Social Media

One of the critical aspects of Web3 technology is the protective power of decentralization. By taking advantage of the unprecedented interconnectivity of the modern internet, we can arrive at previously unimaged storage solutions. While on the surface, storage had looked the same all these years, behind the scenes, we’ve made massive strides to build a more secure and accessible workplace online. Digital sharding is a technique in our toolbelt that has revitalized file storage security in ways that are both fascinating and revolutionary.

What is Digital Sharding?

To understand digital shards, we need first to understand decentralization. Currently, the internet lives on centralized structures. Think about some of your favorite websites. Say you’re a regular reader of a webcomic. That comic and website both live on a single server somewhere on the internet. All of its information, the comic itself, the layout, and the text on the site, sits in a relatively inaccessible hard drive segment silently providing access to its readers. This is what tech companies mean when they talk about centralization. The term references a storage system that relies on storing data in a single, centralized location. 

The opposite end of the spectrum then is decentralization. When we decentralize a storage system, what we’re doing is taking advantage of multiple servers across the planet. Instead of housing all of our information in a single place, we will create backups or secondary, identical access points. If your online comic in this example is decentralized, then the loss of a single server would no longer mean a loss of the comic. Hackers looking to pull a site from the internet in exchange for a ransom would have to track down and breach every iteration of the comic before they could successfully commandeer.

Digital shards are simply an expansion of the idea of decentralized backups. Instead of creating and saving several full versions of the same data, digital shards are packages that are separated from each other and stored across a series of different servers. These individualized packages can only be brought back together by authorized users, creating an infrastructure that’s much more difficult to breach. 

Digital sharding and database shards are an integral part of blockchain technology. They’re examples of what’s referred to as a shared-nothing architecture^[1]. Shared-nothing architectures are entirely autonomous, which means that each server participating in the decentralized system runs entirely on its own. This individualized participation bolsters the security and resilience of a decentralized system. Blockchains are “write-once” ledgers of actions that rely on sharing information with multiple servers. With servers to compare changes to, blockchains are able to cross-reference any changes written to weed out any false entries made by bad actors. By combining the decentralized self-referential aspects of the blockchain with digital sharding, we create a file-sharing and storage system that’s incredibly secure and resistant to cyber-attacks.

Why We Rely on Digital Sharding

Privacy on the internet is about more than simply keeping your information to yourself. It’s a delicate balancing act requiring robust security measures to protect you from bad actors online. Reclaiming privacy is a proactive process that requires maintenance and innovation because privacy online is constantly in flux.

Digital sharding combined with strong password hygiene and our robust end-to-end encryption gives file storage a plethora of advantages over centralized storage. For instance, if we think back to cyberattacks like the discovery of the Heartbleed exploit in 2014, we can see one of the most significant downsides of centralized online structures^[2].

Heartbleed, for those unfamiliar, was an exploit that took advantage of the communication between two systems. The handshake that takes place to confirm two systems exist and are speaking to each other was used to ask a system to over-share information it had tucked away. If that information was something like an encryption key or a database full of passwords, then those secrets were laid bare and used on the internet to pull even more data out of unsuspecting users. The layperson was totally helpless in this situation. Their only recourse was to react to their information bleeding out of servers they had trusted with their data. 

Imagine now, if a similar exploit were discovered in a decentralized storage system. A hacker would need to track down a network of systems that only communicate their data with each other in a set of particular circumstances, figure out how to decrypt and extract several fragments of information, and finally, they would need to understand how to reassemble the data they got their hands on without knowing what they even procured^[3]. 

More Than Security, Privacy

As digital sharding becomes a technology more accessible to the wider internet, we will see a drastic increase in the security floor of the internet. By creating a series of servers that house fractions of information, we are creating a network that is collaborative, private, and difficult to breach. 

We’re already creating creative solutions to early problems presented by this fundamental shift in how we think of file storage. For instance, redundancies are built into the sharding process in the form of backup shards. These backup shares are also split up into more pieces of varying sizes than needed for retrieval. Think of it as duplicating jigsaw puzzles with varying, overlapping solutions. If a few nodes have been knocked offline due to failure or malware, the data your clients have entrusted to you will always be easily retrievable.

You can sign up for a 14-day trial of AXEL Go Premium with all of our features unlocked and see why AXEL Go is leading the future of file-storage

Sources 

[1] Mark Drake. 2022. “Understanding Database Sharding | DigitalOcean”. Digitalocean.com. https://www.digitalocean.com/community/tutorials/understanding-database-sharding.

[2] Jake Frankenfield. 2022. “What Is Sharding?”. Investopedia. https://www.investopedia.com/terms/s/sharding.asp#:~:text=Sharding%20splits%20a%20blockchain%20company’s,when%20compared%20to%20other%20shards.

[3] Shawn Wilkinson. 2022. “Busting Five Common Myths about Decentralized Storage”. Storj.io. https://www.storj.io/blog/busting-five-common-myths-about-decentralized-storage.

You can’t spend fifteen minutes online without running into the phrase “Web 3.0.” Web 3.0 means many things to any number of people, it might look like an investment vehicle for some, for others, it’s a way to reclaim their financial security, for businesses it can be a tool for protecting and privatizing their data. With the big crypto crash shaking public confidence in the technologies of the future, let’s take a look at what Web 3.0 really is and how it can 

What is Web 3.0?

Web 3.0 is a term coined by Gavin Wood, one of the co-founders of Ethereum. He defined it as  a “decentralized online ecosystem based on blockchain.”^[1]  Understanding that requires a brief explanation of the blockchain. Often, definitions of the blockchain are mired in buzzwords and tech-talk, but it can most easily be understood as a public-facing, decentralized ledger. Blockchains are simply open books that have been backed up and verified by multiple sources. This is where the decentralization comes in. Decentralized technology is simply the act of eliminating a centralized hub for spaces on the internet. Blockchains, are naturally decentralized, everyone accessing the blockchain participates, in some form, in verifying and housing the most current state of the ledger, further reinforcing and solidifying its accuracy. 

This understanding of the basics of Web 3.0 is essential when considering the future of the internet. With two tools: blockchains and decentralization, we can rethink the way we work online.

Popular Misconceptions

Cryptocurrency, non-fungible tokens, and publicly facing ledgers have a chokehold on Web 3.0-related conversations. They are flashy and unique aspects of the future. These examples of Web 3.0 innovations are immediately able to showcase the unique aspects of a decentralized structure of the internet. These are, ironically, the least interesting uses of Web 3.0. Cryptocurrencies and NTFs are only as useful as their public perception, whereas the technologies backing them build a more robust internet.

Cryptocurrencies are simply a byproduct of Web 3.0, not a technology inherent to its structure. Cryptocurrencies are a clever way to monetize the immutable and decentralized aspects of this new generation of the internet. Blockchains require proof of work (essentially, solving complex calculations) and along with their public-facing nature, Web 3.0 can provide a relatively stable (outside of the speculative bubble) ecosystem for currencies or tokens of ownership. The unique immutability of a decentralized blockchain-based ownership token is an interesting draw for investors and speculators, but we’d like to stress how effective the underlying technology has been over the last few years at sustaining the rapid rise of crypto.

As digital inhabitants, we can dream bigger. The rise of web 3.0 is an exciting prospect, with incredible potential. Cryptocurrencies are exciting and interesting, but as they stand now, they’re also volatile and unreliable as a method of exchange^[2].

How We Can Use Web 3.0 

The strengths of Web 3.0 lie in creating a more secure and less ephemeral internet. Blockchain-backed storage systems and decentralized access points for websites and services. Web 3.0 aims to eliminate service blackouts by creating more frequent peer-to-peer connections, URL decay would become a thing of the past, and archival efforts would become more resilient and accessible to the layperson and library alike. 

A technology that’s much more practical, if less flashy, than cryptocurrency is the Interplanetary File System (IPFS). IPFS works by creating a secure peer-to-peer connection all around the planet. By encrypting, dividing, and distributing data stored using IPFS, we can create a cloud that’s more secure while maintaining and improving our digital privacy.^[3] Think of the peace of mind you’d have using your iCloud service knowing that your data was encrypted end-to-end and backed up on a decentralized network of servers that couldn’t scan the contents of your storage.^[4]

What Does Web 3.0 Mean to Us?

AXEL Go is the file-sharing service of the Web 3.0 era. Our blockchain-backed service is based entirely on decentralization, security, and privacy. We believe in going the extra mile when it comes to data protection. We will never collect your data, peek into your files, or sell your information to a third party. The only thing we care about is security and service in the modern age. 

You can sign up for a 14-day trial of AXEL Go Premium with all of our features unlocked and see why AXEL Go is leading the Web 3.0 charge

[1] Edelman, Gilad. “What Is web3, Anyway?” Wired. Conde Nast, November 29, 2021. https://www.wired.com/story/web3-gavin-wood-interview/.

[2] “Opinion | Crashing Crypto: Is This Time Different? – the …” Accessed May 19, 2022. https://www.nytimes.com/2022/05/17/opinion/crypto-crash-bitcoin.html. 

[3] “# How IPFs Works.” IPFS Docs. Accessed May 19, 2022. https://docs.ipfs.io/concepts/how-ipfs-works/. 

[4] Orr, Andrew. “Apple Now Scans Uploaded Content for Child Abuse Imagery (Update).” The Mac Observer, August 9, 2021. https://www.macobserver.com/analysis/apple-scans-uploaded-content. 

In an increasingly digital world, we’re faced with a crisis of impermanence. Where once we had record collections, sprawling personal libraries, and a personal collection of magazines, we now rely on constantly changing websites and streaming services for our media and memories. As the internet strides ever closer to Web 3.0, we should be examining the benefits the InterPlanetary File System (IPFS) has in terms of preservation.

Digital Preservation Efforts

We, as humans, have yet to crack time travel. The closest we can come to turning back the clock is through careful study of artifacts left behind. We typically think of museums when we imagine preservation efforts, but non-profits, libraries, and Tech Giants like Google have all had their hand in collecting, digitizing, and redistributing media of days gone by. 

Archival in the sense most relevant to us is the process of accumulating primary source documents for the purpose of preservation or research. An archive can be made up of anything from legal documents that were used to launch a small business, personal art diligently scrawled in the comfort of your home, or faithful backups of films.

Sites like The Internet Archive^[1] dutifully track and preserve past iterations of websites, granting some degree of permanence and accountability to an internet that is otherwise ephemeral. Everyone from journalists tracking trends across the internet’s history to linguists^[2] dissecting the internet’s volatile changes to modern language rely on archival to make sense of the world as it whipsaws past us at the speed of history. In a less culturally romantic sense, we also rely on digital archives to keep business running in the modern world. Bank statements and phone records keep us honest, and if we’re not doing our best to secure and preserve them, we could be in a lot of trouble.

We’re also finding ourselves in a world where media companies would much rather rent a product or subscribe you to a streaming service. What happens to our media when these services decide it is not profitable enough to hang onto influential, if obscure art? Archival acts as a crucial solution to the plight of the hobbyist or the media critic.

The internet is a unique and indispensable tool when it comes to archival. When done with care, we have nearly infinite access to lossless music masters, pristine scans of literature, and faithfully recreated websites that offer insight into our past. Digital archival efforts require immense amounts of storage, security, and reliable backups. Currently, we tend to rely on centralized storage solutions paired with backups in the event of network blackouts or worse.

With the rise of IPFS, we’re beginning to see the birth of a more sensible archival solution.

IPFS is a decentralized method of storage. Rather than loading up a server or two with all of our most precious information and relying on its continued health, IPFS storage takes a more egalitarian and robust approach to storage.

The Benefits of IPFS Archival

To simplify, allow us an analogy. The current model of digital archival is like saving all of your most important files to your desktop’s hard drive and backing them up on a thumb drive you keep in the office. If these are lost (like in a fire) or inaccessible because you’re away from the desk, then your archive will do you no good. IPFS in this analogy creates and maintains hard drives all over the world. Your “desktop” can be accessed from anywhere with an internet connection, and losing a single peer (or thumb drive to keep the analogy going) would not be enough to bring down your backups. 

IPFS as an archival platform is much more robust in every sense than our web 2.0 model of storage. Today, if your archival isn’t built with bespoke servers maintained and funded entirely by your own organization, you run the risk of losing everything with the flip of a single lever^[3]. 

Libraries, believe it or not, are more popular than they have ever been because of their ability to distribute digital copies of books^[4]. This is an institution that would benefit greatly from integrating IPFS infrastructure into its archival solution. It’s easy to underestimate the degree to which we should be protecting our libraries^[5], but IPFS storage would be a crucial step in ensuring the future of our literary archives, be it for the voracious amateur reader or the academic.  

AXEL’s Archive

AXEL Go is a file-sharing and storage solution that takes full advantage of IPFS storage. Our decentralized servers are encrypted with military-grade AES 256 encryption and designed to be easily accessible to the average user. 

Whether your storage purposes are archival or professional, we provide a simple and effective digital storage solution that’s robust and secure. Sign up for a 14-day trial of AXEL Go Premium with all of our features unlocked and see why AXEL Go is leading the Web 3.0 charge.

Citations

[1]  “Wayback Machine General Information.” Internet Archive Help Center. Accessed May 12, 2022. https://help.archive.org/help/wayback-machine-general-information/#:~:text=What%20is%20the%20Wayback%20Machine,archived%20version%20of%20the%20Web

[2] Grady, Constance. “The Internet Has Changed the Way We Talk. in Because Internet, a Linguist Shows Us How.” Vox. Vox, August 2, 2019. https://www.vox.com/culture/2019/8/2/20750773/because-internet-review-gretchen-mcculloch-linguistics

[3] Jensen, Kelly. “Libraries Are More Popular than Ever and Library Workers Don’t Earn Livable Wages: The State of U.S. Public Libraries.” BOOK RIOT, February 8, 2022. https://bookriot.com/libraries-are-more-popular-than-ever/

[4] “How Digital Storage Is Changing the Way We Preserve History.” VICE, February 19, 2016. https://www.vice.com/en/article/avypge/how-digital-storage-is-changing-the-way-we-preserve-history.

[5] “Bloomsbury Collections at the Heart of Research.” Bloomsbury Collections – Electronic Literature as Digital Humanities – Contexts, Forms, & Practices. Accessed May 12, 2022. https://www.bloomsburycollections.com/book/electronic-literature-as-digital-humanities-contexts-forms-practices/ch20-challenges-to-archiving-and-documenting-born-digital-literature-what-scholars-archivists-and-librarians-need-to-know

Virtual Private Networks (VPNs) are currently the premier strategy for disappearing on the internet. Users of VPNs take advantage of a secondary server that reroutes, disguises, and scrubs their internet activity. VPNs make their money by giving users the option to keep their information to themselves in a world that increasingly demands the right to peer over our shoulders. India has introduced legislation that, if adopted around the world, would deal a massive blow to the very concept of Web 2.0 privacy.

The Legislation

A national directive from India’s Computer Emergency Response Team (CERT-in) has demanded that VPNs collect and store customer data that would make their users easily identifiable and totally undermines the business model of these networks^[1]. The policy asks that VPNs store: validated customer names, physical addresses, IP addresses (including original, reissued, and any previous addresses), reasons for using their services, and dates. All of these are to be packaged together to create a sort of “ownership pattern.” CERT-in wants VPN companies to take all of this information and set it aside for a minimum of five years.

Most obviously, data like this can be used by the government to take a look directly at all of the internet activity of any user passing through the servers of these virtual networks. Any download, purchase, or stream could easily be laid bare at the feet of any official that signs off on the right paperwork. 

Secondly, we see how this invalidates the utility of a VPN. We turn to these services when we want to opt out of the ravenous cycle of scraping and selling our data. Private users of VPNs do so with the express purpose of keeping their data to themselves. When VPNs are forced to hold onto this information, private users might as well parade around the internet without a private network. Businesses and remote employees are a large constituency of the virtual private network. They depend on VPNs to do business online in a secure and confidential manner. 

What Happens to VPN Companies?

Companies that provide virtual private networks would find themselves on the hook for infrastructure they want no part of. Currently, VPNs are built with servers that use RAM disks rather than rewritable memory. This makes them much more nimble and they don’t have to dedicate resources to setting aside terabytes of information for half a decade (or longer if they want to err on the side of caution, as many companies do). 

Any VPN company operating in India either has to dump a significant portion of their revenue into refitting their facilities or they need to start looking into moving to another country entirely. There’s also the possibility of other governments following suit in the wake of CERT-in’s decision. 

VPN companies, while concerned with the privacy of their customers, will now be faced with the allure of selling their user’s data. After being asked to collect and collate it, they’ll be in the unique position of holding the exact information that was once off the market just a few short days prior. We’d love to remain optimistic in this case, but the financial gain would simply be too enticing for many companies to resist^[2].

Storage of your personal data also implies the potential that hackers will find a way to pry open whatever storage solution VPN companies settle on. We can see by looking through the directions CERT-in put forward that they don’t require any sort of standard of storage^[3], all they want is data that can be reconstructed and easily accessed in the event that a “cyber security incident” requires the information is recalled and presented. We can see in these directions that a “cyber security incident” can be as vague as it needs to be. VPNs in India will not only be at a distinct disadvantage after this takes effect — they’ll also be plump targets for hackers.

How does IPFS solve this

The InterPlanetary File System (IPFS) and the practical applications of Web 3.0 are on the rise, and they’re solutions that aim to create an internet where this sort of legislation can no longer extend its fingers into your personal data. IPFS and end-to-end encryption create an ecosystem where tracking, storing, and spying on personal data is effectively undoable. 

Unfortunately, early applications of Web 3.0 technology has been caught up in the frenzy of cryptocurrency and get-rich-quick schemes. The true potential of a decentralized internet lies in the security and freedom users can find by unchaining themselves from centralized authorities online. IPFS storage systems don’t rely on a single server to store your data, making it incredibly difficult for outside actors to access it — that includes providers of the storage service. The only person with the key to unencrypt your data is you, the only eyes on your decentralized data is you, and the only agency storing your data is you. IPFS obliterates the role of the central “middleman” when it comes to storage, creating an online collective that can’t simply be strong-armed into setting aside your private information for access by a government body.

AXEL Wants to Protect Your Privacy

AXEL is a decentralized storage solution for all of your storage and file-sharing needs. 

You can try AXEL Go Premium with all features unlocked free for 14 days. Sign up today and see how AXEL Go can improve your workflow and supplement your organization’s cybersecurity.

Citations 

[1] Hodge, Rae. “India Orders VPN Companies to Collect and Hand over User Data.” CNET. CNET, May 5, 2022. https://www.cnet.com/news/privacy/india-orders-vpn-companies-to-collect-and-hand-over-user-data/.

[2] Brown, Brad, Kumar Kanagasabai, Prashant Pant, and Gonçalo Serpa Pinto. “Capturing Value from Your Customer Data.” McKinsey & Company. McKinsey & Company, April 28, 2022. https://www.mckinsey.com/business-functions/quantumblack/our-insights/capturing-value-from-your-customer-data.

[3]  “No. 20(3)/2022-CERT-in Government of India Ministry of …” Accessed May 5, 2022. https://www.cert-in.org.in/PDF/CERT-In_Directions_70B_28.04.2022.pdf.

Security in 2022 is simultaneously an incredibly simple and precarious balancing act. We are surrounded by technology that improves, simplifies, and rules our lives. Our phones have access to our credit cards, desktops are filled to the brim with family photo albums, and our workplaces are bound together by networks of servers humming away in silent corners of our offices. As ransomware attacks and other unfortunate data breaches become cheaper and easier for bad actors to execute, we have a duty to take actions that secure our privacy online.

Updates

The simplest security tactic you can implement is regularly updating your software. We understand the frustration of sitting down to work only to be greeted by requests to shut down your machine in service of an update. It intrudes on workflow and often seems frivolous, but that could not be further from the truth. More often than not, software updates are done to patch out exploits. Software engineers have a personal and professional stake in keeping their products secure for their customers. Nobody wants to release the app that costs them millions in lawsuits or has their name tied to weeks of negative press^[1]. 

If you think of security as an arms race, we can begin to see why updates are crucial to the continued digital safety of your workplace. Hackers rely on back doors, loose locks, and dropped keys. Software updates shut those doors tight and continue to provide digital safety. Every security breach acts as a teaching moment for developers. When a single customer loses their data, developers are presented with the opportunity to address a new security issue. Updates are an effortless asset in the security toolbox, and while they may put a brief pause on work, the time spent is well worth the benefits received

Phishing Scams and Spam

Emails have been around for decades. They’re the default mode of communication in professional settings, they’ve become the mailbox of the modern world, and a world without email is one without effective communication. That doesn’t mean that emails are flawless. Brad Tempelton, founder and CEO of ClariNet Communications, the first company founded to engage in commercial activity over the early Internet notes that email scams and spam have existed nearly as long as email itself has existed^[2].

Like anything, we need to employ our critical thinking and best judgment. Phone scams and pyramid schemes are met with skepticism, and emails need to be treated with equal scrutiny in the workplace. When we receive emails that ask for information or take us to unfamiliar webpages, it’s always better to be safe than sorry. Follow up with someone if an email address seems suspiciously similar, risk seeming over-cautious rather than clicking blindly on a convincing scam. 

Securing credentials

Movies have given us a popular, if flawed, perception of hackers. We tend to overlook one of the hacker’s preferred methods of entry, the login screen. Of course, passwords are often brute force cracked by algorithms tirelessly testing out common letter combinations, and workarounds are found for systems every day, but if a bad actor can pluck a password out of a recycling basket or talk an unsuspecting coworker out of private information over the phone, then that saves them time and resources.

We need to remember that our security online doesn’t stop at the computer screen. Avoid writing passwords in unsecured emails or texting them to untrustworthy recipients. If “IT” asks for an administrative password, insist on entering it yourself rather than sharing it. Change them early and often, and establish office-wide best practices that generate uncommon passwords that are easy to remember to deter coworkers from writing them in easy-to-lose places.

Encrypting your files 

In many workplaces, sensitive information is exchanged hundreds of times per day. Internal communication, social security numbers scrawled on contracts, and scans of driver’s licenses are piped from system to system to keep work happening smoothly. If a hacker is able to “wiretap” your file transfers, then they can pluck your unencrypted files out of a stream of data and lay bare their contents. Unsecured or public wireless networks are points of entry often overlooked by remote employees, and hackers love dipping into these streams of naked information to see what they can find.

End-to-end encryption is the process of obscuring that data while it’s in transit. Encrypted data can only be read when unlocked by a randomly generated key, meaning intercepted data is effectively useless to an unauthorized third party. File sharing services that offer simple end-to-end encryption and secure file retrieval are an easy way to secure your business’s everyday dealings.

Education

By reading this piece, you’re already setting yourself apart from the competition. By far, the weakest link in security infrastructure is the lack of information^[3]. The three most common points of entry for ransomware attacks — phishing, poor practices, and training —  boil down to gulfs in education. We need to keep our workplaces well-informed if we want to protect our businesses from bad actors. Taking a little time out of our schedules each quarter to update colleagues will pay off dozens of times over. 

When it comes to online security, knowledge is power.

Join AXEL

We creature secure ecosystems for your sensitive data. Our end-to-end encryption, secure fetch, and dedication to privacy easily slot into any workplace. AXEL is the industry leader in private and secure file storage. 

You can try AXEL Go Premium with all features unlocked free for 14-days. Sign up today and see how AXEL Go can improve your workflow and supplement your organization’s cybersecurity

References

^[1] “5 Reasons Why It’s Important to Update Your Systems Regularly.” Datek Solutions. Accessed April 21, 2022. https://www.datek.co.uk/blog/software-update#:~:text=Increased%20efficiency,giving%20greater%20efficiency%20to%20users. 

^[2] Reaction to the DEC spam of 1978. Accessed April 21, 2022. https://www.templetons.com/brad/spamreact.html.

^[3] Johnson, Joseph. “Leading Cause of Ransomware Infection 2020.” Statista, February 16, 2021. https://www.statista.com/statistics/700965/leading-cause-of-ransomware-infection/.