Mojado Mac Apps

Why I don’t trust Transporter Sync

UPDATE 4/28/2014:
After some time of explicitly blocking the shady IP, my Transporter Desktop client finally started talking only to my home IP for file transfer. While the incident still remains unexplained, the behavior of my “private secure cloud” is more to my expectations. Know what your computer is up to and install a network monitor like Little Snitch.

Currently, our Filmora9 license cannot be used between different operating systems. For example, if you purchased a Windows Filmora9 license, it can only show a paid plan on Windows. If you use a Windows Filmora9 license on a Mac, your account will show up as a free plan. Check if your license authorization was not refreshed due to network. Normally, when you download macOS Mojave (or any other macOS release) from MAS, some package files are downloaded to your computer, and then processed by MAS, to convert them into an executable “.app” file. You cannot install macOS directly from the raw package files. Translate Mojado. See 7 authoritative translations of Mojado in English with example sentences, phrases and audio pronunciations.

Mac Power Users is a pretty cool podcast that I listen to weekly. I subscribed to this podcast because from the first show that I listened to several months ago, I’ve found that their sponsors aren’t mentioned just for the sake of sell-out ads, but actually provide highly useful and fascinating products. One of the things I kept hearing about was the “secure private cloud storage” called Transporter. It’s made by the same founders of Drobo, and is touted as a great home alternative to Dropbox-like services.

When MPU shared a 25% off discount code, that got me to finally get a Transporter Sync and try it out.

These are my findings.

The Transporter website makes no overt claim to encryption and security on it’s front pages. You have to dig before you can verify that they claim this. I looked in the support section to finally find any mention of encryption or secure communication with files and over the network:

What about privacy and security?

Mac
Many people have privacy concerns about the growth of cloud storage. In response to that, the Transporter team has developed the world’s first private global file sharing solution, and it’s all implemented using hard disks that you can control. The data that you place on your Transporter or share with others is 100 percent private between yourself and those with whom you share the data. No one else can see the data, not even us. The Transporter service just facilitates the sharing relationships; the actual file transfers occur as peer-to-peer transactions between Transporter devices.
Our web management interface makes it easy to set up, invite, and share with others. There are no restrictions on the file types. TheTransporter then automatically shares your data with the participants you invite.”
Specifically what encryption are you using?
We’ve implemented transport layer connections using industry-standard AES 256-bit encryption for communication among Transporter devices and their clients, which is the same technology that banks use. Unique private keys reside on the individual Transporter units, such that even Connected Data does not have access to them. Our Transporter Desktop apps and Transporter Downloader apps all use this encryption for items in transit. For communication with Connected Data web services, we use Secure Sockets Layer (SSL). ”
All the review sites bill this device as “private” and “secure”, so I assumed as much. But when my network monitor started telling me otherwise, I had to ask their Support about it.
Mojado Mac Apps

I had just uploaded several original-sized DSLR photos to my laptop Transporter folder to be synced to all computers. I was also not at home, so the files had to be sent over the public Internet. I assumed SSL and a direct connection to my Transporter via the reported Public IP was in play. I also hoped the encryption wasn’t over the transport layer only, but also was being encrypted by the client itself before being transmitted.

But what my network monitor found was that large upload traffic was going to 199.217.118.148, a hosting site.

AND, it was being transferred via port 80.

For those who don’t know, port 80 is typically used for unencrypted HTTP traffic. So were my files being uploaded unencrypted to some middleman site before landing in my Transporter at home? Sure looked like it.

Furthermore, many more gigabytes of upload happened than the actual size of the photos folder.
Granted, I’m not a network sleuth and I have sniffed the traffic to analyze the gigabytes of binary flowing through. The traffic could actually be fully AES-256 encrypted data going through a server of theirs and redirected to my home. I mean, the files did end up at home in my Transporter.

However the whole thing is very suspicious. My ticket to Support was escalated to “a higher tier of support”. They asked me standard support questions like serial and firmware info, and to generate system logs for upload. Then a day later they asked me to register my device with assurances that someone from this higher tier would contact me soon. Three days since the support ticket opened, and still no answer.

The questions are quite simple:

  • For a “private and secure”, peer-to-peer storage system, where are you uploading my files?
  • What are you uploading?
  • Is it encrypted? (How?)
  • Why are you using an unencrypted port?
  • Why is there an unmetered.com hosted site taking all the traffic?

I explicitly blocked that IP, and now when I’m not at home my Transporter Sync is listed as “Not Connected”.

Luckily I have not started using this for truly private files.

Support went back and forth some more, continually putting the ball back in my court with questions like, “When is the best time to call you?” They called me around 5 days later, missing the original call time they set with me, and I was told that the IP address is their central location for managing all my Transporter clients. (Why they couldn’t just put this in the support ticket, I don’t know.)

I told the support rep that I didn’t believe this because while not at home, all traffic only goes to this one IP address according to my network monitor. Why would a management/coordination server need to receive 9.7GB of data? There was no response to this, other than he mirroring back my own suggestion to try and sniff the traffic to verify what it was.

When I’m at home on my internal network, I see no connections to this IP, so that’s how I use the Transporter.

I do not trust Transporter use over the Internet.

Why I don’t trust Transporter Sync

UPDATE 4/28/2014:
After some time of explicitly blocking the shady IP, my Transporter Desktop client finally started talking only to my home IP for file transfer. While the incident still remains unexplained, the behavior of my “private secure cloud” is more to my expectations. Know what your computer is up to and install a network monitor like Little Snitch.

Mac Power Users is a pretty cool podcast that I listen to weekly. I subscribed to this podcast because from the first show that I listened to several months ago, I’ve found that their sponsors aren’t mentioned just for the sake of sell-out ads, but actually provide highly useful and fascinating products. One of the things I kept hearing about was the “secure private cloud storage” called Transporter. It’s made by the same founders of Drobo, and is touted as a great home alternative to Dropbox-like services.

When MPU shared a 25% off discount code, that got me to finally get a Transporter Sync and try it out.

These are my findings.

The Transporter website makes no overt claim to encryption and security on it’s front pages. You have to dig before you can verify that they claim this. I looked in the support section to finally find any mention of encryption or secure communication with files and over the network:

What about privacy and security?

Mojado Mac Apps
Many people have privacy concerns about the growth of cloud storage. In response to that, the Transporter team has developed the world’s first private global file sharing solution, and it’s all implemented using hard disks that you can control. The data that you place on your Transporter or share with others is 100 percent private between yourself and those with whom you share the data. No one else can see the data, not even us. The Transporter service just facilitates the sharing relationships; the actual file transfers occur as peer-to-peer transactions between Transporter devices.
Our web management interface makes it easy to set up, invite, and share with others. There are no restrictions on the file types. TheTransporter then automatically shares your data with the participants you invite.”
Specifically what encryption are you using?
We’ve implemented transport layer connections using industry-standard AES 256-bit encryption for communication among Transporter devices and their clients, which is the same technology that banks use. Unique private keys reside on the individual Transporter units, such that even Connected Data does not have access to them. Our Transporter Desktop apps and Transporter Downloader apps all use this encryption for items in transit. For communication with Connected Data web services, we use Secure Sockets Layer (SSL). ”
All the review sites bill this device as “private” and “secure”, so I assumed as much. But when my network monitor started telling me otherwise, I had to ask their Support about it.
Mojado

I had just uploaded several original-sized DSLR photos to my laptop Transporter folder to be synced to all computers. I was also not at home, so the files had to be sent over the public Internet. I assumed SSL and a direct connection to my Transporter via the reported Public IP was in play. I also hoped the encryption wasn’t over the transport layer only, but also was being encrypted by the client itself before being transmitted.

Mac

But what my network monitor found was that large upload traffic was going to 199.217.118.148, a hosting site.

Mojado Mac Apps Free

AND, it was being transferred via port 80.

For those who don’t know, port 80 is typically used for unencrypted HTTP traffic. So were my files being uploaded unencrypted to some middleman site before landing in my Transporter at home? Sure looked like it.

Furthermore, many more gigabytes of upload happened than the actual size of the photos folder.
Granted, I’m not a network sleuth and I have sniffed the traffic to analyze the gigabytes of binary flowing through. The traffic could actually be fully AES-256 encrypted data going through a server of theirs and redirected to my home. I mean, the files did end up at home in my Transporter.

However the whole thing is very suspicious. My ticket to Support was escalated to “a higher tier of support”. They asked me standard support questions like serial and firmware info, and to generate system logs for upload. Then a day later they asked me to register my device with assurances that someone from this higher tier would contact me soon. Three days since the support ticket opened, and still no answer.

The questions are quite simple:

Mojado Mac Apps 2019

  • For a “private and secure”, peer-to-peer storage system, where are you uploading my files?
  • What are you uploading?
  • Is it encrypted? (How?)
  • Why are you using an unencrypted port?
  • Why is there an unmetered.com hosted site taking all the traffic?

I explicitly blocked that IP, and now when I’m not at home my Transporter Sync is listed as “Not Connected”.

Luckily I have not started using this for truly private files.

Mojado Mac Apps List

Support went back and forth some more, continually putting the ball back in my court with questions like, “When is the best time to call you?” They called me around 5 days later, missing the original call time they set with me, and I was told that the IP address is their central location for managing all my Transporter clients. (Why they couldn’t just put this in the support ticket, I don’t know.)

I told the support rep that I didn’t believe this because while not at home, all traffic only goes to this one IP address according to my network monitor. Why would a management/coordination server need to receive 9.7GB of data? There was no response to this, other than he mirroring back my own suggestion to try and sniff the traffic to verify what it was.

When I’m at home on my internal network, I see no connections to this IP, so that’s how I use the Transporter.

Mojado Mac Apps Download

I do not trust Transporter use over the Internet.