gary’s web sofa

Consumer online backup provider The Linkup, formerly known as MediaMax, formerly known as StreamLoad just shut up shop and are telling people to go to box.net instead. Streamload split in half last year, spinning off a business orientated cloud storage platform called Nirvanix. I think the plan was for Streamload users to transition to the MediaMax software, and MediaMax would use the Nirvanix storage cloud as it’s back end. Well it looks like someone in MediaMax messed up in a big way. They started deleting data from the old storage infrastructure before verifying that it had made it’s way up to the cloud. They’ve lost anything up to 45% of their customer’s data. There seems to be a bit of a blame game going on, with Nirvanix and The Linkup blaming each other, but that doesn’t help those who paid for a service that they didn’t get.

Clouds are cool ‘n all, but what ever happened to K.I.S.S. (Keep It Simple Stupid!). Simple architectures go wrong in simple ways which are easy to understand and quick to fix. The team in MediaMax obviously didn’t fully understand what they needed to do to safely move all their customer’s data over, and everyone is out of a job as a result.

I’m in the trade, so I am biased, but this is too big not to comment on. Researchers at Heise (publishers of German IT magazine c’t) have cracked the security in several online backup platforms, including Ahsay OBM wide open using MITM (Man-In-The-Middle) attacks. You’ve probably never heard of Ahsay but if you’re a in the market for online backup you’ve probably tried it. They sell it as a “white label” product, so the service provider just puts their logo on the splash screen and the end user is none the wiser. They’ve got over 30 resellers in Ireland alone, including local brand names such as Blacknight, Datahaven, Hosting 365, PFH, ServeCentric and Strencom.

There are two elements to online security: data encryption and identity verification. If your data encryption is good enough it doesn’t matter who gets hold of your data. Being sure you’re sending the data to the right server adds to the security. Online backup typically deploys two layers of encryption: the data is encrypted using a key, and then the data is transmitted through an SSL tunnel that encrypts everything again. The SSL tunnel uses a digital certificate to verify the server is who it says it is. These certificates are issued by a trusted source, (Thawte, Verisign, Geotrust etc.) and provide the sender with a key to encrypt the traffic (the public key). Data encrypted with a public key can only be decrypted with a matching private key, and vice-versa. Only the owner of the certificate has the private key.

Software on the user’s end should throw up a big fat warning if the certificate isn’t issued by one of these trusted sources. Unlike Carbonite and Mozy, Ahsay doesn’t throw up a warning and just sends the data anyway. A determined individual can create their own certificate and keys and trick your PC into mis-routing your backup to their server (DNS cache poisoning is easier than you think). This gets them through the first layer; the SSL tunnel. They then have access to the username and password (which are transmitted unencrypted, because the SSL tunnel should be secure enough). This in itself isn’t a huge deal except for one thing…… To make things simple Ahsay’s default behaviour is to use the password as the data encryption key! They can then log in to your account and download all your data and decrypt it with your key. Carbonite & Mozy also use the same password/key shortcut but at least Mozy throws up a warning and Carbonite refuses to go any further if the key isn’t genuine.

A friend of mine has a successful small company. He’s realised that he needs “backup” because he knows he’ll go out of business if he loses his data. He claims that he doesn’t have the budget for online backup, and his staff aren’t computer literate enough to be trusted to swap a backup tape and store it off site.

I decided to use him as a guinea pig for Restore, and open source client-server disk backup platform. He has a reasonably powerful server in the office (I bought it for him) and a web hosting account with 10GB of space (also thanks to me). I wanted to set it up so it would backup the desktops to disk on the server, which I’d then rsync off-site. I’ve used VMware Server a lot, so the plan was to take Restore’s “VMware Appliance”, drop it on the server as a totally self contained virtual server, spend a 1/2 hour configuring it and I could go back to the day job.

It didn’t work out that way. The VM was created using VMware Workstation 6, whose VMs are incompatible with VMware Server 1.X. All they needed to do was click “VM” > “Upgrade or Change Hardware” before publishing the VM and everything would be fine. Now my 30 minute favour for a friend will balloon into a 3 hour job because I need to install it the old fashioned way. Grrrr!