

Please check out my startup Hybir before our public launch (Site) - viper
http://www.hybir.com

======
tsally
It seems a little underhanded, but try and populate your forums with a decent
number of posts before you launch. Either that, or don't launch your forums
until you have a decent number of users. An empty forum has a pretty
significant impact on someone who is casually looking at your site. Whether
that reaction is justified or not, you still have to recognize it. You might
consider a mailing list as a temporary alternative.

Also, I'm not sure how essential the user's email is to the sign up process,
but if you can take that part out, I would go ahead and do it. That will
encourage people to register, and you can give them an incentive to add their
email later. For example, on the admin page you could tell them to enter in
their email in order to receive notifications about the status of their
backup, etc. That's mostly just a personal thing for me. It's not like your
breaking any rules by using an email in the sign up process. In fact, it's
nice not to have to deal with remembering a user name.

More advice: when you launch send a press kit complete with a company summery,
personal bio, relevant media (images, video, etc), and a free registration key
to all the popular tech blogs. People are inherently lazy, and if you hand an
author all the tools needed to quickly write an article, plus a free premium
version of your product, it's likely you can generate some good press. It also
might be a good idea to include the press kit on your site for easy
downloading.

~~~
viper
Thanks! Very insightful advice.

You are correct on the email and in fact you can use any unused user name. I
should make that clear. It will save them a step.

I will prepare a press kit as you are suggesting.

Thanks again!

~~~
tsally
No problem. The email point is the one I am least comfortable about. I'm not
sure how the public in general feels about it. It may be that they like being
able to sign up without an email, or it may be that they find it annoying to
have to enter it later. My other points represent common knowledge and/or are
not too controversial. My email point is just based on personal feeling. :)

------
catfish
Yawn....

No Value Proposition. No Call to Action. No Immediate Offer.

No idea what you sell?

Online, Offline, Come hold my hand and teach me?

Do I have to be a nerd to use this?

Is there phone support.

How much does it cost.

How do you secure it so that I can be assured no one else can get it.

And I roll my eyes when I see hyper claims like

"Reinvents Backup"

You have 15 seconds. You lost me at 3....

And black makes me feel dead...

------
ajju
Change or Modify "Hybir Unbelievable" to add something descriptive like "Hybir
Features". When I don't see any obvious way to checkout a list of features I
bail out instantly.

Also why do Signup, Login, Unbelievable and Forums each have their own font?
Different colors, same font please.

~~~
viper
Thanks! I like that even better than my learn more thought.

I will fix the font issue too!

I love this community! I should post more often.

Again thanks for your help everyone.

------
viper
Sorry for the duplicate. I thought it was inconvenient to have to cut and
paste the link.

Fellow Hackers.

The product is Hybir Backup which is a full online backup service. It is
windows only for now.

The site has all of the relevant information.

Comments and Questions are encouraged.

If you would like a free trial use HACKERNEWS as the promotion code.

I have lots of exciting news I have been unable to share with community just
yet. But if you are where I was a year ago. I was told "NO" so many times I
thought it was my nick name. Just keep going it is well worth it.

Thanks,

Rasch (Hacking Founder)

------
jack7890
The homepage doesn't make it sufficiently clear what your site does.

~~~
tsally
It's not immediately obvious, but click the image that says that they reinvent
backup.

Direct link: <http://www.hybir.com/HybirBackup.html>

~~~
viper
Or the big Hybir Logo. Hmmm. It never occurred to me people might not click.
Maybe I should change Unbelievable to Learn More.

~~~
huhtenberg
That's a good idea. "Unbelievable" is a TV infomercial slang, not too
professional to put it mildly.

------
e1ven
I may be in your target market.

I am currently/always looking for better user backups for our employees. We
have tried multiple online solutions before (Carbonite, Mozy) and we've tried
multiple local backups (rsync to a central server, Maxtor Onetouch+, Acronis
Truebackup, etc)

Here are the questions I have when hitting your site. They're just my quick
overview thoughts, but they might be of help-

How much does it cost? Do you charge per user, or per GB?

"Every Hybir Backup is the equivalent of a Full Backup at the speed of an
incremental. " Do you do block level backups, or file level? Ie, is this akin
to Ghost, or more akin to rsync?

"Hybir Backup leverages all the data it has ever backed up for everyone. "

This makes it seem like you do a md5 on the file, and store by that, rather
than by the file itself. Do you preserve permissions, etc?

Also- What do you do if there is 1M of changes in a 100G file?

How do you handle updates to the client? Do they roll out automatically, or do
users need to download and install them?

Is it possible to have one master account have access to all sub accounts? I'd
rather not have them all have the same username+password, so that users can't
download eachother's files.. All the same, I don't want to have to keep a
spreadsheet with XXX passwords.

"Security a bank would envy" SSL security is great for it getting to you. I'm
not worried about that. What about isolation from other customers? Can we
encrypt our backups with a private key, so that you compare block-changes
against OUR files, but not against others in your datacenter?

"Full Backup" You're backing up the MBR, etc. Is there a way to restore this
if it's broken (a boot cd or similar?). If not, what good is it? (Honest
question.)

"We may use your PII to contact you in connection with offers, responses to
your inquiries, information on new services and features, and in connection
with administering and offering our services."

I'd really like to see the privacy policy clarified with regards to the
difference between Personal Information (Our name, etc), and the data we
upload.

"The Software may be installed and used solely on one standalone, un-networked
desktop or laptop computer identified by Customer when subscribing to the
Services, and the Services may be used solely for such standalone computer."

This terms of use sounds like it's written for a commercial program, not a
service - We want to install on many computers, that's the point ;)

"3.3 Hybir retains the right, but not the obligation, to retain copies of
obsolete or deleted files, subject solely to its obligations of
confidentiality hereunder."

This makes me nervous, FWIW.

Overall, it looks like a good product, in a very, very crowded market.

~~~
viper
Cost is per user. $5/Month for the standard plan

It is mixed we backup the MBR in raw blocks. We back up files in Blocks or as
a whole depending on the likely hood the file will be changed and the size of
the file.

Yes we preserve permissions and ACLs for files.

What do we do if there are 1M changes in 100GB? It depends on where the
changes are. We take a snapshot and any changes will be picked up in blocks of
various sizes and only those changes are unloaded. So if most of the changes
happened in 5GB then only 5GB would be uploaded. If they are spread out across
the 100GB the whole 100GB could have to be uploaded.

We perform automatic updates. This is an option you can choose to opt out of.

Each user currently is its own account. We may offer group account management
in the future.

We currently do not offer private key encryption. It offers no additional
protection. Here it is from the website to save some typing "Private Key
Encryption is a good way to protect sensitive data. In online Backup solutions
not so much. There are many secure private key encryption programs some of
which are open source and some that are free or both. What is wrong with
Private key encryption in online backup solutions? When it is built in to
online backup it defeats the purpose. You are giving the key to those
intrusted (the online Backup provider) with encrypting and storing your data.
This gives the uninformed a false sense of security. This is analogous to
using a safe in your hotel room. You choose the combination (The password) and
write it down on the safe for the cleaning staff (The backup program) to
gather your valuables and place in the safe. They lock it and promise they
haven't looked at the password. Most of us would never think of using a safe
in a hotel room with that arangement. If you have ultra sensitive information
on your PC we recommend that you use a third party application. If you have
data that would cause you significant pain if it fell into the wrong hands,
you should be encrypting it because unfortunately your PC could get stolen."

The technology does not do block compares. The only access to your data is
through your account.

Yes, although it is not available for download yet. There is a windows pre-
installation environment iso that you can use to restore or repair a disk.

Great catches on the privacy policy and terms. Those are definitely off from
what I want in those documents. I will have those revised.

Thanks for the detailed post!

Rasch

------
noamsml
You just published your startup on a popular tech news site.

This _is_ your public launch.

~~~
viper
Thanks! I figured I'd do a press release later everyone would ignore.

~~~
mahmud
Press releases of your own baby creations are more than welcome. What is not
welcome is press releases to other people's products and services with your
affiliate/referral ID neatly tucked in the submitted URL :-)

------
rg
The site says "We currently do not offer private key encryption," and adds
"You are giving the key to those intrusted (the online Backup provider) with
encrypting and storing your data."

But it isn't true that online backup requires giving the key to the backup
provider.

There are two main security models: (1) All data is encrypted on the user's
machine with a password known ONLY to the user that never leaves the user's
machine, and the encrypted data is transmitted and written to backup exactly
that way; on restores, the encrypted data is returned and then decrypted on
the user's machine (Connected Online Backup from Iron Mountain and some ways
of using JungleDisk work this way). Or (2) the data is transmitted securely,
decrypted at the backup server, encrypted there with a key known to the backup
service and saved; on restores, the data is decrypted at the backup server
using the service's key, then returned securely to the user's machine (most
other online backup services work this way).

The second model is, as you say, insecure--which is why it is a big
competitive disadvantage.

The first model can be smart, of course, and employ the user's private
encryption key which never leaves the client PC only for personal files, and
use some other method on Windows system files, commercial application
executables, and other files which are duplicated on millions of machines
(identified on the client before encryption).

FWIW, Connected Online Backup does both incremental backups by changed file
blocks and also does identification of files it already has seen and so
doesn't need to send again (at all), while keeping the encryption key only on
the client PC. You're right about the current price--Connected wants $995/yr
for 50GB. Obviously that price level can't last much longer.

~~~
viper
Do you know it doesn't leave the users machine? (I'm not asking that to be
smart or anything.) My point is that you are trusting the backup providers
that it doesn't.

My main point is that you are trying to protect your data from the backup
providers or their sloppy security. You aren't trusting them on one hand yet
trusting them on the other that they don't store or save the key on their
servers.

One popular online backup product can recover the key if you use their
generated key. Which of course means they store it on their servers.

Honestly implementing private key encryption is trivial. My hesitation is that
it only adds a level of security if the backup providers are trustworthy. The
lack of trust of the backup providers is kind of why it is there.

Here is the scenario I envisioned that made me question it. Let's say client X
performs backups of their computer using service Y. Service Y provides private
key encryption. Client X types in his secret phrase and thinks that his/her
data is secure. Service Y must either require the secret phrase to be typed in
each time the software is run or must store the key locally. They store it
locally. Someone comes with a court order demanding every reasonable effort to
release the data to the court. Service Y may WANT to comply to catch bad guy
client X. Or they may just not want to be held in contempt of court and get
fined etc. Can they reasonably recover the key? My answer is yes service Y can
reasonably recover the key. I don't believe the answer is yes if it is
encrypted with a third party tool.

There are of course holes in the above scenario. You might need to
automatically update the software to upload the key for that user etc. Perhaps
they don't do automatic updates. They could also require an update just for
that users account to function. My main point again is you are back to
trusting the backup provider.

I found it highly ironic to be writing code to protect my potential customers
to gain their trust without disclosing the inherent holes in that process.

My hesitation to adding private key encryption was purely on the side of NOT
wanting to pretend that backup software with private key encryption protects
their data against all scenarios.

But having written this post and explaining it frequently. I think I probably
should just add it in.

Thanks,

Rasch

~~~
viper
One more thought on a very high level.

I thought, what would I want to be told if I was the customer?

1) The truth that there are holes in the process and here is a better solution
if you need it. or 2) That it is super secure unbreakable private key
encryption.

I chose "1". I'll still stick to the story line but I will implement it in the
next release.

~~~
rg
Well, FWIW, I backup my machine every night via both of Connected Online
Backup ($995/yr) and JungleDisk, (about $350 a year to Amazon) and I won't use
any of their competitors who can recover their own keys--so the story of
enhanced security sells me. (I do trust these vendors not to transmit my
password from their client applications to their servers, that's easy; I don't
trust them to secure my unencrypted data on lots of machines for decades,
that's much harder.)

~~~
CRASCH
Fair enough and more than enough justification for me to implement it.

BTW I really appreciate taking the time to share your point of view.

------
dan_sim
Your homepage is OK. The site is missing viewable screenshots of the
application. The page with all the features is too long to read. Too much
information that doesn't get to the point (ex : "how fast" have a text that
goes "it can take 3 minutes to backup 1 Go"). In short, I'll make it more
friendly for non-techies.

I like the design but the icons in the feature pages are odd-looking. The sub-
menu (overview, comparison, in action...) was invisible to me.

It looks really cool though and I hope you will change the world of backups,
we really need it...

~~~
viper
I will add screen casts and screen shots to the site. I will have to look into
the invisibility issue. The icons will definitely get redone once I have
someone decent to do them.

I can't really say anything yet. But you may be surprised where it is and how
many places it is in the next three to six months.

Thanks!

------
viper
For those of you paying attention. I posted this first under CRASCH and then
again accidentally under VIPER.

I created the VIPER account a while ago when I wanted to share my successes
with the community anonymously. The reason is that I really felt compelled to
encourage my fellow hackers. I never ended up posting those. I must have
written that post ten times though. I always ended up thinking it either felt
like bragging or was not believable with the facts to back it up. Facts I
still can't disclose because of NDAs.

Rasch

------
doodyhead
I think your homepage needs to say why "Hybir reinvents backup". Once I read
your features page, I was sold, but the homepage doesn't do enough to draw
people in. You need to mention at least one unique selling point. Maybe
something like: "Genuine full PC, zero configuration backup with unparalleled
performance". A screenshot on the home page would definitely help too.

Minor issue: from the forums, I can't find an obvious link back to your home
page.

------
Jan-Jaap
Under the header "Architecture of a Hybir Backup" you write: 'Giving you piece
of mind...'. Please change it to read 'peace of mind'.

Actually, re-reading the page, you might want to get someone to give the whole
page a once-over. There are quite a few improvements to make...

Apart from that, good luck!

~~~
xsmasher
Change "record obliterating speeds" to "record-obliterating speeds" on the
home page

~~~
viper
Thanks good catches!

I have some editing to do tonight!

------
dan_sim
You should say that it's windows only.

~~~
viper
I do in several places. Perhaps I should try make it more obvious.

------
viper
If anyone actually wants to try the service for free use the HACKERNEWS
promotion code.

~~~
ajju
Signed up ok. It seemed to have logged me in after signup - great. Then it
kicked me out. Now if I try to login it says invalid credentials. Pretty sure
I am using the right credentials. There's no apparent way to send a password
change request either.

~~~
viper
Good catch I'll add a password reset on the login page. You can do that
through the application but you haven't gotten there yet.

In the mean time can you create another account or email support@hybir.com
with your user_id and request a password reset?

Thanks,

Rasch

------
pt
While registration, it is not allowing '-' char in the email address. (I am
using yahoo address guard thing with disposable email addresses)

~~~
viper
Sorry,

Yes that is a limitation I will remove shortly. You can use any user name you
want. I didn't make that clear either.

I have lots of work to do thanks to all the good feedback from everyone thanks
again!

