselves from services like Megaupload in many major issues and we aren't threatened in any way," according to a statement posted on RapidShare's website, which also said that the site employed no measures to obfuscate its legal status--unlike Megaupload. "RapidShare AG was founded in Switzerland, was always based at the address cited in the imprint, and was always managed with an authentic name without any anonymous intermediary companies. The drastic measures against Megaupload were obviously seen as necessary by the FBI because the situation was different there."
Regardless, security consultant Brian Honan said that IT managers should beware of the impact of any file-sharing service outages--triggered by an FBI takedown or otherwise--on corporate productivity. "This takedown should also serve as a good lesson to those looking at cloud based file sharing services to ensure they include the loss of availability of those services, for whatever reason, as part of their business continuity planning," he said in a recent SANS Newsbites newsletter.
Although sites such as MediaFire and RapidShare have said they have nothing to fear, other--perhaps more free-form--file-sharing sites have made notable changes in the wake of the Megaupload takedown. FileSonic, which sees a billion page views per month, cancelled its affiliate program and disabled sharing, meaning that users can only download what they themselves upload, thus making the site now resemble a personal file-storage site such as Box.net, Microsoft SkyDrive, or Dropbox. PayPal reportedly has begun refunding subscription fees to FileSonic customers, on request, reported TorrentFreak.
Other cyberlockers, meanwhile, have begun blocking U.S. users. According to International Business Times, attempting to access uploaded.to from the United States leads to a static page that reads: "Our service is currently unavailable in your country. Sorry about that." According to a cached version of the site, it had been offering approximately $47 for every 1,000 uploads.
Meanwhile, TorrentFreak reported that 4shared, FileJungle, FilePost, Fileserve, UploadStation, VideoBB, and VideoZer have reacted with some combination of the following: closing numerous accounts, deleting large numbers of hosted files, or disabling third-party downloads. Meanwhile, smaller sites x7.to and UploadBox announced their closure, with the latter saying users had until January 30, 2012, to download copies of their files.
The cancellation of the affiliate programs was in reaction to the Megaupload indictment, which alleged that the company's affiliate program was designed to reward copyright violators. In particular, the indictment quoted lead programmer Bram van der Kolk proposing that Megaupload give $100 to several different users for uploading "full popular DVD rips" or "some software with keygenerators (warez)."
Meet top cloud computing technology companies in Cloud Connect's ever-growing Expo Hall, and learn about the latest cloud services, applications and platforms. It happens in Santa Clara, Calif., Feb. 13-16. Sign up now with Priority Code CPMWCC38 for a free Expo Pass or $100 off our conference passes.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.