Backblaze logo

Backblaze was always safe from Heartbleed


You may have heard about “Heartbleed“, a security bug found last week that affected about 2/3rds of all websites.

Backblaze is safe
The Backblaze website was never vulnerable to the Heartbleed bug. Your email address, password, credit card information, and all of your backed up data have always been safe. You do not need to change your Backblaze password.

A little more detail
The security bug was found in a particular version of an encryption library called OpenSSL. Backblaze never used that version on our website.

Most sites on the Internet were using the affected version, thus making it important to change your password once they patched their servers. Since Backblaze was never vulnerable, you can leave your password as is. Of course, if you prefer, you may change it as well.

Change your password on other sites
This is a good time to change your password across other sites that were at risk from the bug and have patched their servers. Note that if their servers are not yet patched, you will need to change your password once they have. CNET is keeping a list of the status of the top 100 sites and whether they have been patched.

Comments Closed


Backblaze and Bitcoins


blog-bitcoin
Bitcoins certainly have generated a fair amount of interest over the last several months. From time-to-time we are asked when Backblaze will accept bitcoins as payment. No, we haven’t made the jump to accepting bitcoins yet, but one of our long time affiliate partners, CloudStorageBuzz, is dipping their toe into the water by offering to take bitcoins as payment for Backblaze. If you have some bitcoins burning a hole in your digital pocket and you need online backup, now you have no excuse. CloudStorageBuzz will also take old fashioned credit cards as payment for Backblaze too, just don’t try to use dollars or darseks.

If you’re not a bitcoin expert, here are a few places where you can learn more: http://en.wikipedia.org/wiki/Bitcoin, http://en.bitcoinwiki.org, and http://bitcoin.org. There are also a fair number of less than reputable sites, although that’s not much different than most things on the Internet.

As you dig into bitcoins, you’ll notice the discussion rages around the globe. Individuals, organizations and governments are all debating the future of this digital currency. What do you think about bitcoins? Are they the future or just a passing fad? Will the current volatility eventually wane? Can they be secured? Are bitcoins another step in moving from physical to digital currencies? Let us know what you think.

 

Author: Andrew Klein

Comments Closed


Nirvanix Cloud Storage Shuts DownAlternatives, Options, and Prices


blog-nirvanix
In 2007 Nirvanix saw that cloud storage was going to be a major necessity for companies in the future and believed they could differentiate from Amazon Web Services (AWS)s S3 storage service by focusing on the enterprises that also wanted sales engineers, tech support, and other dedicated services. To pursue this mission, Nirvanix raised $70 million from 2007 through 2012 and the company was considered a potential challenger to EMC, NetApp, and Rackspace in addition to Amazon.

But, on Oct 1, 2013, Nirvanix filed for Chapter 11 bankruptcy protection. The company gave customers some of whom had a petabyte of the only copy of their data stored with them two weeks notice to retrieve their data. Shutdowns are difficult and from what Ive read, the team at Nirvanix worked hard to help customers get their data back. But for customers faced with finding a new home for petabytes of data, that was a bad day.

Howard Marks wrote a good overview for Network Computing about what happened: The Nirvanix Failure: Villains, Heroes and Lessons

Data Storage Alternatives
Continue reading…

Comments Closed


Nirvanix Cloud Storage Shuts Down
Alternatives, Options, and Prices


blog-nirvanix
In 2007 Nirvanix saw that cloud storage was going to be a major necessity for companies in the future and believed they could differentiate from Amazon Web Services (AWS)’s S3 storage service by focusing on the enterprises that also wanted sales engineers, tech support, and other dedicated services. To pursue this mission, Nirvanix raised $70 million from 2007 through 2012 and the company was considered a potential challenger to EMC, NetApp, and Rackspace in addition to Amazon.

But, on Oct 1, 2013, Nirvanix filed for Chapter 11 bankruptcy protection. The company gave customers – some of whom had a petabyte of the only copy of their data stored with them – two weeks’ notice to retrieve their data. Shutdowns are difficult and from what I’ve read, the team at Nirvanix worked hard to help customers get their data back. But for customers faced with finding a new home for petabytes of data, that was a bad day.

Howard Marks wrote a good overview for Network Computing about what happened: The Nirvanix Failure: Villains, Heroes and Lessons

Data Storage Alternatives
Continue reading…

Comments Closed


Mavericks? Were Ready!


mavericks-wave-560

Backblaze loves our Mac users and we’re guessing some of you have been waiting with bated breath for OS X Mavericks to be available for download. Thats why weve worked hard to make sure Backblaze is ready for OS X Mavericks. Apple released the developer-version of OS X Mavericks back in June, and we already have over 1,000 customers running Backblaze on Mavericks.

So update to Apple OS X Mavericks when youre able to, and continue enjoying the peace of mind that you get knowing that Backblaze has your back.

(Note: Backblaze Version 2.3.1 is the latest on the Mac. To check which version you are running, click the Backblaze icon in the menubar and select “About” from the menu. Running an older version? Just visit https://secure.backblaze.com/update.htm and install over the top.)

Comments Closed


Mavericks? We’re Ready!


mavericks-wave-560

Backblaze loves our Mac users and we’re guessing some of you have been waiting with bated breath for OS X Mavericks to be available for download. That’s why we’ve worked hard to make sure Backblaze is ready for OS X Mavericks. Apple released the developer-version of OS X Mavericks back in June, and we already have over 1,000 customers running Backblaze on Mavericks.

So update to Apple OS X Mavericks when you’re able to, and continue enjoying the peace of mind that you get knowing that Backblaze has your back.

(Note: Backblaze Version 2.3.1 is the latest on the Mac. To check which version you are running, click the Backblaze icon in the menubar and select “About” from the menu. Running an older version? Just visit https://secure.backblaze.com/update.htm and install over the top.)

Comments Closed


Is the NSA Using Backblaze Storage Pods for PRISM Surveillance Data? Heres What we Know…


The leaked presentation about PRISM detailed the ability for the NSA to collect emails, photos, videos, and more from nine companies including: Microsoft, Google, Facebook, and Apple. There has been a tremendous amount of debate about whether PRISM allows direct access to these companies servers, somewhat limited access through some type of intermediate portal, or only the fulfillment of individual legally-required requests. There have also been denials by all nine of the companies listed as Current Providers regarding whether PRISM actually has direct access.

(Note: Backblaze did not share customer data with PRISM. This post is about whether the NSA is using Backblaze Storage Pod technology that we open sourced.)

Regardless what the NSA actually has gotten access to and how they have done so, its clear that their intent is to collect an astounding amount of digital data. How much data?

On November 1, 2009, TechCrunch reported (based on a book review of The Secret Sentry: The Untold History of the National Security Agency) that the NSA intends to build a new $2 billion Utah-based datacenter to store a yottabyte of surveillance data by the end of 2015.

Its nearly impossible to wrap your head around how much data is in a yottabyte, but since Backblaze is in the business of backing up mass volumes of data, we decided to give some context with a blog post a couple weeks later: NSA might want some Backblaze pods

We estimated it would cost over $100 trillion and require datacenters the size of Delaware and Rhode Island combined to store that much data.

To put it in other terms, Facebook announced that it has 250 petabytes of data. A yottabyte is a billion petabytes. The NSA intends to have the capacity to store all of Facebook’s data 4 million times over.

So, why do we think the NSA may be using Backblaze Storage Pods?

With the goal of storing an outrageous amount of data, there would be several design goals:

1. Density being able to fit as much of that data in as small a space as possible is critical in order to not require building state-sized data centers.
2. Cost while the NSA is the largest spy-agency spender in the world, when measuring storage costs in billions and trillions, cost does become a significant driver of possibility.

Both of these are important and something the Backblaze Storage Pods have been optimized for, but the NSA may benefit most from one unusual aspect of our systems: open source hardware.

When SGI bought super-computer maker Cray in 1996, our CTO who worked there at the time said the running joke was, SGI sold no units this quarter, but made a healthy profit. That wasnt magic accounting. It was the NSA requiring purchases not be disclosed. The problem was, revenue still had to be reported.

If the NSA purchased billions of dollars of storage equipment from EMC, NetApp, or Hitachi, it would be nearly impossible to keep that size of an order under wraps.

The beauty of open source hardware is that the NSA can build these systems themselves. How much does the NSA value secrecy?

The CIA and other government agencies

For a brief moment several years ago, Backblaze sold Storage Pods. (We havent since and dont now.) At the time, two government agencies bought Storage Pods from us with exactly this goal in mind: they wanted a few units to test, if they worked, they would build a team internally to manufacture their own Storage Pods based on the open source hardware specifications.

Neither of those agencies was going to use that storage for surveillance.

On September 8, 2011, however, we received an email titled, Visit with the CIA. It stated:

You also might be aware that the CIA has a new five year funded initiative to centralize data services into a large private cloud. I have information on that if you are interested. The project is in discovery mode now and I am assisting the Office of the CTO in becoming aware of all the potential technologies that might be deployed. I am organizing a technology tour ( my fourth one) concentrating on infrastructure and security.

A few days later they sent us a presentation:

And a week later a few folks arrived at our office and the agenda was:

The meeting agenda should be an overview of your products and technology as it relates to the mission of the new private cloud project ( see attachments) that is now funded beginning this year. The meeting should be very interactive allowing discussions about applications of your technology.

During the meeting, the team was interested in how to store large volumes of data and cost efficiency. Neither the identity of nor the data of our customers was ever of interest or brought up.

So does the NSA store surveillance data on Backblaze Storage Pods?

We dont know for sure and certainly the NSA is certainly not publishing their storage architecture. However, between the multiple government agencies using and exploring Backblaze Storage Pods and the pods characteristics as highly-dense, cost-efficient, and open source systems, certainly makes them a very likely candidate. Perhaps another leak will answer that question in the future!

Comments Closed


Is the NSA Using Backblaze Storage Pods for PRISM Surveillance Data? Here’s What we Know…


The leaked presentation about PRISM detailed the ability for the NSA to collect emails, photos, videos, and more from nine companies including: Microsoft, Google, Facebook, and Apple. There has been a tremendous amount of debate about whether PRISM allows “direct” access to these companies’ servers, somewhat limited access through some type of intermediate portal, or only the fulfillment of individual legally-required requests. There have also been denials by all nine of the companies listed as “Current Providers” regarding whether PRISM actually has direct access.

(Note: Backblaze did not share customer data with PRISM. This post is about whether the NSA is using Backblaze Storage Pod technology that we open sourced.)

Regardless what the NSA actually has gotten access to and how they have done so, it’s clear that their intent is to collect an astounding amount of digital data. How much data?

On November 1, 2009, TechCrunch reported (based on a book review of The Secret Sentry: The Untold History of the National Security Agency) that the NSA intends to build a new $2 billion Utah-based datacenter to store a yottabyte of surveillance data by the end of 2015.

It’s nearly impossible to wrap your head around how much data is in a yottabyte, but since Backblaze is in the business of backing up mass volumes of data, we decided to give some context with a blog post a couple weeks later: NSA might want some Backblaze pods

We estimated it would cost over $100 trillion and require datacenters the size of Delaware and Rhode Island combined to store that much data.

To put it in other terms, Facebook announced that it has 250 petabytes of data. A yottabyte is a billion petabytes. The NSA intends to have the capacity to store all of Facebook’s data 4 million times over.

So, why do we think the NSA may be using Backblaze Storage Pods?

With the goal of storing an outrageous amount of data, there would be several design goals:

1. Density – being able to fit as much of that data in as small a space as possible is critical in order to not require building state-sized data centers.
2. Cost – while the NSA is the largest spy-agency spender in the world, when measuring storage costs in billions and trillions, cost does become a significant driver of possibility.

Both of these are important and something the Backblaze Storage Pods have been optimized for, but the NSA may benefit most from one unusual aspect of our systems: open source hardware.

When SGI bought super-computer maker Cray in 1996, our CTO who worked there at the time said the running joke was, “SGI sold no units this quarter, but made a healthy profit.” That wasn’t magic accounting. It was the NSA requiring purchases not be disclosed. The problem was, revenue still had to be reported.

If the NSA purchased billions of dollars of storage equipment from EMC, NetApp, or Hitachi, it would be nearly impossible to keep that size of an order under wraps.

The beauty of open source hardware is that the NSA can build these systems themselves. How much does the NSA value secrecy?

The CIA and other government agencies

For a brief moment several years ago, Backblaze sold Storage Pods. (We haven’t since and don’t now.) At the time, two government agencies bought Storage Pods from us with exactly this goal in mind: they wanted a few units to test, if they worked, they would build a team internally to manufacture their own Storage Pods based on the open source hardware specifications.

Neither of those agencies was going to use that storage for surveillance.

On September 8, 2011, however, we received an email titled, “Visit with the CIA”. It stated:

You also might be aware that the CIA has a new five year funded initiative to centralize data services into a large private cloud. I have information on that if you are interested. The project is in discovery mode now and I am assisting the Office of the CTO in becoming aware of all the potential technologies that might be deployed. I am organizing a technology tour ( my fourth one) concentrating on infrastructure and security.

A few days later they sent us a presentation:

And a week later a few folks arrived at our office and the agenda was:

The meeting agenda should be an overview of your products and technology as it relates to the mission of the new private cloud project ( see attachments) that is now funded beginning this year. The meeting should be very interactive allowing discussions about applications of your technology.

During the meeting, the team was interested in how to store large volumes of data and cost efficiency. Neither the identity of nor the data of our customers was ever of interest or brought up.

So does the NSA store surveillance data on Backblaze Storage Pods?

We don’t know for sure and certainly the NSA is certainly not publishing their storage architecture. However, between the multiple government agencies using and exploring Backblaze Storage Pods and the pods characteristics as highly-dense, cost-efficient, and open source systems, certainly makes them a very likely candidate. Perhaps another leak will answer that question in the future!

Comments Closed