BlockChain
Drive alternatives
Google Drive alternatives: Best picks
Google Drive is free and convenient, but it doesn’t care about your privacy. It scans and analyzes your data and retains the right to do whatever it wants with it. However, there are secure cloud drives that protect your business contracts, budgets and personal journals. No one should be able to view your private files unless you want them to. To ensure that only you can access your files on a cloud storage service, use an alternative.
Contents
- Why should you look for Google Drive alternatives?
- Dropbox
- Tresorit
- pCloud
- Box
- Mega
- Sync.com
- SpiderOak One Backup
Why should you look for Google Drive alternatives?
It isn’t the best option for people who care about their privacy and here’s why:
1. Google scans and analyzes your data
Google admits to scanning all the documents you upload on your Drive. Any information collected about you is used to create your ‘user profile’ and show you personalised Google search results or Google ads. Some files you store on Google Drive might be very personal. Would you like such sensitive information to influence what’s served to you online and be made public?
The company says that it scans and analyzes your files to improve their services and provide you with “personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection.” However, it appears that Google bots that crawl your documentshave been trained to look for ‘objectionable’ content and then delete it without further explanation. What if a project you’ve been working on for months is suddenly irretrievably deleted?
Although Google encrypts your files, they are still not completely private. In their privacy statement, they admit that your documents could be accessed by Google in special circumstances, for example, if required by law enforcement agencies.
2. Google can manipulate your documents
Google’s privacy agreement also states that they have a worldwide license to “use, host, store, reproduce, modify, create derivative works […], communicate, publish, publicly perform, publicly display and distribute” your documents uploaded on Google Drive.
They also state that, by using Google services, you agree to share your data with unspecified third parties that “Google works with.” Such vague statements leave a lot of freedom for interpretation and show that what’s stored on Google Drive is essentially Google’s property.
3. You have little control over files you shared with others
Google allows you to quickly give viewing, editing or commenting permissions to your friends and colleagues. However, that presents even more privacy risks because these documents lack some basic security measures. It’s difficult to track what happens with your shared documents as anyone with editing permissions can easily share the document with anyone else.
You can amend sharing permissions by going to advanced settings. However, you won’t be notified if someone has shared your document, so you will have to keep an eye on who currently has access to it. What’s even worse is that if you make your documents public, anyone will be able to find them by simply using Google search.
4. Google Drive is more vulnerable than other cloud service providers
Google Drive is linked to your Gmail account, which means that if you forget to sign out of your account on a public computer or your account gets hacked, your Google Drive will be easily accessible too. There’s a saying that applies – don’t put all of your eggs in one basket.
There are so many Google Drive users that they’ve become targets for social engineering attacks. Phishing emails can masquerade as Google Drive or Gmail notifications and trick people into giving out their login details. If you care about your data, it’s time to choose a privacy-oriented cloud storage provider.
All apps featured in this post offer end-to-end encryption, but not all of them have zero-knowledge policies. When companies without zero-knowledge policies encrypt your files, they still hold the decryption keys and can read your files. Those with zero-knowledge policies cannot decrypt your documents as you’re the only one who has the key. If you lose it, your files will be lost too.
Dropbox
(Android, iOS, macOs, Windows, and even Linux)
Dropbox, the pioneer of cloud storage, invented block-level file transfer algorithms, which are now widely used by other cloud storage apps. With Dropbox, you can have a local folder on your computer, which automatically syncs all your files to the cloud, or you can simply use it online. The first time you upload something, it will transfer the whole file, but later, only the edits will be synced.
Dropbox is a great competitor to Google Drive. It’s easy to use, encrypts your data in transit and at rest, and offers two-factor authentication. It also has much stricter rules on who can share and edit your documents. However, only Dropbox Professional or Business customers can use extra features like link sharing, manual sharing permission changes, or remote file wiping. It’s also good to know that Dropbox runs on open-source software, meaning that anyone can look for vulnerabilities in its code.
However, there are still a few things Dropbox could work on:
- Teams that use Dropbox for business can all see, edit and share each other’s documents. Great for collaboration but not so great for privacy.
- Dropbox claims that they take their security seriously and they would never snoop on your files, unless, of course, required by law enforcement agencies.
- They don’t scan any uploaded documents for viruses or malware, meaning that any other devices linked to your account could be infected if you open a malicious file. However, this also probably means that your files won’t be scanned by bots and will remain private.
Tresorit
(Windows, macOS, Linux, Android, and iOS)
Tresorit is probably one of the safest and most private cloud drive service providers on the market. Its main features are its military-grade encryption and public key cryptography. This means that your files are encrypted before they leave the device and no one, not even Tresorit employees, can read the data stored on their servers. Tresorit trusts their encryption so much that it has offered $50,000 to anyone able to break it. According to them, more than 1,000 hackers, including people from MIT, Stanford, and Harvard, have tried and failed.
Tresorit’s file sharing security measures are significant. You can share files as you would on Google Drive, but it’s much harder for someone else to transfer the ownership of your data. When you share a link to a file on Tresorit’s server, a secret key is generated for that person exclusively. You can also check when and who downloaded the file you shared. If you’re worried that the file might have leaked to someone else, you can immediately revoke access.
Tresorit’s data centers are based in Europe, and the company falls under Swiss jurisdiction, so they have to comply with GDPR rules and regulations. This makes less likely that anything will be done with your data without your consent.
pCloud
(Android, iOS, Windows, macOS, and Linux)
If Tresorit focuses more on businesses, then pCloud is the perfect alternative for individuals. It offers an easy to use software with encryption as strong as Tresorit’s. Unfortunately, the encryption service, called pCloud Crypto, is hidden behind a paywall. The app providers trust that it’s unbreakable and have offered $100,000 to anyone who manages to decrypt it. They even have a count of how many people have tried it so far – as of now, almost 3,000 hackers have tried and failed.
They are also serious when they say they care about your privacy. They have a zero-knowledge-protection policy, which means your files are encrypted before they leave your device. No one except you will ever be able to decrypt them.
If you need to share files with your team members or clients, you might want to consider pCloud Business. It will allow you to set up folders that you can share with your colleagues. The whole team can have the same editing permissions, or you can set them individually. It’s great for collaboration too, as it lets team members view a detailed log of edits and comment on shared files. If needed, you can even restore previous sessions for up to 180 days.
Another interesting thing about pCloud is that it’s the only provider that offers a one-off lifetime subscription. Unfortunately, if you wish to use pCloud Crypto, you will still have to pay extra on a monthly or yearly basis.
Box
(Android, iOS, Windows, and macOS)
The Box is an excellent alternative for businesses and small teams. It offers a secure storage platform, lets you choose where your data will be stored, and gives you a plethora of collaboration tools.
With Box, you can create files that will instantly be shared with your teammates. They can then edit and comment on your documents in real time. The Box is probably one of the most integrated apps on this list, too. With over 1,000 leading software providers like Office 365, Salesforce and Adobe Sign, your teammates will be able to edit documents without leaving the platform. It also gives you detailed version tracking so you can see every sync and change ever made.
If you wish to share a file externally, you can do so by sending a link or creating a custom URL. As such links can still raise security concerns, Box allows you to set passwords on shared files too. If you accidentally send it to the wrong person, change their permission settings or simply revoke access.
What makes Box really stand out from its competitors is the use of machine learning. It makes workflows a breeze – tasks assignment, deadline setting and progress tracking – all can be done in Box. It will even help you automate tasks, direct them to the right people and generate new contracts. However, this feature raises some privacy concern. The company doesn’t identify how the software collects and analyzes this information.
Mega
(Android, iOS, Windows, macOS, and Linux)
Mega is probably the best option if you are looking for a free and secure service with a lot of storage. It encrypts your data in transit and at rest, offers collaboration tools and lets you share your files. It’s also the only cloud storage service that offers you a generous 50GB completely free. You can add even more storage if you invite your friends or download their mobile app. However, Mega has some limitations:
- Collaboration tools are great as they let you see edits in real time, but they are nowhere near as advanced as Box’s.
- You can share files by sending a link, but it doesn’t have any extra security features like password protection.
- It has a bandwidth limitation of 10GB, which refreshes every 30 min. This might be bothersome for those who want to transfer huge amounts of data. Other providers offer unlimited bandwidth.
Even though Mega’s headquarters are in New Zealand, the company complies with GDPR rules. It’s also great that Mega was built on public source code, so anyone can have a peak and look for its vulnerabilities.
Sync.com
(Android, iOS, Windows, and macOS)
If you are looking for functionality similar to Dropbox, highly secure encryption like Tresorit, and a lot of storage, Sync.com is your best bet. This cloud storage provider places a folder in your device and uploads any documents you add to it to the cloud. All your files can then be synced over multiple devices. It also offers end-to-end encryption and zero-knowledge policy, so no one, not even Sync employees, will be able to see your files. You can store up to 2TB of data for only $8 a month.
You can also share files and entire folders with others and protect them with passwords. You can decide on the level of access you want to give them, set permission expiry dates, or simply revoke them at any time. Sync.com also allows you to remotely disconnect your devices in case they’ve been lost or stolen.
SpiderOak One Backup
(Android, iOS, Windows, macOS, and Linux)
SpiderOak is yet another product that offers strong end-to-end encryption and a zero-knowledge policy. So any documents backed up on SpiderOak servers will not be seen by its employees or anyone trying to intercept it. (Though be aware that this cloud storage provider is based in the US and doesn’t comply with GDPR rules as its European counterparts.)
Unfortunately, strong encryption might be the only significant feature SpiderOak has to offer. Its interface is harder to use than Google Drive or Dropbox, and it doesn’t have team collaboration embedded in the app. Instead, SpiderOak designed two more, completely separate products – SpiderOak Share and SpiderOak Semaphor messaging. The former provides encrypted document sharing and collaboration while the later is a secure messaging app. It’s surprising that they opted for such a solution as other providers have all these features integrated into one platform.
References
- https://nordvpn.com/blog/google-drive-alternatives/
CRC32 & CRC64 and other checksum methods
What is CRC-64?
A cyclic redundancy check (CRC) is an error-detecting code used to detect data corruption. When sending data, short checksum is generated based on data content and sent along with data. When receiving data, checksum is generated again and compared with sent checksum. If the two are equal, then there is no data corruption. The CRC-64 algorithm itself converts a variable-length string into an 16-character string.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
It's not a research topic. It's really well understood: http://en.wikipedia.org/wiki/Cyclic_redundancy_check The math is pretty simple. An 8-bit CRC boils all messages down to one of 256 values. If your message is more than a few bytes long, the possibility of multiple messages having the same hash value goes up higher and higher. A 16-bit CRC, similarly, gives you one of the 65,536 available hash values. What are the odds of any two messages having one of these values? A 32-bit CRC gives you about 4 billion available hash values. From the wikipedia article: "maximal total blocklength is equal to 2**r − 1". That's in bits. You don't need to do much research to see that 2**9 - 1 is 511 bits. Using CRC-8, multiple messages longer than 64 bytes will have the same CRC checksum value. |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
The effectiveness of a CRC is dependent on multiple factors. You not only need to select the SIZE of the CRC but also the GENERATING POLYNOMIAL to use. There are complicated and non-intuitive trade-offs depending on: The expected bit error rate of the channel. Whether the errors tend to occur in bursts or tend to be spread out (burst is common) The length of the data to be protected - maximum length, minimum length and distribution. The paper Cyclic Redundancy Code Polynominal Selection For Embedded Networks, by Philip Koopman and Tridib Chakravarty, publised in the proceedings of the 2004 International Conference on Dependable Systems and Networks gives a very good overview and makes several recomendations. It also provides a bibliography for further understanding. http://www.ece.cmu.edu/~koopman/roses/dsn04/koopman04_crc_poly_embedded.pdf |
File : sha1_comparison_Which_is-a-more-accurate-method-of-duplicate-file-detection_ SHA1 or CRC32_ – Quora
File:CRC Data Sets Tests : PDF-DOWNLOAD_kutayzorlu.com_18.2_million_dataset_CRC-64_test_Program_source
File : Amazon Red Shift : Pdf Download : kutayzorlu.com_amazon_red_redshift-dg
1 2 3 4 5 6 7 8 9 10 11 12 |
The actual playable content (audio, video, timed text, clips, and artwork) is stored in several places. Original source material and the encoded copies are stored on Amazon S3. If the title is currently available for viewing, a copy of the audio, video, timed text, and clips are put on one or more Netflix Open Connect appliances. Users stream movies and shows off of the appliances. A copy of static assets such as thumbnails and box-shots are stored on commercial Content Delivery Networks. The exact location and number of copies is managed by the CDN. |
SHA1- JAVA checksum verify
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
package main; import java.io.FileInputStream; import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class HashFileTest { public static void main(String[] args) throws NoSuchAlgorithmException, IOException { boolean result = verifyChecksum("/home/eclipse-jee-indigo-SR2-linux-gtk-x86_64.tar.gz", "177750b65a21a9043105fd0820b85b58cf148ae4"); System.out.println("Does the file's checksum matches the expected one? " + result); } /** * Verifies file's SHA1 checksum * @param Filepath and name of a file that is to be verified * @param testChecksum the expected checksum * @return true if the expeceted SHA1 checksum matches the file's SHA1 checksum; false otherwise. * @throws NoSuchAlgorithmException * @throws IOException */ public static boolean verifyChecksum(String file, String testChecksum) throws NoSuchAlgorithmException, IOException { MessageDigest sha1 = MessageDigest.getInstance("SHA1"); FileInputStream fis = new FileInputStream(file); byte[] data = new byte[1024]; int read = 0; while ((read = fis.read(data)) != -1) { sha1.update(data, 0, read); }; byte[] hashBytes = sha1.digest(); StringBuffer sb = new StringBuffer(); for (int i = 0; i < hashBytes.length; i++) { sb.append(Integer.toString((hashBytes[i] & 0xff) + 0x100, 16).substring(1)); } String fileHash = sb.toString(); return fileHash.equals(testChecksum); } } |
SHA1- TEXT String
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
package main; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; public class HashTextTest { /** * @param args * @throws NoSuchAlgorithmException */ public static void main(String[] args) throws NoSuchAlgorithmException { System.out.println(sha1("test string to sha1")); } static String sha1(String input) throws NoSuchAlgorithmException { MessageDigest mDigest = MessageDigest.getInstance("SHA1"); byte[] result = mDigest.digest(input.getBytes()); StringBuffer sb = new StringBuffer(); for (int i = 0; i < result.length; i++) { sb.append(Integer.toString((result[i] & 0xff) + 0x100, 16).substring(1)); } return sb.toString(); } } |
SHA1 – File – JAVA
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
public static String sha1(final File file) throws NoSuchAlgorithmException, IOException { final MessageDigest messageDigest = MessageDigest.getInstance("SHA1"); try (InputStream is = new BufferedInputStream(new FileInputStream(file))) { final byte[] buffer = new byte[1024]; for (int read = 0; (read = is.read(buffer)) != -1;) { messageDigest.update(buffer, 0, read); } } // Convert the byte to hex format try (Formatter formatter = new Formatter()) { for (final byte b : messageDigest.digest()) { formatter.format("%02x", b); } return formatter.toString(); } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 |
public byte[] createSha1(File file) throws Exception { MessageDigest digest = MessageDigest.getInstance("SHA-1"); InputStream fis = new FileInputStream(file); int n = 0; byte[] buffer = new byte[8192]; while (n != -1) { n = fis.read(buffer); if (n > 0) { digest.update(buffer, 0, n); } } return digest.digest(); } |
References
- https://crc64.online/
- http://www.unit-conversion.info/texttools/crc/
- https://www.nitrxgen.net/hashgen/
- http://www.sha1-online.com/
- https://toolslick.com/programming/hashing/crc-calculator#
- https://en.wikipedia.org/wiki/Cyclic_redundancy_check
- https://searchcode.com/codesearch/view/22078345/
- https://jar-download.com/artifacts/com.github.tonivade/claudb/1.0.2/source-code/com/github/tonivade/claudb/persistence/CRC64.java
- https://stackoverflow.com/questions/2321676/data-length-vs-crc-length
- https://stackoverflow.com/questions/20562546/how-to-get-crc64-distributed-calculation-use-its-linearity-property
- http://www.sha1-online.com/sha1-java/
Hacking ECDSA based Digital Signature Algorithm
- ECDSA is newer and is based on DSA. It has the same weaknesses as DSA, but it is generally thought to be more secure, even at smaller key sizes. It uses the NIST curves (P256).
- RSA is well-regarded and supported everywhere. It is considered quite secure. Common key sizes go up to 4096 bits and as low as 1024. The key size is adjustable. You should choose RSA.
- DSA is not in common use anymore, as poor randomness when generating a signature can leak the private key. In the past, it was guaranteed to work everywhere as per RFC 4251, but this is no longer the case. DSA has been standardized as being only 1024 bits (in FIPS 186-2, though FIPS 186-3 has increased that limit). OpenSSH 7.0 and newer actually disable this algorithm.
- Ed25519, while not one you listed, is available on newer OpenSSH installations. It is similar to ECDSA but uses a superior curve, and it does not have the same weaknesses when weak RNGs are used as DSA/ECDSA. It is generally considered to be the strongest mathematically.
The video contains very nice example.
Petro White Paper Download
What is Petro : Whitepaper_Petro_en
- T A B L E O F C O N T E N T S
- INTRODUCTION
- BACKGROUND
- VENEZUELA’S OPPORTUNITY
- STATE BACKING
- ECOSYSTEM DEVELOPMENT
- BLOCKCHAIN
- CRYPTOCURRENCIES AND TOKENS
- P E T R O
- PETRO DESCRIPTION
- EMISSION AND INITIAL OFFER
- PETRO’S INITIAL OFFER
- EMISSION AND DISTRIBUTION
- INITIAL OFFER FUND DESTINATION
- CONDITIONS AND INCENTIVES FOR THE INITIAL
- OFFER OF THE CRYPTOASSET
- PURCHASE AND EXCHANGE
- NEM BLOCKHAIN ADVANTAGES
Petro (PTR) has its origin in the idea of president Hugo Chavez of a strong currency backed by raw
materials. Its background dates back to proposals for global financial and monetary coordination prior to the
hegemony of the US dollar, which resurfaced after the financial crisis of the late 1990s.
The blockchain allows the transfer of value and information, without third parties, they provide the tools to
successfully face the challenge of creating platforms and financial instruments that are transparent, efficient
and inclusive.
Petro is a sovereign crypto asset backed and issued by the Venezuelan State as a spearhead for the develo-
pment of an independent, transparent and open digital economy open to direct participation of citizens. It will
also serve as a platform for the growth of a fairer financial system that contributes to development, autonomy
and trade between emerging economies.
Venezuelan oil assets will be used to promote the adoption of crypto assets and technologies based on the
country´s block-chain. The State shall promote and encourage the use of Petro with a view to consolidating it
as an investment option, savings mechanism and means of exchange with State services, industry, commerce,
and citizens in general.
The Venezuelan population will have at their reach a technology that will allow them having a valuable reserve
and robust means of payment to stimulate savings and contribute to the country’s development.
Petro will be an instrument for Venezuela’s economic stability and financial independence, coupled with an
ambitious and global vision for the creation of a freer, more balanced and fairer international financial system.