"Sometimes you have to roll a hard six."
We've received several inquiries about how ZumoDrive stores its users' data and what the security is like. Just in case someone is storing the secret location of Earth for when the Cylons attack, we're here to tell you how safe and secure ZumoDrive is. Cloud storage is a great way to store your data. Since the Galactica does not allow any of their computers to be networked between each other, pulling down your data from the internet (i.e. the cloud) is perfect. When aboard the Battlestar Galactica and connecting to ZumoDrive, here is the path your files will take:
1. The file being uploaded is transferred to the ZumoDrive server which is hosted by Amazon's EC2 (Elastic Compute Cloud). It is done via 256-bit SSL encryption. SSL is the same type of encryption used when you log into your bank's secure website. The EC2 is the workhorse. It's the liaison between the client on your computer and the ZumoDrive datacenter (which is hosted by Amazon S3; more on this below). It also services the ZumoDrive website.
2. The EC2 then does 2 things to your file:
A. It creates metadata (filename, username, file size, file type, share permissions, etc.) and sends it to our database. This allows you to quickly look through your files without having to load the contents of the files.
B. It encrypts your actual file via 256-bit AES encryption and stores it on S3 (Simple Storage Service). AES is military grade encryption.
3. S3 is just a giant warehouse of data. Once your file hits the S3 server it is replicated multiple times and stored in multiple datacenters. Each datacenter is in a different geographical location. Your file will sit there (still AES encrypted of course) until you decide to retrieve it.
So as you can see, the Cylons have many hurdles to overcome in order to take over ZumoDrive and your data. They would have to crack different types of encryptions, and when that fails and they want to just destroy the data, it would require a large blanket of nuclear explosions over a large area. This is of course not including having to duke it out with the mighty BSG and its crew. So say we all!!
9 comments
ZumoDrive at its core is a content access service. It allows you to access your data anywhere you have an internet connection on all your devices with ZumoDrive installed or through a web browser. It also allows you to share your files between co-workers, friends, family, etc. Essentially you can play with and manipulate your files as you see fit. Just like Gmail, our focus is to provide the general consumer with a secure and easy to use solution for their content.
In response to the questions regarding the keys: We do not encrypt everyone's data with a master key. There is no master key. Also, rest assured, the keys are not sitting on a post-it attached to my monitor. :)
In the end, the ZumoDrive team is taking every precaution to ensure that your files are both secure and accessible.
B. It encrypts your actual file via 256-bit AES encryption and stores it on S3 (Simple Storage Service). AES is military grade encryption."
Epic failure and stupidity.
Leave a comment...
