When the Cloud is Offline

By Google Inc. (https://developers.google.com/drive/branding) [Public domain], via Wikimedia CommonsGoogle Drive apparently went down for a couple of hours this morning.  (I missed it. I was in a meeting.)  This is a good reminder that you need to maintain the ability to work with your documents when the Internet or the cloud service itself is unavailable.  Google has a page about setting up offline access for Google Drive documents.  Do it now while you’re thinking about it.

On the Mac, the Google Drive app created a folder in my home folder containing all of my Drive files with extenions like “.gdoc”, “.gslides” and “.gsheet”.   I presume that offline Google Drive works the same way on Windows.  On Linux, I enabled offline access from the web, then installed a Chrome app.

How Do You Enable Better Security? Two Factor Authentication

2 Comments

What is two factor identification?

Typically, we login someplace with an ID and a password. That combination is good everywhere, everyplace, everytime and is often saved on the device. It’s convenient but if someone knows your ID and password, they can login anywhere and get to all your stuff controlled by that account. If it’s something like a Google account, that might include your email, files, calendar, and sites that let you login using your Google credentials.

With two factor identification, logging in on a new  or untrusted device requires that ID and password, plus a code delivered to an independent device.  Even if someone knows your ID and password, they won’t have access to your device.

2-step verification drastically reduces the chances of having the personal information in your Google account stolen by someone else. Why? Because hackers would have to not only get your password and your username, they’d have to get a hold of your phone.

Here’s what I had to do to enable two step authentication on my Google apps account

  • logged in at https://accounts.google.com/ and went to the account security page at https://www.google.com/settings/security
  • installed the “Google Authenticator App” on my iPhone to receive verification codes
  • set the computer I’m setting this up on as trusted (the default setting). It’s my home desktop and it’s reasonably secure.
  • turned on 2 step verification
  • added backup phones (home phone, wife’s mobile)
  • clicked the button to go forward with creating application specific passwords and to review aplications with access to my Google account — WOW, there are sure a lot of them.
  • at this point, all sorts of unable to login boxes are popping up on things
  • generated and entered app specific passwords for
    • iphone mail
    • ipad mail
    • desktop mail
    • mac mail (had to also enter the password for the calendar app)
    • chrome synch
  • Enabled browser logins to Google services on each device and checked the “good for 30 days” box.

On my account management page, https://accounts.google.com/b/0/SmsAuthConfig, I can disable all of those verification codes. It would be nice if I could see what codes had been used an deactivate individual devices, but in an emergency situation, I suppose its best to disable any device not marked as trusted.

The total setup time, including taking notes and typing really difficult strings was about 20 minutes. I like to think that my 9th grade touch typing teacher, who didn’t see much promise in me or my attitude, would be very proud of me as I typed those 16 character passwords.

The Google Authenticator is interesting – it works like those RSA keys that present a new code every 30 seconds or so.

Current Version of the Application on iPhone
Current Version of the Application on iPhone

Dropbox: Application of the Year

1 Comment

box_reasonably_smallDropbox is cloud storage made easy.  Dropbox synchronizes a folder on your computer with a secure site on the Internet.  Any file you put there is immediately copied off site, safely away from your computer.  That’s good, but it gets better.  If you join any of your other computers to your Dropbox account, that folder is then synchronized to that computer, too.  The computers can run Mac OS/X, Windows, and Linux.  Files move back and forth effortlessly.  It just works.

There are mobile apps, too, so you can access files from your phone.  As you travel, snapping pictures, you can use Dropbox to transfer them to your computer — they’ll be home before you are.  If you’re not at your computer, you can still access your files via any web browser.

Dropbox also enables sharing. You can pick one or more folders and make them public, or share them with one or more individuals.  That means you don’t have to mail files back and forth. The latest copy is always on your computer, kept up to date by Dropbox. This is a great tool when you’re working in teams.  Everyone in the team has the files available locally, and the files are automagically kept in synchroniztion. Network traffic is minimal:  If the computers are on the same network segment, the files are shared locally, so only one of the computers has to talk to Dropbox’s servers.

Dropbox also supports versioning, so you can get back to an earlier version of a file or recover a file accidentally deleted.

Is Dropbox viable?  I don’t know.  The business model may be a variant of the underpants gnomes.  They seem to have decent funding, get good press, and show good customer growth based on viral marketing.

 

Shameless Plug:  If you sign up for Dropbox via this link, you get the usual 2GB of storage, plus an extra 250 MB in your free Dropbox, as do I.  Following that, if you tweet about Dropbox, you’ll get some more free space. Post something on Facebook for yet more space.  Free accounts can be expanded to 8GB!

Linux Dropbox hint:  If you’re sharing files with other computers on your LAN, open port 17500 for both TCP and UDP connections.

Data in the Clouds

Not those clouds, not Mr. DataI’ve been using cloud data storage for a long time, and you may be using it, too.  At a previous employer, we used LiveVault for near real-time offsite backups.  I have several hundred megabytes of mail stored at Google.  You are probably storing mail with your provider.  We’re already in the cloud, with only a password between us and the public.  If you use Mozy or Carbonite, both of which I recommend for personal use, your PC has been duplicated somewhere “out there” or “up there”.

I just signed up to use ADrive. They offer 50 GB of free storage.  For a few extra bucks, you can get automated backup tools.  I’m not exactly sure what I’m going to do with ADrive, but I thought I’d check it out.  In the process, I’ve begun defining my ideal personal or small business cloud storage solution.  It would offer

  • PKI encryption using the openGPG standards
    The process of sending to the site would encrypt with my GPG public key. Thus, only I could decrpypt data when downloading it.
  • Two factor authentication
    Access requires both a password and a single use code sent via SMS.
  • Crossplatform support
    Windows, Mac, Linux, with command line tools and, in the Linux world, support for rsync

What do you want from an inexpensive, comsumer cloud storage solution?