Online Backup Software by RBS Safe from Heartbleed Exploit. Others, not so much.

April 10th, 2014 6 comments

By Rob Cosgrove

Online Backup Software by Remote Backup Systems is unaffected by the “Heartbleed” exploit to OpenSSL that was revealed recently.

“OpenSSL” is a security protocol used by many companies to protect their websites and sensitive file transfers. A major vulnerability was recently disclosed in this open source module, which can result in the loss of very sensitive information like passwords, encryption keys, and the contents of files uploaded to Online Backup services.

Remote Backup Systems uses no open source modules in our software, so this catastrophic vulnerability does not affect any of our Online Backup software or any of our software used by our Partners.

It also does not affect any of RBS’ websites or portals, since all of our sensitive servers run on Microsoft Windows.

It DOES however, affect Ahsay(1) and Vembu Storegrid(2.) See below for citations.  (This line was stricken because we have an unverified report challenging our assertion and we are granting the benefit of the doubt. These products ARE, however, affected by the following…)

Once again I’m warning you to steer clear of Online Backup solutions that use Open Source software. While there’s nothing intrinsically wrong with using Open Source, and MANY (if not most) companies use it in one form or another, it can seriously complicate security by making it next to impossible to maintain up to date updates to software that contains it.

For example, one of the companies mentioned above uses at last count fifteen (15) open source modules in their software. Each open source module is being actively developed and upgraded by a separate team of people who do not work for the above companies, do not communicate with one another, and are under no obligation to notify the above companies that a security patch is available.

When a critical security patch is applied to any of these open source modules by their development teams, the correct procedure is for the company using it to immediately learn about the patch, patch their product, and then to push out a patch to their Partners, and for their Partners to immediately push out a patch to their end users.

See the problem here? With fifteen different teams working independently, it’s next to impossible for an Online Backup company to stay current on all patches, and far more impossible for them to distribute patches as quickly as they should, and even more impossible for Partners to upgrade their end users.

Proper security patch distribution for such a mix and match software product might require Partners to update their end users ten or more times per month!

RBS uses no Open Source software. We maintain up to date security patches and make it easy for our Partners to do so, too.

1.    http://www.google dot com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CCgQFjAA&url=http%3A%2F%2Fwww.ahsay.com%2Fdownload%2Fdownload_document.jsp%3FdocumentName%3Dprd_admin&ei=XtFGU527MfKkyAHutYC4CA&usg=AFQjCNFFgv9BoWe3PY4_T9pUFAVX5jP-RQ&bvm=bv.64507335,d.aWc

2.    http://storegrid.vembu dot com/online-backup/sp-help/freebsd-client-only-installation-guide.html

Online Backup Software Pioneer Announces Availability of Latest Version of Industry Defining White Labeled RBackup Online Backup Software

April 10th, 2014 No comments

 

Remote Backup Systems today announced the immediate availability of its RBackup Online Backup software for Service Providers. Partners of RBS use RBackup to provide fully brandable, self-hosted Online Backup services to more than a million end users worldwide. Read more…

Changes Coming on April 15 at RBS

April 10th, 2014 No comments

 

With the new release of RBackup version 11.10, RBS is announcing some changes that we think will improve your quality of service. Here’s an outline of those changes. Read more…

Amazon Price Reduction Good News for RBackup’s Online Backup Partners

March 27th, 2014 No comments

Amazon has done it again – their 42nd price reduction in six years. Here’s the story…

It is always fun to write about price reductions. I enjoy knowing that our customers will find AWS to be an even better value over time as we work on their behalf to make AWS more and more cost-effective over time. If you’ve been reading this blog for an extended period of time you know that we reduce prices on our services from time to time, and today’s announcement serves as the 42nd price reduction since 2008.

via Amazon Web Services Blog: AWS Price Reduction #42 – EC2, S3, RDS, ElastiCache, and Elastic MapReduce.

Online Backup vs. Cloud Storage – a Dumb Debate

March 25th, 2014 No comments

I am seeing a considerable number of articles lately with titles like “Cloud Storage vs. Online Backup,” and “Which is Best: Cloud Storage or Online Backup?” Many of the articles seem to be written by people with a bias toward one or the other, with most written by authors defending the claim that Cloud Storage is “best.” Read more…

Five Ways That Small Businesses Risk Customer Data – Businessweek

March 14th, 2014 No comments

Hackers don’t just go after multinationals. Smaller companies are often prime targets for attackers looking to exploit vulnerable security systems, says Kevin B. McDonald, executive vice president of computer network management company Alvaka Networks. Entrepreneurs may also be snagged by hackers who cull through a wide swath of computer IP addresses looking for weaknesses.

via Five Ways That Small Businesses Risk Customer Data – Businessweek.

Online Backup Partners: Don’t fight ‘em. Join ‘em!

February 19th, 2014 No comments

All these cheap and free online file sync services like Mozy and Carbonite seem to frighten some RBS Partners. But don’t worry! They’re actually really good for our business. Here’s how you can join them instead of fighting them! Read more…

Free Hotsite Open for Online Backup Providers During Ice Storm

February 12th, 2014 No comments

We’re here if you need us.

We’ve activated our Online Backup hotsite for FREE use by our Partners in the areas of the U.S. impacted by the current winter storm. This offer is open to any of our current or past Partners, no matter the level of your Maintenance subscripition.

We can take your traffic in our data center for the duration of your outage. Click the link below for instructions on how to use the system.

MORE INFO HERE

 

How Hackers Take Down Web Sites [Video] | Observations, Scientific American Blog Network

February 12th, 2014 No comments

This doesn’t have much to do with Online Backup, but I found it to be interesting – Rc.

Many of the Web sites we visit every day are under cyber attack by malicious hackers looking to disrupt business transactions, discourage people from using a particular online service or exact payback for some real or perceived slight. One of the most common ways to bring down a site is to flood its computer servers with so much traffic, they slow to a crawl or shut down because they simply can’t handle the volume. This is known as a denial-of-service DOS attack.

via How Hackers Take Down Web Sites [Video] | Observations, Scientific American Blog Network.

Good News for Online Backup – Amazon AWS Lowers Prices on EBS and S3

January 21st, 2014 No comments

 

Following a trend of price reductions, Amazon today announced a significant reduction in price for its S3 and EBS storage services. These services are popular with RBS’ Online Backup Partners. Read more…

Worried about how to keep your files accessible for decades? Me, too. | Dallas Morning News

January 3rd, 2014 No comments

http://www.dallasnews.com/business/columnists/jim-rossman/20140102-worried-about-how-to-keep-your-files-accessible-for-decades-me-too..ece


( ! ) Fatal error: Exception thrown without a stack frame in Unknown on line 0