Archive for the ‘Privacy’ Category

Tonido Pro and Biz are now Free

 

just-be-free

 

We have an awesome news to share with you. We have made both Tonido Pro (29$/year) and Tonido Biz (99$/year) completely free.  Just install the latest Tonido and get all the paid features at no cost. For complete list of features, Please check http://www.tonido.com/tonidodesktop_freefeatures/.

Now with Tonido being free, Data Privacy doesn’t have to be a privilege anymore.  Each and Every one of you can run your own Personal Cloud at no cost to protect your personal data.

We are committed in making Tonido as the #1 Personal Cloud server that safeguards your data privacy and internet freedom. We thank you for your continued support.

How Tonido can protect Jennifer Lawrence and Kate Upton from future Cyber Hacks?

If you are following the news, the internet is currently abuzz with the massive celebrity photo hacking incident. Hundreds of celebrities are affected by this leak  including Academic Award winner Jennifer Lawrence  and super model Kate Upton.  According to news sources, hackers hacked either celebrities Apple iCloud or Dropbox accounts. The exact details of how the hacking happened is not completely clear yet . One can read more about this story in  NPR here. Here is the editorial piece from NYTimes on the same topic.

800px-Jennifer_Lawrence_by_Gage_Skidmore

Jennifer Lawrence at the 2013 San Diego Comic Con – By Gage Skidmore

The primary reason we founded Tonido is to provide a safe alternative to public online services where the users have complete control and ownership of the data.  We have reiterated many times  that the  public cloud online services are inherently unsafe to store personal photos. When  hundreds of millions users use a centralized cloud like iCloud (300 M+ accounts) or Dropbox (300 M accounts) or Google Drive to store personal documents and photos, the potential reward of hacking such systems are quite high. These centralized online services are waiting to be hacked every second of a day, 365 days a year. One successful hacking attempt can inadvertently expose many users private data.  Even if these companies employ world’s leading computer security experts, there will never be a guarantee that these systems are completely safe.

There is also a genuine concern that individuals hand over their personal data to corporate entities without fully understanding the consequences. There is always a risk that your personal data will be data mined for profit motives.  If you use iPhone or Android Phone, you are automatically opt-in to backup your photos/videos to their respective cloud services.  Opting out from automatic backup is a not an intuitive process. These systems are primarily designed to suck the personal data rather than safe guarding it. Even if you delete the photos from your device there is no guarantee that it will be deleted from the cloud server. Further, once your personal data enters the public cloud, the data is at the mercy of those who administer it. In short, Don’t put private files in the cloud if you don’t want it to get out

But users have choices though. Privacy doesn’t has to be a privilege. A little commonsense can go long way. A distributed system like Tonido will always be order of magnitude more secure than Dropbox or Google Drive.  Tonido is probably one of the best system to safeguard  your personal data because of its  anonymity, zero knowledge of user password and storage of data in the user device rather than the cloud.

For instance, let us go through the Tonido account creation process. Users can choose any name as their account name. We don’t have real name policy like public clouds. User passwords are neither  transmitted to us or stored in our servers.  If somebody wants to hack the system, hacking our servers is not going to help. They have to individually hack every device that is running Tonido.  if you choose a sufficiently hard user name and the password then hackers need to hack both the username and the password.  Users can choose a secondary question and answer to further protect thier accounts. Since your unique username is part of the device URL (https://yourname.tonidoid.com), phishing attempts can be quickly discovered by the users.

 

anonymous user name

 

 

q&a

 

 Here are 10 Reasons Why you should consider Tonido over Public online services for storing private data?

  1.     No Real Name Policy – Unlike Facebook or Google, we don’t require a real name to create Tonido account. You can choose any name.
  2.     Completely Independent –  To facilitate ease of use, we provide dynamic dns and relay server to access your Tonido device from anywhere. You are free to use your own.
  3.     Complete Control – Turn it On or Turn it Off any time.
  4.     Private and anonymous shares– Tonido allows you to create private and anonymous file shares
  5.     Ephemeral Shares – Tonido allows you to create time limited, ephemeral file shares that you can use to share content with friends and family
  6.     Guest user support – Create user accounts for your  family members and friends in your own Personal Cloud
  7.     Works without internet – The application and data is always local. You can access your Tonido device from your home network even if there is no internet
  8.     Password Security – We don’t store your passwords in our system.
  9.     Cross Platform and works on any device – Tonido is available for Windows, Mac OS X and Linux.  Just a Raspberry Pi is enough to run Tonido.
  10.     Powerful Alternative to Online Services – Out of the Box, Tonido can replace Google Drive, Dropbox, Picassa, Flickr, Facebook and Spotify (If you own your music).

In addition to the security benefits,  Tonido is extremely simple to use.  It will take less than 5 minutes to set it up.  One can also automatically backup photos/videos from iPhones/Android Phones to their own Personal Cloud without worrying about security and privacy.

We invite Jeniffer, Kate and other individuals, who would like to safeguard their private data to try out Tonido Personal Cloud. We promise you will not be disappointed.

 

How Tonido Personal Cloud brings Data Ownership, Privacy and Anonymity to your Digital Life?

When we started up Tonido, our goal was to provide a compelling alternative to public online services. We figured that a few companies controlling everyone’s information is not good for a equitable society. After 4 years, if we look at the current status of the Internet, all of our worst fears have come true. There is zero privacy and zero anonymity. The web is not open and the ecosystem is controlled by a few companies. One needs to set the expectation that everything that happens on the public internet gets tracked, aggregated, diced, profiled and sold to the highest bidder. Don’t do anything on the internet that you will not do in a public place. People’s memories fade, but the Internet never forgets.

The music you access, the emails you send, the photos you share, the comments you post and pretty much anything you put on public online services serve as one more data point to create your online persona . With a few clicks anybody can buy that data for a cost.

 

Scott

As always, the individual liberty and protection of privacy is the responsibility of users. Nobody is going to do that for you. If you have young kids or newborns many of them will outlive the current set of hot internet companies. But, by the time your kids become adults, the data that you entrust with these companies can change many hands and come back to haunt them in many ways. Even if the current management is benevolent (‘do no evil’) there is no guarantee that the future management will be benevolent.  Hard times and bad economies can change the way companies will treat your personal data.

With your permission, you give us more information about you, about your friends, and we can improve the quality of our searches. We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about  Eric Schmidt, Executive Chairman of Google

This quote pretty much summarizes the power that we voluntarily give out to internet companies. The new internet monopolies are not much different from the 19th century robber barons. The railroad magnates used their control over rail road distribution to create monopolies. In similar ways, the large internet firms use network effects, control over personal data and monopolies over desktop and mobile Operating Systems to serve their profit goals. It is not illegal. It is business as usual. But as users we need to think twice about the information we freely offer. What kind of control are we forsaking?

3f6

Many of the popular internet companies (Google, Facebook and others) enforce real name policy, thereby ensuring they are able to identify track and aggregate you and your data anytime you use their services. We are not advocating that you should not use their services. But do expect that anything you do and share on these services is up for sale. The “I have nothing to hide” argument is not really valid  here. The data you put or share in these services can have profound practical implications in your job search, getting insurance or getting a financial loan. It is not really about hiding stuff any more. The basics of life are at stake here.

Smart people now understand this predicament and indiscriminate sharing on social networks is changing slowly. If you want to have real control over your personal data then you need to have complete control over the system.

Tonido provides such a system. If you want to share your kids photos or share your thoughts with family and friends without any fear, Tonido can do that for you. Using Tonido, you can create this private, safe space  that runs on your device behind your home router. You will have 100% control over this private little space.

Here are the 10 things that Tonido can do  to safeguard ownership,  privacy and anonymity

  1. No Real Name Policy – Unlike Facebook or Google, we don’t require a real name to create Tonido account. You can choose any name.
  2. Completely Independent –  To facilitate ease of use, we provide dynamic dns and relay server capabilities to access your Tonido device from anywhere. You are free to use our dynamic DNS and relay servers or your own. Here are the instructions.
  3. Complete Control – Turn it On or Turn it Off any time.
  4. Private and anonymous shares- Tonido allows you to create private and anonymous file shares
  5. Ephemeral Shares – Tonido allows you to create time limited, ephemeral file shares that you can use to share content with friends and family
  6. Guest user support – Create user accounts for your  family members and friends in your own Personal Cloud
  7. Works without internet – The application and data is always local. You can access your Tonido device from your home network even if there is no internet
  8. Password Security – We store only your user name. We don’t store your passwords in our system. It will give you completely secure access to your data. Any centralized hack will not compromise your data.
  9. Cross Platform and works on any device – Tonido is available for Windows, Mac OS X and Linux. You don’t need  expensive hardware to run Tonido – Any old computer will do.
  10. Powerful Alternative to Online Services –Out of the Box, Tonido can replace Google Drive, Dropbox, Picassa, Flickr, Facebook and Spotify (If you own your music). It is extremely simple to use and comes with native mobile apps for iPhone, Android, Windows Phone and Blackberry.

In a nutshell, Tonido allows one to  access, share, sync and organize personal data from anywhere without losing control over the personal data.

We are committed in our vision to make Tonido  the #1 Personal Cloud that safeguards  privacy and online freedom.  We are happy that our years of effort  creating Tonido is making the world a better place. We don’t have billions of Tonido users. But we make a positive difference in the lives of the million or so users that currently take advantage of our systems. An active Tonido user puts order of magnitude less data in the popular online services than an average internet user. Every user that Tonido attracts is one less user for a Public cloud service. That is good enough for us. 

Tonido’s 10 Rules of Personal Cloud

Personal Cloud is probably the most misused term in the internet now. Every sundry public cloud storage offerings like Dropbox, Google Drive and others are masquerading themselves as Personal Clouds. Remember. It is their Personal Cloud. Not Yours. They can kick out, block or shutdown anybody at anytime. They determine how much storage you can use and have complete right to track and catalog your data.

We are one of the earliest companies who have used the term -“Personal Cloud” back in 2009 to put forth our vision. We cannot sit idle and watch the misappropriation of term and vision that we have fought for over many years.

In real sense, the word personal means “of, affecting, or belonging to a particular person rather than to anyone else”. So Personal Cloud means a cloud that is owned by you. not by others.

Like Codd’s 12 rules of database, which he put together  to prevent his vision of the relational database being diluted by vendors, We are putting together our 10 rules of Personal Cloud.

Rule 1: The Personal Cloud system should run on the device owned or fully controlled by the end user.

Rule 2: The Owner of Personal Cloud system should have complete ownership, rights of content he/she can put in the Personal Cloud System

Rule 3: The Owner of Personal Cloud system should have complete independence of content he/she can put in the Personal Cloud System

Rule 4: The Personal Cloud System (the app and the data) should be completely Local. The system should be accessible even if there is no internet.

Rule 5: The Personal Cloud System should not snoop or alter the end user content either manually or in an automated fashion

Rule 6: The Personal Cloud System should not pose any storage limits and should be accessible from anywhere.

Rule 7: The owner should be able to stop or shutdown the Personal Cloud system anytime.

Rule 8: The Personal Cloud System should be cross platform and run on all the popular desktop (Windows, Mac and Linux) OSes.

Rule 9:  The Personal Cloud System  should have clients or be accessible from all the popular mobile OSes (iOS, Android, Blackberry, Windows and others).

Rule 10: The Personal Cloud System  should run on from low to high end computing devices (Routers, NAS to PCs and Servers) and varied chipset platforms (ARM, MIPS, X86 and others).

 

If you are a user check whether your beloved service checks all of the rules here and if you are a vendor make sure you comply to all of the rules here before calling yourself as Personal Cloud.

Dropbox Terms of Service and Privacy Policy Change – What it means to your Data and Rights?

 

Today Dropbox has changed the Terms Of Service and Privacy Policy  once again.  We don’t have the legal expertise to comment on the  merits and demerits of Arbitration clause or the importance of user rights to seek legal remedy in a court of law.  From the user comments on the blog post, it does seem like a unpopular move by Dropbox.

But we can say one thing: Once personal data moves from your computer to a 3rd party cloud, the data is not yours anymore…

Luckily our users have Tonido. We are proud of the personal cloud service that we have created and run over 5 years to  safeguard your privacy and online freedom.  At this time, there is no better challenge in the internet and our team is ready to carry on the fight with your help.

We promise to our users that we will make Tonido as the #1 Personal Cloud .

 

Enterprise File Sharing in FileCloud

Enterprise File Sharing (EFS) has come a long way from sharing mapped drives to sharing files via email with internal and external users. However, in recent days enterprises are demanding that EFS System to be an all-inclusive product that addresses a number of features such as security, mobile access, groups, network files, audit logs, emails, and integration with other enterprise products.

FileCloud addresses all the above features and much more. In this blog, I will discuss in detail the File Sharing features and capabilities of FileCloud.

Public Share…It cannot be any simpler

Upload, share and email all from FileCloud. File Sharing cannot get any simpler. Once the File or Folder is in FileCloud, you can simply create a share and even send an email from the FileCloud interface. By this process, FileCloud creates a public share which means that anyone can access the file through the File Share link.

Additionally, when a public share is created, you can allow uploads to that public share folder.

Private Share & Additional Security

Once the share is created, you can choose to modify permissions and select an existing user or add a new user to share the file. By this process, FileCloud creates a private share. To access the shared file the user must have an active account and login into the FileCloud.

Additionally, you can set permissions on your share to allow Read, Write (with upload size limit) and Share with an expiration date.  This feature allows users to upload file or delete a file from a share and also re-share the file or folder to other users.

Re-Share a Share

When you receive a file or folder as a public or private Share FileCloud allows you to re-share the file or folder to a different user.  All the more, the ability to re-share can be set when the share is originally created.

Share to a Group of Users

Admin can create a group and add a bunch of users to the group. Users can share a file to the group as a private share. Any user in the group can log-in to view the shared file.

Share from a Network

Admin can create a network share from the FileCloud admin portal. Once a network share is created, the files and folders in the network shares are accessible in the FileCloud User Interface and users can create a share and set the permissions to AD users or local users added through FileCloud.

http://www.tonido.com/support/display/cloud/Network+Shares

Integration with Active Directory and LDAP

FileCloud can be integrated with your existing AD and LDAP system.  Thereby, all AD/LDAP users can immediately start using File Sharing features of FileCloud. Additionally, admins can add an AD group and its users directly in the FileCloud admin portal.

 BYOD support

No File Sharing System is complete with support for BYOD (Bring Your Own Device).  FileCloud supports a range of mobile systems from iPhone, iPad, android, android tablets, Windows Phone, Windows Tablet and Blackberry. Users can create a share and access a share through all these mobile devices.

Audit Log

Logs are created when Shares are created and accessed. The log indicates who did what to what share when and how.  You can view and export this audit log through the admin portal.

Integration with MS Outlook

Beta version of FileCloud MS Outlook add-in is available. Once installed, users can (a) Upload a file to FileCloud and share the file as a link or attachment through email (b) Share and email a file or folder that is already in FileCloud directly through outlook. In essence, users no longer have to worry about file size limits when emailing a file, save time and improve efficiency when sharing files.

http://www.tonido.com/support/display/cloud/FileCloud+Add-In+for+Microsoft+Outlook

I hope you got a complete overview of all the features and capabilities of Enterprise File Sharing in FileCloud. With our recent release of version 3.0, we have addressed many other features. FileCloud is a secure file sharing software that is trusted by 1000s of organizations across 90 countries for enterprise file sharing. Click here to learn why FileCloud is the fastest growing Enterprise File Sharing and Sync (EFSS) solution!
If you have any new feature requests, please let us know. To get your trial version of FileCloud, please visit https://www.getfilecloud.com

HIPAA compliant audit trail in FileCloud

Health Insurance Portability and Accountability Act (HIPAA) mandates security and privacy standards for health information. Everyday employees within your organization end up accessing and working on multiple files and folders within your network. HIPAA requires that you provide an audit control to record and examine their activity.

Did you know when you use FileCloud as your enterprise File Storage and Access solution you automatically get HIPAA compliant audit trail?

Yes, FileCloud monitors and records each operation on data stored in FileCloud.

FileCloud audit support identifies and records who (Username) did what (access, modify, delete, add etc) to what data (Files, Folders, User List etc), when (date and timestamp) and how (Web, mobile,  Sync Client, Drive etc).

Additionally, FileCloud admin website facilitates administrator to access the audit trail.

How to enable audit trail?

TONIDOCLOUD_AUDIT_LOG_LEVEL parameter in the FileCloud General Configuration can be set as follows to suit your requirement.

OFF – No activity is logged.
REQUEST – Incoming requests are logged.
FULL – Both incoming requests and outgoing response are logged.

How to view audit trail?

In the admin website, click the Audit link on the left menu to view the audit screen.  The audit log can be filtered by date range, username and operation.  The common operations include: create account, login, upload, getfilelist (browse), create folder, delete,  download file, share file or folder. However, you can view audit of all operations by choosing all.  The audit log results can be exported to a CSV file. The audit log will provide username, IP address, user agent, log date and time stamp, how the resource was accessed, complete request and response in JSON format.

 

The request and response data stored in JSON format in FileCloud can be viewed easily in any json parser such as http://json.parser.online.fr/

For more information on audit support in FileCloud you can review our support site

Personal Cloud Security – Tonido VS PogoPlug

Recently TWiT.TV did a great episode on Roll your Personal Cloud featuring Tonido, PogoPlug and Opera Unite. If you have not heard of TWiT.TV– take our word and please do yourself a favor by checking it out. TWiT.TV is probably the number one, unbiased technical netcasts in the internet and it is primarily supported by the viewers rather than advertisers.

During the show, It became apparent that the show host was unsure about the security architecture of Personal Cloud services like Tonido and PogoPlug. We feel it is our duty to explain it to our customers and media.

Let me say it: Security is the first class citizen in Tonido platform.

  • With Tonido, all apps are local to your device.
  • The authentication happens directly between your browser and the Tonido device.
  • We don’t store your credentials in our servers.

Tonido’s unique architecture design offers many security advantages over the PogoPlug or any other personal cloud services implementations in the market.

Compared to Tonido, other Personal Cloud Services store their user credentials in their servers and the user interface is also served by a central server. This approach has 2 drawbacks:

  1. If somebody hacks into their servers, they can get access to all the devices that are connected to the service
  2. If your internet is down, you cannot access your device even if stands next to your couch
  3. (Not directly related to security, but this is HUGE): Tonido’s smart LAN switching allows you to access your device directly over your LAN without having to go over the internet. So you get BLAZING performance.

Tonido doesn’t have these drawbacks. Even if there is no internet, you can still access your Tonido device inside your LAN using the IP address. The user credentials are not stored in our servers which minimizes the security risks to greater extent. One can also run Tonido in stand alone mode completely without using our relay servers. (Please see: http://www.tonido.com/blog/index.php/2012/06/28/how-to-run-tonido-in-stand-alone-mode-without-relay/)

Tonido offers advanced security controls like IP filters that allows you to configure access permission based on IP addresses and also implements two-factor authentication using a secondary question and answer.

No digital product can claim it is 100% hacker proof. We always recommend our users to use strong passwords and set remote Q&A to their Tonido run devices.

In the marketplace, as a customer you have an option to choose competing products and services. Depending on your budget, functionality and security needs choose the product that fits your requirements. But if you are looking for a powerful, full-featured and secure personal cloud – TonidoPlug is the way to go.

SkyDrive Privacy Blunder – Why Tonido is Better?

The reason is very simple. Our Tonido users are fortunate and don’t need to worry about disturbing news like this one : Watch what you store on SkyDrive, You may lose your Microsoft Life.

Quote from wmpoweruser

While Microsoft has the full right to police its property, with cloud services increasingly interwoven into Windows Phone and Windows 8, and even Office, users should be aware that SkyDrive is not in fact an extension of their hard drive and not store anything there, even in private and even if legal, that could in any way be questionably.

New Tonido Release 2.12.0.12708 Highlights

Among all the things that is going on with Tonido we are here again with a new release. This release has a couple of new features and a bunch of small bug fixes.

Webshare and WebsharePro:

The webshare useraccess UI is revamped. Users can now play an entire folder of mp3 songs directly by accessing the share. For better user experience, the UI will be presented with three views file, gallery and music.

MP3 Player on Webshare

MP3 Player on Webshare

gallery11

TonidoPlug:

When you connect a HDD to TonidoPlug and it maps to a path it will always map to the same path.  If multiple HDDs are connected to TonidoPlug through a USB hub, each HDD will always be mounted on the same path.

For example, if there are 2 Flash drives one from SANDISK and other from KINGSTON connected to TonidoPlug through a USB hub. TonidoPlug will randomly map SANDISK to disk1part1 path and map KINGSTON to disk2part2 path or viceversa. And, this disk-to-path map is maintained even if the flash drives are disconnected and re-connected again. Click the Clear DiskDB button to remove this mapping.

plugdisks3


Please Note: This is backwards incompatible change that affects users of early versions of TonidoPlugs whose USB disks are mounted on locations like /media/usb0, /media/usb1. It needs an action from your part if you upgrade to the latest Tonido version 2.12 and later. Please see the following for more information.

On plugadmin, two new buttons are added

  • Cleanup space – To clean up files under /media/ directory. This is in case the internal disk space of TonidoPlug gets full.
  • Clear DiskDB – This is to clean the list that contains the disk to HDD path mappings.

Torrents:

The torrents UI underwent a couple of enhancements.

  • Torrents UI now supports pagination.
  • UI loading is made more responsive. Torrents will be displayed immediately after adding a new torrent.
  • You can directly go to the folder in explorer view where the torrents are stored from the torrent detail screen.

Thots:

The categories in Thots will now be arranged alphabetically. Also, when public Thots are searched the private Thots will not be displayed.

Profile Names:

When profile names are using mixed case then there have been some problems accessing that profile using the relay.  After this release, your profile name will always remain in lower case and your display name will reflect what was typed.

Other Changes:

  1. Jukebox will no longer make unnecessary calls to the backend.
  2. Guest Logins will be logged and displayed as part of activity log.
  3. Change password and backupwizard dialog will function.
  4. In websharePro UI the download zip and slideshow will standout.

logos

Please see release notes for complete set of changes.

Thanks for your continuing support and let us know by comments below your feedback!