Normally I like to stick to UK and Irish firms on this site but I’m going to make an exception with Wuala, because it looks pretty interesting.
“Wua.la” is a startup coming out of Switzerland, which I met at the recent Future of Web Apps conference in London. Co-founder Dominik Grolimund – who is as of today, driving around in Silicon Valley pitching the idea – told me that Wuala is basically a peer-to-peer file storage and sharing system. Think BitTorrent for storage – but the difference is that Wuala has added ‘persistance’.
Wuala – currently in a closed alpha phase – stores a user’s files in multiple pieces, encrypted on multiple hard drives, anywhere on the Internet. If that sounds like a legal and security nightmare, then it probably is. What we are talking about here is someone storing, on your hard drive, absolutely anything and in an un-crackable form. In return you get the same service. They can’t see your files, you can’t see theirs. Not even Wuala can see them, since encryption and decryption is performed locally and a member’s password is never sent to Wuala.
The software does this via a free desktop application for Windows and Mac which – suggest the early screen shots I’ve seen – make the service look just like a folder on your hard drive. You can drag and drop files, upload files in the background, open files in your favourite application, and stream media files directly. Being a P2P service like BitTorrent, Wuala is decentralised and can harness idle resources of participating computers to build a large online storage network.
What does Wuala get out of it? They get a small advert in a window on the file-storage software you use to encrypt and store you files. Plus, maybe, the opportunity to offer some kind of premium service down the line. In my opinion this doesn’t sound like a very viable advertising business, especially as they are not even allowed to see the files on the system so can’t target advertising.
Alarm bells ring further when I read on Wuala’s own site that “you can use it to share files such as photos, videos, music, or documents with friends or groups.” Of course the infinite, free and highly secure nature of the service suggests it could well become a haven for some fairly unsavoury material. Grolimund says not even the NSA could crack the encryption, and since Wuala is in Switzerland in theory it is a very ’safe haven’.
In the public sharing space on Wuala you’ll be able to publish files for other Wuala users to see, search and browse, store any file you want in any size you want, and download with no traffic limits. Members start with 1GB of storage and increase this amount by trading some space on their hard disk for additional storage. Since the network is P2P you can access it from anywhere at any time, even when your computer is offline, though it helps, says Grolimund, if your PC is online for about 4 hours a day – an easy enough issue for many.
The background to Wuala is interesting in that it came out of an academic project at the Swiss Federal Institute of Technology Zurich.
Grolimund himself is a 26 year old former computer science graduate who co-founded Caleido AG – Wuala’s owner – with Luzius Meisser. Caleido is best known for developing the Caleido Address-Book, a professional contact management software, of which over 35,000 licenses have been sold so far in Switzerland, Germany and Austria. It’s cash from this firm which is funding Wuala currently.
The upshot with Wuala is that as nice as it sounds having infinite storage at your fingertips, the mere thought that some pretty nasty people may use my hard drive to store their files – even if I can’t see what they are storing – rather puts me off. Furthermore, storage is really not that expensive these days. Wuala feels more like a system to store things you don’t want anyone else to see. Granted you can share pictures or video of your wedding with friends on Wula, but surely innocuous material like this can be fairly easily emailed or uploaded to a closed YouTube friends family group.
Perhaps I’ve got it wrong, but a massively encrypted, unlimited, distributed P2P network feels like overkill for the average user, but a God-send to the darknet,. It’s also another headache for the Recording Industry Association of America, and their brethren around the world. However even if Wuala doesn’t succeed, I’m sure the concept will be re-invented by others.
Sounds like a solution to a problem that doesn’t exist…
Re: NSA could crack the encryption,
Surely the encryption is only as good as the users password? And as most people aren’t going to use an incredibly long and difficult to guess password it could be cracked using brute force methods?
I’m with you on this one too, Mike. I certainly wouldn’t want my storage being used to store anything dodgy.
It’s a very clever idea and I’m sure it will work really well but I can’t think of anything ‘legal’ that would require such a service, which then leads to the question – where’s the income and what’s the business model?
Happy to hear of any legit reasons to use such a service though!
Hi Mike,
Thanks for your critical review. I’d like to take the chance to comment on it. As with almost any technology, there is potential for misuse (see for instance Scott Berkun’s ethics chapter in “The Myth of Innovations”), and as the inventor or engineer you need to be aware of that. In our case, we’ve discussed a lot about potential misuse and we try to do whatever we can to fight against it. There are several reasons why we believe Wuala doesn’t leverage misuse in another dimension than existing technology. If friends want to exchange encrypted illegal or bad files, they can do so already today, and this is clearly not the problem for the music and film industry. If someone publishes a bad file, then everybody can see it, and if we detect it either by ourselves or if someone someone reports it to us, we will take it down immediately (users can report inappropriate files and you can also report abuse directly on our website http://wua.la/en/abuse.html). When it comes to private groups, we have the possibility to limit the number of people in any private group, so in effect taking away the potential leverage of sharing files encryptedly with “lots of strangers”. What is also important is that users in Wuala are not as anonymous as in other networks. A file is clearly associated with the person who uploaded it. So if a illegal/bad file is detected, we can take it down and also call the user to account if necessary.
I know that I probably didn’t cover all the issues you brought up. I just wanted to give you a quick response to the most important points I saw. Good use of Wuala clearly dominates over potential misuse and if you look closer at Wuala, you will realize that it doesn’t really leverage misuse, but even takes away lots of the possibilities that evildoers have on anonymous networks.
Having said that, I’d like to emphasize two points. First, we think privacy is a very important issue and believe that everyone should have a place where he or she can store files securely so that no one, not even the service provider, can see them. In today’s internet services, privacy is at stake with big corporations having access to all your data — it needs a technology such as Wuala where your files are encrypted on your computer and your password never leaves your computer. Second, with Wuala, we want to build and foster a platform for legal content. Because Wuala democratizes online storage and distribution, in the sense that it gives free storage to everyone and allows people to store their own files in any size and quality they like, this is for instance great for independent artists who don’t have the money to distribute their content elsewhere. Also, your wedding example was a good one: Never before was it easier for a group of people to share photos, videos, music, or even documents of an event. They simply drag their files into Wuala, post it to the wedding group, and then every member of that group can see and access the files. It’s that simple.
Best,
Dominik
@Dan Field: What you say about the password is correct (users are encouraged to choose a strong password).
I personally find this service an amazing idea, privacy on internet is a huge issue and one which few really have a solution for. Let’s say if I make a search with certain keywords on Google, the data is not only held at Google but at my ISP as well. Now it may not seems like a problem if you are searching for “hair products” but what if the topic gets controversial like “source of osama latest videos” and your intention is purely for research purposes?
Innovations like proxy servers failed due to their lack of distribution models and solutions like Tor are way too slow. The above two are just for browsing and we can’t seems to find a solution to it. With wuala you are taking about file transfer. Though it is a bit freaky to say that I store someone else’s files on my computer and mine may be saved somewhere else, though they are encrypted but it still doesn’t sound right. Let see how wuala takes care of this problem.
“even if Wuala doesn’t succeed, I’m sure the concept will be re-invented by others.”
Heh. Yep, thats true. Wuala is already a reinvention. Look up Mojo Nation from the year 2000 and notice its descendants such as the current allmydata.com sponsored Tahoe at http://allmydata.org/trac/tahoe/. Both are open source.
Also, Bram Cohen worked on Mojo Nation before leaving when the money dried up to go create BitTorrent which solved an actual problem based on internet users needs.
-gps