Taking Control: Create your own Personal Cloud

[Overmind One]

Okay, like many of us here, I have become addicted to Dropbox. With it, I can take pictures from my phone and have them instantly on all of my devices. I can share the content with others and it is really convenient. HOWEVER, I just agreed to their new Privacy Policy which clearly states that governmental agencies may audit/view what I have stored in there, if requested. I find that unacceptable.

So, I am setting up my own cloud using a great open source FREE software called OwnCloud:


All you need is a website on a host running PHP 5.3 and Apache (about 8.00/mo from Hostgator). Download the program here: http://owncloud.org/six/

Once installed, there is an app in the Google Play store as well as the Apple App Store which will allow you to access your files from any mobile device you used to have Dropbox on. It has Camera Upload, creation of folders and shared folders on the fly, and is scalable. On a webhost which has "unlimited space", this is huge. It means you have have virtually unlimited space to store your stuff. But most of all, it allows you to give Big Brother a black eye.

vs the personal cloud solution below:

Many of my clients called me to ask about other solutions to privacy in the cloud, and after looking at the ones out there like Carbonite, iCloud, Office365, Google Docs, etc...none of them are really secure. Because they are so big and are making profit from this service, they are subject to regulation which does not apply to personal clouds. Sure, they could demand access to hosted files, but you could run this server from home (as I did for many years).

I will add to this as I use it and let you know how it goes.

 

[Overmind One]

WOW!

Okay, I have successfully installed this, and I have installed the Android client on my Galaxy S4 as well as my Acer tablet and Macbook Pro. There are clients for every platform, including Linux here:

http://owncloud.org/sync-clients/

The installation is simple enough, you upload the server scripts using FTP and then the script finds dependencies and goes through it's install. After it is done, you log into your new OwnCloud server and you can create directories and they will sync to all of your clients. The Windows and Mac clients create folders on your computer exactly like Dropbox does. I tested the Camera Upload (called InstantUpload by Dropbox), and it works perfectly. I tested it with the tablet, same thing. Syncing is faster than Dropbox by a large margin. Perhaps this is because only one person is using the cloud infrastructure for each OwnCloud instance. This costs me NOTHING except the dollar or so for the Android app.

Right now, I am copying the entire Dropbox folder list and it's files to my new Owncloud Server, and I will turn off Camera Upload for my phone for Dropbox and only use OwnCloud for that.

Cool stuff:

• There is a photo and video viewer built into the web access for your OwnCloud server.
• The interface is cleaner and more intuitive than Dropbox.
• Google Chrome does not demand access every time you open your browser like it does on a Mac for Dropbox.
• You no longer are limited by your Dropbox space. You can use the unlimited feature of your webhosting account to store your stuff.

I am playing around with sync settings now.

This is a capture of the sync window as it syncs all my Dropbox folders which have been copied locally on my windows machine. Note the total space is 426 GB! That is on the webhost, so I dont have to worry about it. . Like Dropbox, the taskbar tray option can take you to your local OwnCloud folder or the web interface on YOUR OwnCloud server.

NOTE: This cloud software has no middleman. It lives on your server (or your hosted webspace) and you control it 100%. Nobody has access to it, but you can send out shares with links to people to share folders with them, just like Dropbox...except without Dropbox or his bed buddies watching you.

If I was still hosting from home, I could set up a webserver at home to do this.

 

[Overmind One]

This software is amazing! Here are the options on the local clients...no throttling! Try that on Dropbox:

• Where it says "Account", it does not mean an OwnCloud account, it means an account you create on your own server. To create one for a different account, you have to create another installation. I LOVE THIS! This means that I have cut the consumer cord from DropBox, SkyDrive and iCloud and I am now 100% in charge of my data.

Think you cant do this?

This is what you need:

1. A web server (Linux preferred). You can get a website for about 8.00/mo at Hostgator or even less elsewhere.
2. You need "unlimited space" (this usually means at least 500GB but is usually unlimited if you reach that limit)
3. You need PHP 5.4 minimum (Hostgator will install it for free)
4. You should use a shared SSL certificate (they come with your account usually, you need to activate it)
5. Download OwnCloud from here: http://owncloud.org/
6. Upload the extracted folder to your webserver via FTP
7. Run the installer, then create your account.
8. Install the clients on your devices (PC, Mac, Linux, Android, iOS)
9. Enjoy.

I feel a sense of freedom and security I did not have with Dropbox, which has become bloated and nagging of late. Their new "Privacy Policy" forced the switch for me:

https://www.dropbox.com/privacy

Excerpt:

Log Data. When you use the Service, we automatically record information from your Device, its software, and your activity using the Services. This may include the Device’s Internet Protocol (“IP”) address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your Files, and other interactions with the Service.

Cookies. We also use “cookies” to collect information and improve our Services. A cookie is a small data file that we transfer to your Device. We may use “persistent cookies” to save your registration ID and login password for future logins to the Service. We may use “session ID cookies” to enable certain features of the Service, to better understand how you interact with the Service and to monitor aggregate usage and web traffic routing on the Service. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of the Service.

2. How We Use Personal Information

Personal Information. In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements. If you no longer wish to receive communications from us, please follow the “unsubscribe” instructions provided in any of those communications, or update your account settings information.

Just LOL.

I dont need for Dropbox to sniff my butt to see if it needs cleaning. WTH? I will only keep Dropbox to interact with others who use it. So, my 50GB of space on Dropbox will consist of only shared folders and nothing else.

Why does Dropbox need to do anything other than sit there and wait for files to change/be added? It is only a means to sync files across devices and have them available. How does tracking information collected by Dropbox "personalize and improve my experience"???

I don't think people realize what this sort of increased intrusion and monitoring means. It is the equivalent of seeing tanks and military vehicles rolling down the streets when there is no war or nothing in the news.

 

[Overmind One]

Okay, corrections:

• You CAN create multiple accounts easily in Settings.
• You can install apps to view online, edit documents, etc. All will live on your own server

Here is a capture of the settings page:

This is incredible. I cannot believe this is all FREE! Sure, you have to have a webspace, but considering the control you achieve, it is a very small price to pay. You get across the board syncing and viewing of all types of data (via apps you can download and install into your OwnCloud Suite). Its like having your own personal Google Docs...only private.

It feels like having this:

I have quite a bit of data to sync to OwnCloud. about 10gb including the pictures and video in my Dropbox. Im babysitting that right now, and about 5gb have been synced. Once synced, I will delete all of that from Dropbox and keep only the shared folders. For some clients, I will send out a share invite and test the shared folder function. Or, I could just create a different account on a virtual machine and test it there.

 

[Overmind One]

OMG!

A whole new world has opened up. You can install HUNDREDS of apps which replace many apps you find on Google Play, and they are part of your OwnCloud so they sync across devices when you install them on the server. Take a look at what is available here:

http://apps.owncloud.com/index.php?xcontentmode=920x921x922x923x924x925

I am installing apps which will replace my Google Calendar, my Grocery Smart shopping list app, all of my Google Docs apps and there are so many others it is just overwhelming. If anybody is interested in setting something like this up, please let me know. If you would like an account, I may install it here at GateFans and give space away in contests. Beats the paltry 2GB that Dropbox gives you. Im installing this on my business website right now, but it has great potential for my enterprise clients.

 

[Overmind One]

This is truly amazing. The Calendar app and some of the others did not offer the functionality I get from Google Apps. But the Cloud storage/Replace Dropbox goal was met and exceeded expectations by a huge amount. Unlike Dropbox, I can stream video directly within the app or online, and since it is my private encrypted connection (via https://), I can store an entire video library in there and watch it on the fly wherever I am. . Also, it has a built in music player! This means I can store my music on my cloud server and access it/play it from any of my devices anywhere. You can create users and set quotas for them as well.

Here is what the mobile app looks like with my new folders in it:

Here is the mobile/tablet downloading screen you get when calling for a file:

And when you have downloaded a file it cannot open using one of it's built in apps, it promps you with a choice to set a default mobile app like so:

I took these by using the standard Home button + Lock button shortcut. In seconds, they appeared in my OwnCloud InstantUpload folder and then posted here after resizing them. . Unlike the photos and videos, screenshots dont get automatically uploaded. But you can share them to Dropbox manually.

 

[Overmind One]

Okay, I was up most of the night setting this up and syncing and testing...the client I am going to demonstrate this to will be quite pleased. I do not see any functionality lost here, and in fact there is MORE capability and for much less money than what Dropbox wants to charge enterprise clients. His 10 employees can each have 50gb of storage, and he will control the data. When employees are fired these days, they may have had a Dropbox, iCloud or SkyDrive account installed when at work. Anything in there which was sensitive is gone for good, since enterprises do not have control over SaaS data when it lives in the cloud (except with higher end software). This is FREE. I will have to come up with a price for setting this up.

 

[Overmind One]

SUCCESS!

My client loved this. He wants it implemented ASAP and I am going to charge him $1500 to install, configure and maintain the OwnCloud Server and configure his employee phones and tablets (15 total). This is reasonable when you consider the labor. And beyond the labor, this is pure profit for me. . The Enterprise version can be branded which only involves uploading his company logo to the server and changing it. There are "premium" services available, but they require a small monthly fee. This company already has several servers, so I just need to configure one to handle the data. The NAS array he has attached to the server I am going to use is 10TB.

I did a test file of 2GB uploaded from my Windows client, and with my internet connection at home it took about 35 minutes to complete, and about 20 minutes for each client to download it (the Android client does not download the files unless you call them up). This software can be used for backup purposes as well.

BTW, I found a VMware image preconfigured from OwnCloud which is here: http://bitnami.com/stack/owncloud

You would want to use the VMware image if you were running a virtual server host. This can also be used on Amazon hosting. I will be doing the native install on the main server he wants to use (Linux).

 

[Joelist]

True enough. DropBox has security issues. The most notoriously insecure provider you listed is GoogleDocs both from them sharing your files with the government and also their reading them themselves (along with your gmail and such) to help build advertising. This solution sounds better.

 

[Overmind One]

This is working out quite well. My demo system for the client has also become my own system for personal use. I have my cloud set up, and besides a few minor issues, I am very happy with it. The app on the phone does not remember my credentials or the URL of my cloud server once stopped (ie, phone restart or force close). Other than that, here are the issues:

• URL and credentials forgotten when app closes
• On Galaxy S4 and other phones, camera upload only works AUTOMATICALLY for photos. Videos have to be uploaded manually, but there is an OwnCloud share button in the camera app which makes it just a single touch to upload.
• Syncing is faster with OwnCloud than it is with Dropbox
• Video does not stream, it downloads first...unless you install an OwnCloud streaming app which I have not done yet. Music streams right from your server without downloading
• Hostgator does not have a problem with me using this software on my webspace
• This software works really well on tablets, and supports the InstantUpload feature on them as well.
• You can change the graphics in the package to match anything you want to make (change the OwnCloud logo to your own company, your name, etc).

Best of all, the software is FREE, and you have 100% control of your data. You can even encrypt the files.

 

[Overmind One]

True enough. DropBox has security issues. The most notoriously insecure provider you listed is GoogleDocs both from them sharing your files with the government and also their reading them themselves (along with your gmail and such) to help build advertising. This solution sounds better.

Many enterprises are facing this problem. The product provided by Google (Google Apps for Business) forces too much corporate IT compromise. But the cloud-based apps suite and syncing is something they want. This solution is a replacement for Dropbox, but there are others out there. I need to find a solution of the online apps suite for this same client.

 

[Overmind One]

Saw this...

http://www.nextgov.com/cybersecurit...ol-dropbox-addresses-government-spying/79229/

Would the federal teleworker cohort also be protected? A mobile worker toolkit guide distributed by the General Services Administration suggests that teleworkers consider using Dropbox as "basic mobility equipment."

The handbook states: “Have you considered the free downloadable program ‘DROPBOX’?”

The amendments to Dropbox's privacy policy are part of a larger movement by many Internet giants and startups to address concerns about massive NSA data sweeps. The service says it will strive to protect its systems from any "backdoor" tools allegedly being installed by NSA and other government spies to tap into data center traffic.

"Governments should never install backdoors into online services or compromise infrastructure to obtain user data," Dropbox officials state. "We’ll continue to work to protect our systems and to change laws to make it clear that this type of activity is illegal."

Having the ability to tap into your Dropbox data stream would be a boon to the NSA. They already have all of the biometric software to identify people in pictures you take, they can pinpoint your location using your GPS, and they can even take your picture using your front facing camera on your phone or computer webcam. I dont like this. So, they might know where I am, but they arent getting my pictures or documents because I am no longer syncing them with Dropbox.

The rules of thumb should be:

• If "everybody" is using a given service or site, then it will be targeted for surveillance by the NSA. (Facebook, Twitter, Instagram, Skype, Dropbox, Skydrive, Google Docs, Carbonite, etc etc). As soon as there are more than a million users, the NSA picks said companies up on the radar and takes the necessary steps to get in there.
• If a service is "free", but is a for-profit corporation, then you are just not aware how the money is being made (on the backend selling info?)
• An app or program which constantly asks you if you want to allow it to "manage" your pictures. documents or folders, and you did not request it should not be trusted.

 

[Overmind One]

Okay, two months in and I am loving Owncloud! I have hundreds of gigabytes of storage space available, and I have been syncing and storing my data on it since I posted the OP in March. Owncloud is owned by you, run by you, and is FREE. You need to have a server available to you (even a standard webhosting account can give you this). Once installed, you can get the encryption app (free) which will encrypt all your files on the owncloud server you set up. Neither your webhost or any third party peeping toms can decrypt them, so you are safe.

Think it isnt important to control your information? Facebook, Twitter, Instagram...any of the big kids on the block sitting at the Cool Table (all the services "everybody" is using), are all being monitored regularly by not only nthe NSA, but also news agencies. Many of the news agencies have people whose sole job is to scour social media for story material. Memes, Viral video, Racist comments, admissions of crime, and sometimes just for fun. They are called Social Media Managers. If you are Average Joe or Average Jane, you are probably safe from liability from your Facebook and Twitter posts. Who cares? But if you are an employee who has jealous coworkers or a disgruntled ex girl or boyfriend, your personal life could be exposed to open scrutiny and perhaps legal action, based on what you have posted in your accounts. Dropbox's new "Privacy Policy" (posted above in the thread, verbatim), and in that they have this link to Government Data Request Principles: https://www.dropbox.com/transparency/principles. Reading it tells you that absolutely NO guarantee is made to your privacy. None at all. Writing a novel or storing pictures of your friends and children? NSA biometrics can identify them and cross reference them to determine your circle of friends, associates, employers and places you like to go.

Is anybody else here uncomfortable with that? I am. I have taken control of my information and whilst I write this, my Owncloud server at Hostgator is encrypting 15gb of files I have stored there. I have the private key stored on a USB stick, where I also keep a spreadsheet of all my passwords and usernames.

BITTORRENT SYNC

This one is even cooler than Owncloud in a lot of ways. Bittorrent Sync is serverless syncing over the internet. Your home computer is the repository and your encrypted (by default) files are synced directly between your computer and your mobile devices or another computer.

http://www.bittorrent.com/sync

This solution is very cool, in the sense that your encrypted files are truly yours, living on your computers, and not needing to use any server resources at all. NOBODY can snoop on your stuff. Not even Bittorrent.

More here: http://www.wired.com/2014/02/bittorrent-sync/

It differs from Dropbox and Owncloud in the fact that it is direct syncing with no "cloud" component, no central repository which acts as "cloud storage" except your own computer. And, it is also FREE. Dropbox is not secure, and never has been. Now, since it won it's place at the Cool Kids Table, it is on the NSA radar and has been compromised. Here is how Dropbox is set up (I added Dr Evil):

The vulnerability is obvious. Owncloud has this same structure, but the cloud at the top is under your control...mostly. An injunction or government request could sieze your files on an Owncloud instance hosted on a webhost like Hostgator or Godaddy, not on a private one though, since they would have to make that request directly to you. But Bittorrent Sync does not require a server. No single device is the "mother" device. There is no central server, and settings allow you to restrict sync to specific devices. All encrypted by default. Best of all, no government entity can enlist your ISP, your webhost or anyone else to secretly monitor your data. I think that is pretty damned neat.

 

[Overmind One]

True enough. DropBox has security issues. The most notoriously insecure provider you listed is GoogleDocs both from them sharing your files with the government and also their reading them themselves (along with your gmail and such) to help build advertising. This solution sounds better.

You can now prove to yourself that the government is spying on your data on a regular basis...even you, Regular Joelist. There is an app called HoneyDocs which alerts you when a document has been accessed. Get it here: https://www.honeydocs.com/ more about what it is is here: https://www.honeydocs.com/about

Evidently, the NSA is only interested in Word docs at the moment, but the proof is easy to get for yourself. If you upload a .doc or .docx, shortly after uploading it, the file will be accessed by Dropbox. Why? You tell me. Mind you, it isnt Excel files or Powerpoint, just Docs. But any file type could be flagged. This isnt conspiracy theory, its reality:

http://www.wncinfosec.com/dropbox-opening-my-docs/

I didnt sign up with the NSA to be an information gathering source. I want them out of my underwear drawer and out of my computer data.

That article was followed up by this one, which explains that Dropbox accesses the files and copies them in order to create compatible file formats for use in other programs, or for previewing purposes. This is actually WORSE than just reading them!

http://www.wncinfosec.com/opening-and-previewing-documents/

Its a nightmare if you are trying to secure data.

 

[Joelist]

Nice technology. HoneyDocs is a good way to bait a trap for snoopers.

As to Dropbox I go nowhere near them.

 

[Overmind One]

Nice technology. HoneyDocs is a good way to bait a trap for snoopers.

As to Dropbox I go nowhere near them.

Dropbox has become a nightmare for companies who must comply with regulations. You cant make Dropbox comply with HIPAA, FERPA, SAS 70, ISO 9001, ISO 27001, or PCI certifications. If Dropbox is found in the enterprise, compliance is lost. Even on a mobile device. But this also applies to iCloud and Skydrive.

 

[Joelist]

Actually OneDrive is fully compliant with ISO 27001, EU Model clauses, HIPAA BAA, and FISMA, and is verified by third-party auditors. Plus all its internal links use Perfect Forward Secrecy and 2048 bit key lengths. The link to the customer supports TLS, SSL and even PFS of the customer wants it. At rest data is encrypted if customer wants (because that needs a key to be shared). Or the customer can easily encrypt at their end.

I had to research all this as part of our process of getting Salesforce.com approved - it was a comparative piece I did of cloud based versus internal solutions in security terms.

Long story short, OneDrive is a different animal than Dropbox, Google or iCloud.

 

[Overmind One]

Actually OneDrive is fully compliant with ISO 27001, EU Model clauses, HIPAA BAA, and FISMA, and is verified by third-party auditors. Plus all its internal links use Perfect Forward Secrecy and 2048 bit key lengths. The link to the customer supports TLS, SSL and even PFS of the customer wants it. At rest data is encrypted if customer wants (because that needs a key to be shared). Or the customer can easily encrypt at their end.

I had to research all this as part of our process of getting Salesforce.com approved - it was a comparative piece I did of cloud based versus internal solutions in security terms.

Long story short, OneDrive is a different animal than Dropbox, Google or iCloud.

Yes, but it is Microsoft. It definitely IS secure, but it is also subject to government inspection of files when requested, and is as vulnerable to government sanctioned snooping as all Microsoft products are (right down to the code level). Microsoft = NSA network infrastructure, software and tools + Military network infrastructure + software and tools. Are you aware of the Federal Cloud? Yes, it is a closed, semi-secret cloud infrastructure created by Verizon, Dell, Microsoft and IBM. The security clearance I have from the government does not allow me to work on cloud servers which are part of that Federal Cloud as a subcontractor. Really?

OneDrive is GIVING AWAY 20GB of space to select enterprise clients because they know that it will create a honey pot for the NSA. And the association between the NSA and Microsoft is indisputable. http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data. The NSA us running a Microsoft encrypted network with Windows servers and Active Directory. Typical for the government and large enterprises.

Im not saying that monitoring of data by the NSA compromises any of the regulations...indeed, part of those regulations implicitly allows them to access private data.

https://www.privacyrights.org/HIPAA-basics-medical-privacy-electronic-age#2

My issue is related to private individuals and small businesses and private organizations. Those selfies you take with your cellphone do not belong in an NSA database, nor do your texts, Word documents or your daily GPS statistics. If I werent in love with the huge screen and capacity of the Samsung Galaxy phones, I would opt for the security of a Blackberry (still by far the most secure smartphone on the market). But I can reduce my exposed footprint by controlling my sync data, emails and computer files...and Microsoft is not part of that picture.

EVERYBODY should know just how granular the information provided daily to the NSA on individuals is. Right down to how much battery charge is left, your phone collects GPS data from where you go, how long you stay there, when you are using the phone or a browser, your calls, the duration and location of those calls, your SMS and Media messages, and your pictures. They can be tagged easily using the same technology Google uses to identify places things and people in Google Goggles (or Google Glass). Put together with the data from the millions of other phones, photos and texts and call connect people in that relational database, and your habits are plotted like any tagged animal. I know Microsoft on an intimate level...and I will NEVER trust them.

 

[Joelist]

Just pointing out OneDrive is a different animal from those others.

 

[Overmind One]

Notes on Bittorrent Sync:

The good

• It's beautiful. Computer sync app, mobile app. There is NO browser access because these files are not on a server. They are on devices. This means nobody can download or see any of your files on a server because they arent on a server.
• You need root on your phone to sync photos and video automatically if you have set storage to the ExtSD. Bittorrent Sync cannot write to your external SD card unless you allow root access to the folders on there you want to sync.
• EACH FOLDER has it's own secret key. The encryption is perfect, security is top notch.
• You can set one way or two way sync, based on the secret key. This is great if you just want to sync pics, music or documents from the phone or tablet without having it go both ways.
• No limit on number of sync folders or storage, except the capacity of your devices and connected computers.

The bad?

• You need root on your Android phone to give the mobile app permission to read and write from the \extSD\DCIM\Camera folder. Have an iPhone? forget it. . Just kidding, there is an app for it too but Im not sure how it works on an iPhone.
• No web access for the files. They do not live in the "cloud" (on a server) and therefore cannot be served to the web. This is also a plus, depending on your concerns.
• The security is uncompromising. If you lose your keys and do not have key recovery set, your data is forever gone. Key recovery is on by default.
• Sync speed is still determined by internet speed.

I was first put off by the fact that there is no web access to these files, but then again it means there is no caching, no screenshots and no inadvertent breaches by leaving a browser open. Im still testing this solution.