MELDIUM APP TRENDS, NOVEMBER 2014

We reviewed Meldium’s usage data in November to idenfiy popular and trending web apps and here’s what we found.

Image

We’re up to over 1,600 supported apps in Meldium, which means customers had many new integrations to choose from. At the very top of our rankings, the same pack continues to be in the lead, with Twitter,MailchimpGmail, and AWS all gaining points in our index.

This month, we saw strong growth from some great apps. Jenkins the popular continuous integration service, Kimono Labs, a powerful tool to generate an API for any website, StatusPage, a simple service to keep your users up-to-date about service outages and finally OneSky, which helps translate apps, websites, and games.

Click here to read the full App Trends Report. 

         

Meldium App Trends, October 2014

Just like the Billboard charts for music and the Nielsen ratings for television, Meldium App Trends looks at usage data to identify popular and trending web apps each month. Each app is scored on a 100-point scale based on the number of unique people who used it, and usage is compared to the previous month. We gathered this data from an anonymized version of our comprehensive audit logs, which record every single app launch and give Meldium users a detailed trace of who is using what at their company.

Image

The Meldium team reviewed usage data for October and found that Twitter, Mailchimp, Gmail, and AWS are gaining points in the “Top Apps” category. Trello also posts the largest gain in the “Trending Up” category.

         

Can Dropbox win the battle for IT and end-user harmony?

When Netflix embarked on its goal to pivot from the world’s best known DVD and streaming provider to original content provider they offered a money quote of all money quotes – a simple phrase that summed up its ambitions and challenges in a nice neat sound byte: “The goal is to become HBO faster than HBO can become us.” software as a service

It is the first thing I thought of when reading this week’s news from Dropbox about their latest updates to the business offering. Dropbox may be among the best personifications of today’s shifting IT landscape and latest aspect of BYO trend, BYOA.

Today, the consumerization of IT is being pushed by a younger, more mobile workforce who are less inclined to draw a line between corporate and personal technology. Employees have good technology at home and they expect to be able to use it at work too. Consumerized services like Dropbox have quickly won over users – 200 million if you take the VC darlings report at face value. Consequently, IT departments are faced with deciding how to protect their networks and manage technology that they perhaps did not procure or provision.

According to what one Gartner analyst described to us as “at least 70+ contenders are looking to capitalize on IT fears by offering an enterprise – i.e. safe, IT friendly, secure, controlled – version of cloud file sync and share,” it’s a tough market for a company to differentiate itself in.  If you paid close enough attention, you’d notice that Dropbox was not on this list.

The problem for those vendors and for IT professionals is that users continue to bring in services like Dropbox in droves, and frankly they do not care what IT thinks. Users are not just looking for a “cloud storage solution”, they want one that is easy to use, addresses their work and life needs, and, most importantly, that is emotive.

To react, the “enterprise guys” talk a big game about winning over users too (see Box and their freemium offering). Trust us, Mr. IT guy, your users will love to use us.  Meanwhile the “consumer guys” are busy building out IT friendly features.

This sets up a battle for hearts and minds that, frankly, feel and think from completely different perspectives. Thus far, there are no clear winners – users bring in what they want while IT buys solutions they hope will stem the tide.

The question becomes, to paraphrase Netflix, “Can Dropbox become Box before Box becomes them?” 

Read more in the IT Guru category

(Image source)

         

New Innovation in the AppGuru Preview, Part 2: Box, Salesforce.com Join Growing App Catalog

AppGuru is designed to give IT a single, central source for managing the myriad cloud apps being adopted and used in the workplace. And as I noted in my last post, we’re actively listening to our users to help guide our decisions on functionality and AppGuru’s ever-expanding app catalog.  So, with that in mind, I’m happy to announce that we’ve added new apps to the AppGuru App Catalog. The newbies are Salesforce.com and Box.

Our strategy with AppGuru is to enable admins to manage all of the cloud apps that are critical to their businesses. We’ve been prioritizing the list based on feedback. Sync and store apps continue to be the number one request because of the security risks they can pose to a company’s data and IP. But we’re also working on integrations with other popular collaboration, helpdesk, Finance, and HR applications.

We believe that a delightful experience is what separates the great apps from the good apps. So, we’ve spent a great deal of time improving the way the app tiles animate when you’re interacting with them. Play around to get a feel for it. We’d love to know what you think.

What apps would you like to see in AppGuru? If you’re already a user, check out our feedback community which you can access from within AppGuru.  Here you can suggest or vote on apps as well as new features and functionality.

If you haven’t joined us on the preview yet, you can sign up here.

         

Attention: Spam email notification

You may have received a spam email message today with the subject line: LogMeIn Notification – Software update required. This email is not from LogMeIn, so please do not click on any links.

Our team is actively working to address this issue, and we apologize for any confusion this email may have caused. Please reference the screenshot below.

DCEFD6BA-8127-41DD-B104-F4DDACA3FFF2

         

Technical deep dive: Cubby security and Cubby Locks

After our last blog post many of you asked for more details about the Cubby Locks feature. It’s challenging to explain Cubby Locks in a way that’s technically accurate yet still easy to consume. However, since Cubby Locks is a unique and powerful feature that helps set Cubby apart from similar services, we encourage you to take the time to understand what Cubby Locks is and what it isn’t.

The first key idea is to understand that data on the cloud in a locked cubby is encrypted and can only be decrypted by your Cubby password. With most similar services, a password is used to simply keep you in or out. That is, a password is used to determine if you have the right to access the service and your data. With most other services, your data on the cloud is not encrypted or encrypted with a key which is stored somewhere along the data. This means it can be exposed to a rogue employee of the storage service provider, or anyone who manages to bypass the password-protection layer or gain access due to an error in the application.

Cubby Locks

Cubby Locks utilizes some heavy-duty math to keep your data protected. Even a rogue employee or someone who manages to bypass password-protection would find your data useless without your exact password. And just to clarify a very important point: “Data” throughout this post refers to files at rest in the cloud.  Cubby Locks does not provide data encryption on your devices; it’s up to you to secure those. And to get another item out of the way: Data in flight (that is, being transferred between your devices and the cloud) is always transmitted over SSL/TLS with all cubbies, regardless of Cubby Locks.

First let’s look at how a standard cubby works – one that does not take advantage of Cubby Locks. In our data centers all files in all cubbies are stored in encrypted form using the AES-256 symmetric encryption algorithm. The key used for this is the Cubby Data Key (CDK) and is randomly generated for each new cubby. CDKs are stored in our database alongside with other properties of the cubby. When you log in to cubby.com, the web application fetches the CDK from the database and uses it for encrypting and decrypting your data when you upload or download files from your cubby. Like with most other services, your password gets you in to the web site but is not adding any extra encryption.

During your first login to Cubby a series of events happen. First we generate a symmetric key called the User Symmetric Key (USK). We encrypt the USK with your password and store it in an encrypted form (AES-256) in our database. Second, we generate a 4096-bit RSA key pair called the User RSA Key (URK). We encrypt the private part of the URK with the USK and store it. The public part of the URK is, as its name implies, stored in plain text. Both USK and URK are specific to and generated for the user account. If you are not familiar with asymmetric encryption, here’s the shortest possible introduction to asymmetric crypto: Anything encrypted with the public key can only be decrypted with the private key and vice versa.

Still with us? Now, let’s take a closer look at Cubby Locks. When you lock a cubby we encrypt the CDK with the public part of the URK, store it in this form and delete the plaintext CDK from the database. Remember that this CDK can only be decrypted with the private part of the URK. That’s all. Simple, right? Here is the chain of encryption at this point:

  • Your password –> USK –> URK –> CDK –> access Cubby data.

The items on the left side of any arrow are the key for the encryption, while the items on the right side of any arrow is data to be encrypted. So the arrow means “right side is encrypted with left side.”

What does this all mean? Every item in this chain is stored only in encrypted format in our database except for the password, which is not stored at all by us. In order to do anything with data one needs to unlock this chain, and that can’t be done without your password. That’s why we prompt you for your password so often, and this is why no one, not even a LogMeIn employee or a hacker, can read your data without knowledge of your password.

Finally, let’s discuss the so-called Recovery Key (RK). In practical terms, you use the Recovery Key when you forget your password and must reset it to something new. As discussed above, there is no way to access cloud data in a locked cubby without your password. Without the Recovery Key, the situation would be this: “Forget your password – lose your data on the cloud.”  That is, if you were to forget your password and reset it through the standard “email me a password reset link” mechanism, your locked cubbies would be deleted from the cloud and you would be forced to re-synchronize all your data. To users a chance of avoiding this, we generated a Recovery Key for your account when you access a locked cubby for the very first time; the Recovery Key is a cryptographically random 32-character alphanumeric string. We then encrypt the USK with this Recovery Key using AES-256. (Remember,  cubby.com at this point has your plaintext USK since you have just provided your password). So now we have two copies of the USK in the database, one encrypted with your password and the other encrypted with the Recovery Key. When you go through the forget password process and enter your Recovery Key, we use it to decrypt the USK, which is then re-encrypted with your newly created password. This way you can keep your data synchronized with the cloud even if it was in a locked cubby. There is only one Recovery Key per user, so we strongly encourage you to print it and keep it safe. The Recovery Key is stored in the database encrypted with the URK, so it’s only available for you to view online after you enter your password.

  • Recovery Key –> USK –> URK –> CDK –> access Cubby data. 
  • Your password –> USK –> URK –> Encrypted Recovery Key –> Recovery Key.

We should also clarify that there is a case when a Recovery Key will be generated for you even if you don’t lock a cubby yourself.  Namely, a Recovery Key will be generated for you when you are invited to a locked cubby or are the member of a cubby that gets locked by its owner.

In many cases there is a balance between security and ease of use. The more secure you want to keep your data the more complex the process gets. With Cubby Locks you get a solution that’s among the strongest security measures on the market, yet still provides a smooth user experience and ease-of-access to your data.

Thanks for sticking through this. We hope we managed to meet the challenge of making Cubby Locks clear.  We’ll be glad to clarify if you have any questions.  Don’t hesitate let us know what you think or what you find unclear.

— Sandor Palfy

Fellow, Development & Security

         

New window sharing feature now available for PC users (beta)

PC users – your time has come. You can now share just one window instead of your whole screen, like we announced for Mac users last week. Head on over to beta.join.me to sign in / sign up and check out the feature. As always, feedback and comments welcomed at beta@join.me.

Happy sharing.

         

Get to know Cubby in 2 minutes or less

Look here, Cubbsters. We know video is where it’s at. So we made a quick diddy on where Cubby came from, what it looks like and how it works. Check it out below:

P.S. Who else misses their kindergarten cubby?

         

Introducing Cubby

Welcome to Cubby. To start you off on the path to Cubby enlightenment, here’s a few words from our CTO, Marton Anka:

On April 12 we announced Cubby, our latest product, and it was overwhelmingly well received. I thought I’d take a few minutes and explain what goals we had with creating the product and why we think it’s better than the competition.

Cubby is as simple or as flexible as you want it to be. It’s designed to suit your style, not some arbitrary requirements of the software. Simply put, it works the way you work, not the way we want you to. 

You start off with a single cubby. You put stuff into it and it appears on all your devices as well as in the cloud at cubby.com. If that works for you and you don’t need more complexity, that’s fine. You can also create one or more new cubbies and select where their contents appear. With Cubby, you gain fine control over what goes where. For example, you can have your work docs on your office desktop and laptop, your photos on your laptop and your home computer, and so on. Cloud syncing is optional, so you can set a cubby to sync peer-to-peer between your computers when you don’t need web-based or mobile access to a cubby. With peer-to-peer syncing, cubby content doesn’t count against your cloud storage quota.

Cubby is versatile. To share files with somebody, simply send them an URL that provides read-only access a particular file or folder in one of your cubbies. To collaborate with someone, simply invite them to share a cubby with you, and then that particular cubby will update its contents on the devices of your choice as well as the devices of their choice in real time as changes are made.

Cubby is a safety net. For cubbies that sync with cubby.com, we retain deleted files and previous versions of stuff you overwrite. This is automatic and doesn’t count against your quota; it simply uses whatever free space you have with us on cubby.com. If you start to run out of unused space, the oldest versions of your files are eventually thrown away, but you can easily check how your storage is used and how much space you have for storing old files.

Cubby is secure. Every cubby has its own encryption key that’s further encrypted by your password. When you log in to cubby.com and choose high security mode we use your password to temporarily decrypt your cubby keys so we can show you what you store with us, but when you’re not accessing the website we simply don’t have your encryption keys in a usable form. Your computers with Cubby installed do have a copy of these keys so they’re able to sync information back and forth without your intervention. The only downside to high security mode is that if you forget your cubby.com password and have to reset it without the recovery key that we give you when high security mode is enabled, you lose access to the  stuff that’s in cloud storage. Granted, it will re-sync from your computers as soon as they’re online but still, it’s a hassle so this mode will not be enabled by default.

NOTE: While the underlying high security functionality has been implemented (including per-cubby encryption keys) the high security mode will only be publicly available some time later in the beta.

Cubby is smart. It’s powerful and it’s certainly very easy to use, and under the hood there’s a lot of innovation. One of the coolest things is how your computers running Cubby communicate with each other: every computer is assigned an identifier, part of which is the computer’s public IP address. These identifiers are first sorted and then made to form the points around a simple circle graph. Computers will only connect to their immediate neighbor in the graph, and information will flow only between a particular computer and its two neighbors. Why should you or your ISP care about this? Well, this minimizes Internet traffic and makes Cubby replicate files very quickly. Computers on the same network will have the same public IP address which means they will be neighbors on the graph, talking with each other on the LAN without having to involve your ISP. Computers on the same ISP are likely to have similar IP addresses , so they will be neighbors in the Cubby graph, thereby minimizing inter-ISP traffic; again, making things smoother and faster.

We built Cubby from the ground up because we wanted to create a better experience that’s flexible, secure and super easy to use.  The underlying technology took us a long time to develop but,  we think it’s been worth it. Hope you’ll agree.

You can apply on the Cubby website to be part of the closed beta and chances are you won’t have to wait very long. While the line isn’t short by any standards we are letting in thousands of new users every day.

www.cubby.com

– Marton

         

Introducing Cubby

Last week we announced Cubby, our latest product, and it was overwhelmingly well received. We will be starting an official Cubby blog soon, but until then Cubby-related content will cybersquat here on b.logme.in. In order to break the silence I thought I’d take a few minutes and explain what goals we had with creating the product and why we think it’s better than the competition.

Cubby is as simple or as flexible as you want it to be. It’s designed to suit your style, not some arbitrary requirements of the software. Simply put, it works the way you work, not the way we want you to. 

You start off with a single cubby. You put stuff into it and it appears on all your devices as well as in the cloud at cubby.com. If that works for you and you don’t need more complexity, that’s fine. You can also create one or more new cubbies and select where their contents appear. With Cubby, you gain fine control over what goes where. For example, you can have your work docs on your office desktop and laptop, your photos on your laptop and your home computer, and so on. Cloud syncing is optional, so you can set a cubby to sync peer-to-peer between your computers when you don’t need web-based or mobile access to a cubby. With peer-to-peer syncing, cubby content doesn’t count against your cloud storage quota.

Cubby is versatile. To share files with somebody, simply send them an URL that provides read-only access a particular file or folder in one of your cubbies. To collaborate with someone, simply invite them to share a cubby with you, and then that particular cubby will update its contents on the devices of your choice as well as the devices of their choice in real time as changes are made.

Cubby is a safety net. For cubbies that sync with cubby.com, we retain deleted files and previous versions of stuff you overwrite. This is automatic and doesn’t count against your quota; it simply uses whatever free space you have with us on cubby.com. If you start to run out of unused space, the oldest versions of your files are eventually thrown away, but you can easily check how your storage is used and how much space you have for storing old files.

Cubby is secure. Every cubby has its own encryption key that’s further encrypted by your password. When you log in to cubby.com and choose high security mode we use your password to temporarily decrypt your cubby keys so we can show you what you store with us, but when you’re not accessing the website we simply don’t have your encryption keys in a usable form. Your computers with Cubby installed do have a copy of these keys so they’re able to sync information back and forth without your intervention. The only downside to high security mode is that if you forget your cubby.com password and have to reset it without the recovery key that we give you when high security mode is enabled, you lose access to the  stuff that’s in cloud storage. Granted, it will re-sync from your computers as soon as they’re online but still, it’s a hassle so this mode will not be enabled by default.

NOTE: While the underlying high security functionality has been implemented (including per-cubby encryption keys) the high security mode will only be publicly available some time later in the beta.

Cubby is smart. It’s powerful and it’s certainly very easy to use, and under the hood there’s a lot of innovation. One of the coolest things is how your computers running Cubby communicate with each other: every computer is assigned an identifier, part of which is the computer’s public IP address. These identifiers are first sorted and then made to form the points around a simple circle graph. Computers will only connect to their immediate neighbor in the graph, and information will flow only between a particular computer and its two neighbors. Why should you or your ISP care about this? Well, this minimizes Internet traffic and makes Cubby replicate files very quickly. Computers on the same network will have the same public IP address which means they will be neighbors on the graph, talking with each other on the LAN without having to involve your ISP. Computers on the same ISP are likely to have similar IP addresses , so they will be neighbors in the Cubby graph, thereby minimizing inter-ISP traffic; again, making things smoother and faster.

We built Cubby from the ground up because we wanted to create a better experience that’s flexible, secure and super easy to use.  The underlying technology took us a long time to develop but,  we think it’s been worth it. Hope you’ll agree.

You can apply on the Cubby website to be part of the closed beta and chances are you won’t have to wait very long. While the line isn’t short by any standards we are letting in thousands of new users every day.

www.cubby.com

-Marton Anka (CTO, LogMeIn)