Yottabytes: Storage and Disaster Recovery

March 8, 2013  1:39 PM

Your Cloud Storage Service is Looking for Child Porn in Your Files

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

It’s not the first time that we’ve learned that our data on a cloud storage system isn’t necessarily private, but it’s a useful reminder.

William Steven Albaugh, 67, was arrested after police found “numerous files of child pornography” on his Verizon online storage locker and several thumb drives, the Baltimore Sun reported. “Detectives began investigating Albaugh after Verizon Online notified the National Center for Missing and Exploited Children that Albaugh, a subscriber, had stored images of children engaged in sexual acts on the online cloud storage system, police said.”

Um, really?

We already learned, in 2011, that cloud storage systems such as Dropbox would turn over files if requested by law enforcement. We also learned that some systems such as Dropbox, when a file is uploaded, check to see if it’s already online, and, if so, just save a pointer to the original copy. While this saves space, it also means that, in theory, law enforcement could upload any number of files it’s illegal to own — such as copies of movies — and if the stored file length is less than the original file, it means someone has it on the system already.

In the process of that, we learned, if we didn’t know already, that in 2010 New York Attorney General Andrew Cuomo made an agreement with several online services such as Facebook and LiveJournal to check uploaded images for child pornography.  “Through its investigations, the Attorney General’s Office has created a database of more than 8,000 hash values that are associated with images of child pornography,” the Attorney General’s office wrote at the time. “The database can be used to identify the corresponding child pornography images through the fingerprints and stop that picture from ending up on a site.” The office also said it would continue working with other online services to encourage them to do the same thing.

Apparently, at least one of them was the Verizon Online Backup and Sharing cloud storage service.

Media outlets have pointed out that this was all clearly spelled out in the terms of service. “Like many types of online storage or media services, Verizon’s Online Backup and Sharing states in its terms of service that the company is ‘required by law to report any facts or circumstances reported to us or that we discover from which it appears there may be a violation of the child pornography laws,'” writes the International Business Times.

Because, of course, we all read every word of our terms of service.

If this sounds familiar, it may be because, as of last July, four out of the five cases concerning whether people have to provide the key to their encrypted storage also have had to do with child pornography, according to the Electronic Frontier Foundation’s attorney Marcia Hoffman.

Look, there isn’t any question that child pornography is bad. But there’s a saying, “Hard cases make bad law” — that is, an unpleasant case can lead to a harsher general law that can end up being more widely applied. (We don’t know whether law enforcement is more likely to push the envelope of legal search because they so badly want to catch child pornographers, or because they think people will be less likely to criticize their methods because the crime is so heinous.)

If it’s determined through these cases that checking people’s files as they are uploaded to a cloud storage service is an acceptable practice, it has the potential to apply to all files and all people, not just ones we don’t like.

In the meantime, it sounds like we’d better be sure to read our terms of service carefully.

February 28, 2013  12:19 AM

Storage Startup Market Heats Up

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

The storage industry is exciting. No, really. People are throwing millions of dollars at storage startups, which apparently seem more secure to them than things like Facebook.

“In Silicon Valley, data centers are heating up with startups like Pure Storage and Nimble Storage pulling in massive funding rounds and Michael Dell announcing a storage-focused investment fund,” writes Christina Farr at VentureBeat.

  • Nexenta, a software-based storage company, received $24 million this week in its fourth round of financing from new investors Four Rivers Group, Presidio Ventures, and UMC Capital with participation by existing Nexenta investors Menlo Ventures, TransLink Capital, Javelin Ventures, Sierra Ventures, Razor’s Edge Ventures, and West Summit Capital. Its previous round, in January 2012, raised $21 million. In the process, the company also got a new CEO and CMO. It has experienced triple-digit growth for three consecutive years and reportedly has more than 5,000 users.
  • Skyera, a flash startup, closed $51.6 million in second round financing led by Dell Ventures a week ago. It was founded in August, 2012.
  • Pure Storage, another flash vendor, got $40 million in its fourth round of funding in August, 2012. The latest funding round was led by Mike Volpi at Index Ventures, with participation from Greylock, Redpoint, Sutter Hill, angels from VMware and DataDomain, and others, according to VentureBeat.
  • Nimble Storage, a startup that provides data storage, backup, and disaster recovery, closed a $40.7 million second round of funding in September, 2012. First round investors Accel Partners, Sequoia Capital, Lightspeed, and Artis Capital participated, alongside newcomer GGV Capital. It was founded in July, 2010.
Both Nexenta’s and Nimble’s most recent rounds were oversubscried.

Dell’s $60 million fund, run by its investing arm Dell Ventures, was founded in July, 2012 to seed $3-$5 million in five to 10 promising startups, with Dell maintaining an equity position. This was not new to Dell; it was an early investor in VMWare and flash memory startup Fusion-io (whose chief scientist is Apple co-founder Steve Wozniak). (Skyera is also setting itself up as a competitor to Fusion-io.) This is on top of Dell itself acquiring more than two dozen storage companies.

“What’s happening in Flash memory is kind of an interesting place to start because if you think about the relationship between servers and storage and how sort of performance occurs and apps are distributed, not what we’re able to do is put large amounts of memory — we’ve actually designed this ourselves into our 12th-generation servers that we’re shipping now,” Dell told Fortune in announcing the fund. “Put several terabytes of memory directly in the server.  We acquired a little company that gives us cache coherency across a large number of servers.  And so you start to rethink what is a server, what’s storage, what’s the network when you have virtualization and now you have 50 virtual machines, 100 virtual machines, 500 virtual machines in one.  So, the storage world is really getting shaken up a tremendous amount.”

February 20, 2013  11:11 PM

Attack of the Pod People! Backblaze Updates Its Storage

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

A funny thing happened on the way to Backblaze’s automated backup product — it sort of turned into a storage design company.

The company has been known for some time for its storage designs, which, instead of making real real big storage, uses a whole whole lot of commodity storage devices hooked together into “pods,” with as much of the extraneous stuff stripped off as possible. This reduces costs and is more scalable than large storage systems that require forklift upgrades to be expandable.

Backblaze has been getting so well known for its storage system that other companies, such as Netflix, have taken to using it as well, and several vendors have started selling storage systems based on the Backblaze designs.

The system has its flaws — such as, if the company has trouble finding commodity disk drives — but in general it works pretty well. (Facebook has also taken to designing its own disk drives, as well as servers, for a similar reason: economies of scale make it more efficient to design its own hardware.)

The system works so well that the fact that Backblaze has designed a new generation of the storage pods it uses has itself made the news, because so many organizations — Vanderbilt University, Crispin Porter + Bogusky, Rensselaer Polytechnic Institute, NASA’s Jet Propulsion Laboratory, and Shutterfly, along with Netflix — have been using the Backblaze designs.

“In the world of high-volume storage, we’ve come to a place similar to the PC market decades ago when it was cheaper to just buy the parts and build your own than it was to buy a pre-assembled computer,” writes GigaOm’s Derrick Harris.

Version 3.0 of the storage pods now have a capacity of up to 180 TB — up from 135 TB, because they’re based on 4 TB, rather than 3 TB, commodity drives. In addition, a number of the other components have also been replaced. The result is a drive that is more reliable, easier to manage — and cheaper than the 135 TB second-generation systems it replaced.

Backblaze also releases the specs of the system — including a parts list, prices and all, right down to the screws, as well as very detailed instructions — to enable other companies to use its designs as well. That is, if they can. “To obtain these prices we do purchase them in quantity,” Backblaze warns.

Disclosure: I am a BackBlaze customer.

February 13, 2013  9:45 PM

Data Migrations Suck. Here’s a Survey to Prove It.

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

House on Fire image via Creative Commons

House on fire image via Creative Commons

We’ve all heard how “three moves are equal to one house fire” (a sentiment so old it’s attributed to Ben Franklin’s Poor Richard’s Almanack in 1757). Apparently the modern equivalent is that “three migrations equal one disk crash.”

That’s the finding of a December 2012 survey by Gridstore, which found that, for medium-sized businesses during a major storage upgrade:

  • 55% experienced business and end user disruption
  • 32% experienced failed upgrade process where migrations didn’t complete
  • 9% lost data or access to data during the migration

While there’s admittedly problems with the survey methodology (Gridstore surveyed only its own customers, we don’t know how many were asked, we don’t know how many responded, we don’t see a full copy of the survey), one thing seems clear: Migrations are fraught.

And it’s not just the migration itself, but preparing for one. The survey found that businesses preparing for purchasing new storage faced either high business disruption or stopping business for forecasting capacity (almost 40%), slow or complex purchasing cycles (almost 25%), requiring multiple approvals (almost 35%), and complexity or time required to evaluate (almost 30%).

On the other hand, not doing anything wasn’t any better, with respondents reporting that, before an upgrade, they suffered consistent disruptions from limited performance (35%), limited bandwidth (about 15%), limited capacity (about 15%, with another 10% reporting it as a “putting out fires” situation), or reliability (about 25%).

What particularly makes this a problem is that midsized organizations are reportedly doing an awful lot of migrating — 71% of the survey respondents reported that they were adding storage and capacity every 6 to 12 months.

Next time you plan an upgrade, maybe you’d better add a fire extinguisher.

February 7, 2013  1:06 AM

Supreme Court May Decide What ‘Storage’ Is

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

What is storage?

That’s the question that the Electronic Privacy Information Center (EPIC) is asking the Supreme Court to decide, in a friend-of-the-court brief it has filed in the case of Jennings vs. Jennings.

“The privacy group is filing an amicus brief asking the high court to accept an email privacy case from South Carolina that’s exacerbated confusion over what courts consider electronic storage,” writes the political journalism site Politico. “In the filing, submitted on behalf of nearly 20 privacy advocates, EPIC tells the Supreme Court that email privacy rules and definitions have become increasingly unclear, thanks to the rise of cloud computing, and Congress has yet to step in to fill the gap.”

The whole issue of what “storage” is became an issue last fall, when a South Carolina Supreme Court ruled that, under the Stored Communications Act (SCA), email in a Yahoo! account should not be considered protected from unauthorized access because email sitting in the cloud was not “stored” the same way as it would be sitting on one’s own computer — which was protected.

This means that was also true for anyone who uses a cloud-based email system — not just Yahoo, but also Gmail and a plethora of other systems. Not to mention some components of the federal government itself that have moved to cloud-based email, EPIC notes in its brief.

The original case was a domestic dispute — a husband was cheating on his wife, and the wife’s daughter-in-law figured out the husband’s e-mail password and logged in to his personal account to read the e-mails between the husband and his paramour, wrote Orin Kerr in The Volokh Conspiracy legal blog. “The daughter-in-law found the e-mails and shared them. The husband filed suit under several laws including the Stored Communications Act, 18 U.S.C. 2701, which only allows a civil suit if the e-mails accessed were in “electronic storage.””

The Supreme Court may get involved because this decision conflicts with a similar case by the Ninth Circuit Court in 2004, wrote Andrew Hoffman at the Information Law Group blog.

“The Jennings opinion establishes a split with the Ninth Circuit’s opinion in Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004), which found that emails that had been received, read, and left on the server were stored “for purposes of backup protection” and therefore within the ambit of the SCA,” Hoffman wrote.

This is a problem because it’s not good for different courts to have different ideas of what does and doesn’t constitute a legal issue, Hoffman wrote. “Thus, until the split of authority is resolved, the same conduct will disparately subject some individuals to civil liability, depending on the interpretation of the SCA applied by the court.  Such disparate interpretations could create an incentive for forum shopping and pose conflict of law questions, when multiple states (and even nations) could be involved in an email hacking case.  Such disparate interpretations may also pose problems for employers investigating suspected employee misconduct involving webmail.”

Just to show how confused the South Carolina court was, its judges couldn’t even agree on why the email wasn’t stored, but instead had three different opinions, Kerr wrote.

Aside from the issue of protection, the issue of defining what storage is is important because it is the primary difference between the Stored Communications Act — the law under which the original suit was filed — and the Electronic Communications Privacy Act, according to EPIC.

A related question is “What is a backup?” because some of the legal arguments also hinged on whether the email retrieved from the account was the “only copy” or a backup — a question that is kind of irrelevant in cloud storage, which may feature multiple replicated copies of data, EPIC writes.

“A wealth of personal and private messages are now stored remotely in the cloud, and their protection depends on the interpretation of ‘electronic storage’ under ECPA,” EPIC writes.

January 23, 2013  11:48 PM

Are Optical Discs Dead or Not?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Optical discs are either dead, or better than ever. It depends on whom you ask.

They’re dead according to CNN, which points to the fact that some recent Apple computer no longer have optical disc drives, that of course tablets and smartphones don’t have them, that vendors such as Sony no longer even make them, and that increasingly people are downloading music, movies, and software fro the cloud.

“Over time, an optical disc will be as much of an historical curiosity as a floppy disk,” CNN quoted Michael Gartenberg, a tech-industry analyst with research firm Gartner Inc., as saying.

CNN also quoted a piece by Chris Pirillo, founder of blogging network Lockergnome, as saying, “While it may be too early to say for certain that the optical drive is absolutely dead, it is certainly showing all the early warning signs of a technology that is past its prime.”

On the other hand, not so fast, maybe.

Pirillo’s piece was written two years ago. “As this trend continues, it’s unlikely that optical drives will be included on game consoles at all,” he predicted. Yet as recently as this month, analyst firm IDC said it didn’t see optical drives leaving gaming consoles anytime soon.

“Discs will remain the console game revenue mainstay for years to come,” said Lewis Ward, research manager of IDC’s Gaming service, in Games Industry International. “With the advent of eighth-generation consoles, starting with the Wii U, historical norms strongly imply that game disc revenue will stop bleeding in 2013 and rise substantively in 2014.”

Okay, you say, that’s fine for games, but what about business users? While some new machines may no longer include optical drives, they continue to be a medium of choice for archival storage.

Moreover, vendors are still announcing new innovations in optical storage, such as Millenniata, which earlier this month announced it will offer ulltra-durable Blu-ray M-Discs in the second quarter of 2013 that will store five times as much data as a standard disc and yet be able to be read and written in a standard Blu-ray player. The drives are even being included in some Acer computers.

Similarly, vendors such as JVC and IoSafe are releasing archive-quality optical discs for use in specialized verticals such as law enforcement, noted Tim Dees of PoliceOne.Com. The large amount of storage provided by optical drives is necessary to store video files, he said.

While it may be true that optical drives are on the way out, they’re obviously far from dead.

January 18, 2013  12:31 AM

Will HP Sell Autonomy?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Now that everyone’s used the holidays to digest the news about HP and Autonomy, HP is reportedly receiving offers to purchase the troubled UK e-discovery company — but people in the know say HP won’t go for it.

In a great example of “Taking Out the Trash Day,” HP announced last fall during Thanksgiving week that it had overpaid for its acquisition of Autonomy, amid acquisitions of fraud.

HP sort of brought all this interest upon itself by saying in a December 27 10-K regulatory filing that it would consider divesting some businesses “that may no longer help us meet our objectives.” Consequently, HP has received expressions of interest from several high-tech companies, but company executives aren’t interested, according to the Wall Street Journal. And reporters such as Arik Hesseldahl from AllThingsD say that the phrasing was due to the lawyers and had nothing to do with the company’s real intentions. 

And, you know, honestly, that’s the news. More than 80 news stories, and that’s all there is. Everything else is speculation.

Analysts can’t even decide whether selling Autonomy would be hard, with some of them saying it would be easy because the acquisition is recent and the company was fairly, uh, autonomous under HP (one of the criticisms against it, actually). Others are saying it would be hard because HP is involved in litigation against Autonomy.

So far, most of the evidence does seem to indicate that HP is not going to sell Autonomy. After all, HP held a conference call with analysts a few days ago talking about its plans for the company, and would it do that if it were planning to sell? the proponents of that side said. The new head of Autonomy also reportedly recently told staffers that HP intended to hire at least 50 new engineers for Autonomy in the next year.

In fact, some believe that HP might be planning to sell its printing unit instead. There have been rumors that HP is receiving offers for EDS as well.

On the other hand, HP’s stock went up after the rumors started, and boards of directors tend to pay attention to such things. But analysts quoted in the Financial Times said HP might get only “pennies on the dollar” if it did sell Autonomy.

January 10, 2013  7:44 PM

Storage Big — Really Big — at CES

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

You know what they say about guys with big thumbs.*

The Consumer Electronics Show was this week in Las Vegas, and while I didn’t go (do you know how much walking around that involves?) it wasn’t hard to figure out that, with all the music and movies and pictures and so on that consumers are, well, consuming these days that — cloud or no cloud — storage is becoming increasingly important. Plus, to make the CES even more enticing to storage vendors, there’s a whole little show within a show, Storage Visions, held just before CES. “Petabytes are the new terabytes!” it proclaimed.

Besides, CES is typically a hardware show. It’s always been all about the gadgets, and the more extreme the better: bigger, smaller, harder, softer, faster.

Which brings us to the Kingston DataTraveler HyperX Predator 3.0, a thumb drive that holds a terabyte of data.

A. Terabyte. On. A. Thumb. Drive.

You know, just a year and a half ago I was whining because I wanted a terabyte on a laptop. Now I can put a terabyte in my pocket? (Despite its name, it doesn’t seem to have any particularly aggressive features.)

It’s expected to ship sometime this quarter for an undisclosed price, but as the New York Times points out, a 512-GB version available now costs $1,750. (In comparison, a 1-TB internal or external drive is less than a hundred bucks these days, and I still remember when a 10-MB hard drive was as big as the PC and cost as much and by the way, what are you kids doing on my lawn?)

Of course, as people have pointed out, such a gigundo thumb drive has its own problems, not the least of which is what happens and you run it through the laundry (my big fear), lose it out a hole in your pocket, or get a virus on it.

As much as the size, people were also impressed by the speed — which reportedly reads at 240MB/s and writes at 160MB/s. This is because it uses USB 3.0, which itself is expected to have its speed doubled, to 10 Gbps, in a year or so.

That wasn’t all the storage news at the show, but of course most other announcements pale in comparison:

  • Seagate announced the Seagate Central network home storage system — which provides 4TB of automatic backup for the home, access to movies, music and photos from networked devices, as well as remote access — and Seagate Wireless Plus mobile storage, which can stream up to 10 hours of 500 HD movies to up to 10 devices over wireless.
  • HP announced a similar unit, the Pocket Playlist — 32 GB for up to 5 devices — for $129, due in the middle of next month.
  • LaCie announced BladeRunner, a pretty pretty 4TB external drive for $300, where “the warm interior electronics are encased in a mystifying shell, and the blades are the radiator that cools it down,” according to the designer. Um, okay. But’s Limited Edition!
  • Beam me up, Scotty. With the Transporter, you back up your files to it, and then it backs them up to other Transporter units that your friends own. This model seems to be predicated on wide penetration. Good luck with that.
  • Buffalo Technology announced some new network attached storage devices.

*What do they say about guys with big thumbs? Why, big thumbs, big gloves. What did you think I was going to say?

January 3, 2013  10:00 AM

Imation Acquires Nexsan in Hopes of Making a Profit

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

You know how after Christmas, you go out and buy yourself all the stuff nobody gave you? Apparently Imation feels the same way; it just dropped $120 million on Nexsan.

Imation makes storage products, particularly media, for the enterprise, while Nexsan makes storage hardware and software for small to medium businesses. So really, this is not so much an acquisition about synergistic technology but simply one of one company buying another for its products and customers — 11,000, in Nexsan’s case.

The other advantage is that Nexsan is doing much better financially than Imation, which according to VentureBeat has failed to make a profit for the last five of its six years and restructured in October. Nexsan, on the other hand, had revenue of $82 million in 2011, has gross margins in the 40% range, and was close to breaking even on net earnings, according to the Star-Tribune. In comparison, Imation had $1.3 billion in sales and a 21.3% gross margin.

It’s not all one-sided; Imation, which has an international presence, is expected to provide a broader market for Nexsan, which is primarily in the U.S., Canada, and the U.K. The move also provides an exit strategy for Nexsan investors, which according to Forbes includes MFP Partners, a fund controlled by the legendary mutual fund manager Michael Price; RRE Ventures; VantagePoint Venture Partners; and the Fonds de Solidaritie des Travailleurs du Quebec, a fund managed by the Quebec Federation of Labor, the largest union in Quebec. The company had planned an IPO — after two failed attempts in 2008 and 2010 — but withdrew it in April.

Imation is based in Oakdale, Minn., while Nexsan is based in Thousand Oaks, Calif., where it will continue to reside after the acquisition. Imation has 1,100 employees, 400 of which are in the Minneapolis area, while Nexsan has 200, according to the Minneapolis Star-Tribune.

The other interesting aspect of the acquisition is how it’s being financed. It was funded by about $105 million in cash and 3.3 million Imation common shares, equivalent to about $15 million, to make the total of $120 million. But the $105 million was about 56% of the company’s cash on hand, and the company had to issue new stock for the shares, which meant it diluted the value of existing shares.

The two companies will determine integration and global expansion activities between Imation’s Tiered Storage and Security Solutions business and Nexsan in the first quarter of 2013, NASDAQ said.

December 27, 2012  7:04 PM

IBM Acquires StoredIQ, But What is It?

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

IBM announced earlier this month that it was acquiring StoredIQ, but exactly what the company does isn’t quite obvious. Part big data, part e-discovery, it’s sort of neither fish nor fowl.

As an example, analyst firm IDC included the Austin, Texas-based StoredIQ in its IDC MarketScape: Worldwide Standalone Early Case Assessment Applications 2011 Vendor Analysis, but Gartner hasn’t included it in either of its e-discovery Magic Quadrants — from which a number of larger vendors have plucked other acquisitions. (However, Gartner did name StoredIQ as a “Cool Vendor” in April of this year.”)

Instead, IBM is working on creating a family of “information lifecycle management” applications, which are kinda both — big data, because it covers all an organization’s data, but also e-discovery, because part of the reason for having such applications is for litigation support, both for identifying data needed in legal situations but also to help reduce, in a legally justifiable way, the amount of such data in the first place.

StoredIQ’s advantage is that it manages the data in situ rather than by moving it to a secondary location, which saves the cost of the secondary storage, noted Zacks Equity Research, adding that the company had received $11.4 million in funding in August and had 120 clients — though it warns that IBM faces competition from vendors such as EMC, Oracle, and SAP.

The company has also been working to make its product, which includes software and an appliance, easy enough for even legal professionals to use, rather than requiring IT people to operate. In addition, it has partnered with a wide variety of other vendors over the years, including NetApp, EMC, and NewsGator, and supported a number of formats, including SharePoint and Office 365.

As big data has become more prevalent, companies are interested in saving their data in hopes of being able to analyze it at some point and improve their businesses. But what it calls data hoarding is a problem for two reasons, notes Law Technology News.

First, there’s the cost. Though the price of storage itself has been dropping, it still costs something, plus there’s the cost of managing it, backing it up, and so on — which could amount to $5,000 per terabyte, Law Technology News said.

Second, there’s the legal cost. Should an organization be sued, it not only needs to provide all the pertinent information that the other side asks for, but it has to find it in the first place — and the more data a company has, the more expensive that search is. Also, companies have to balance the value of the data for analysis with what it might cost them should it reveal something in a lawsuit. This cost is on the order of $15,000 per gigabyte, Law Technology News said.

In fact, legal organizations have been advising companies to look for opportunities to delete data, pointing out how much money they can save. However, they have to do this in a regular fashion, because once a lawsuit is filed, a “legal hold” is put on the data and it can’t be deleted, or a company is subject to large fines.

The acquisition becomes part of IBM’s Information Lifecycle Governance suite, headed by Deidre Paknad, vice president of Information Lifecycle Governance. Paknad had been CEO of PSS Systems Inc. in Mountain View, Calif., a pioneer in the e-discovery space, which itself was acquired by IBM in 2010. The group also includes Vivisimo, which IBM acquired earlier this year.

The acquisition was not a surprise; IBM had partnered with StoredIQ for two years. As is typical for IBM, it did not reveal the cost of the acquisition. It is expected to be finalized in the first calendar quarter of 2013.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: