TL;DR: We launched a new product that allows creating reliable, secure and scalable storage infrastructure: infinit.sh .
Over the last few months, we’ve been secretly working on a different, complementary product to what we built in the file transfer world. But back to the beginning.
About five years ago, Infinit was born out of Julien Quintard’s PhD thesis: Towards a worldwide storage infrastructure . Freshly out of his PhD, Julien co-founded the company that you know as Infinit. The team quickly took some elements of Julien’s PhD and built the file transfer application that many of you use daily.
The company’s vision however, had always been about revolutionizing the file storage industry. We therefore got back to work on our
file storage master plan.
Our approach to file storage has been to consider storage resources and providers as third-party components, potentially not under the administrator’s control. As such, Infinit considers storage local resources and cloud providers to be untrustworthy, making no assumption regarding their nature (hardware agnosticism), reliability or behavior .
This approach coupled to a peer-to-peer i.e decentralized model allows for the creation of fault-tolerant, scalable yet affordable and easily deployable storage infrastructure composed of the aggregation of various storage capacities. And because we believe that no one other than yourself should be in control of your own data, whatever some people tend to say , we decided that Infinit would be designed with privacy and fault tolerance at its heart.
While most solutions ( Dropbox , GlusterFS , OwnCloud etc.) store your files unprotected in the cloud or on a specific server, we took a diametrically opposed direction by relying heavily on encryption. Whenever a file is stored in Infinit, it is cut into chunks, every chunk is encrypted with a unique key (AES-256) and stored, providing both encryption at rest and in transit. Note that none of the data blocks composing your files ever end up on one of our servers. What you do with your data is your business!
Access control is another mechanism which differs from the common client/server model in which a specific server is requested to know if a client can access a file. In Infinit, there are no such super-privileged servers. Access control is handled through cryptography. Every user has a pair of RSA key (2048 bit or more). Whenever a file is modified, the modification is signed in order to ensure non-repudiation while a metadata-embedded access control mechanism is used to check the validity of future modifications against a list of authorized users.
The absence of such metadata and control servers allows for better scalability and resilience, removing any bottleneck and single point of failure .
With that in mind, rather than coldly choosing between the consumer or the enterprise world, we focused on building a series of tools for developers to set up and administer their own storage infrastructure. As a result, Infinit can act as a general-purpose platform for other applications to be built upon, for end-users to put their resources in common but also for enterprises to create complex storage infrastructure while remaining in control of their data.
If software is eating the world , developers are certainly shaping it! We therefore decided to embrace this philosophy, following other great companies and products before us.
The same thinking was applied when we decided whether Infinit would be a private storage solution or a worldwide network in the vein of the now-discontinued Wuala . In order to fit enterprise needs, Infinit had to provide a way to create controlled storage infrastructure. Nothing however prevents someone from using Infinit to create a global file system to which users all around the world contribute their unused storage capacity to create a massively distributed and secure Dropbox-like service, at a fraction of the cost.
For now, our platform requires a technical background i.e. being able to use command-line tools to manipulate Infinit file systems. Once an Infinit storage network created, the owner can invite his/her friends or colleagues. Because these people are likely to be less tech-savvy, we also offer a simplified desktop client for Mac, Windows and Linux that people can use to easily access their files like they do with Dropbox. And we decided to originally name it: Infinit Drive .
You may think that it all sounds nice but that without the source code being open, there is no way you can be sure the system is actually secure. And you would be right! Our goal is to open source all the file system code . Everyone in our team has been using open-source software since we started programming. We believe in the power of open source and feel that it is only natural to give back to the community and be as transparent as possible regarding our technology. We hope that by open-sourcing our code, more developers will join us and contribute to improve the core technology and build awesome tools on top of it.
We started with our build system that we open-sourced a few days ago. We will continue open-sourcing more libraries in the coming weeks. We want every open-sourced part to be as modular and clean as possible for the community to use it.