Backblaze restore for Personal Backup is awful
I just got a "Safety Freeze" error [1] - essentially some inconsistency with my backup. Backblaze will not tell me the actual cause of this inconsistency. It's possible that some data might be missing - Backblaze doesn't tell me though.
The only official solution is to manually check all files (millions in my case). I also can't download a full backup since Backblaze only allows downloads of up to 500GB at once. So my only option is to do a full hard drive restore, costing $189 + customs in Europe, so at the end probably closer to 300€. But even then I won't know if/which of my data was corrupted.
What bugs me is that the Backblaze desktop software should be able to resolve this - it should be possible to do a hash of all the files that are in the most recent backup, and cross-check it with the hashes of the files on my machine.
Not sure what I should do now.
Edit: This is the response from the Backblaze support:
> I apologize, but this [=manually checking all files] would in fact be the only sure fire way if you are concerned about any deleted files. There wouldn't be a way to compare hashes the way you describe in this case as that mechanism is simply not implemented into the Backblaze software. The Backblaze software is intended to prevent data loss. It would not be intended to be able to automatically cross reference local and server data against each other to display what is and is not backed up on our servers.
They can't be serious with this?
233 comments
[ 3.7 ms ] story [ 240 ms ] thread- Buy a new hard drive that's big enough to fit all my data
- Download all the data from Backblaze to the new drive (will probably take a few days/weeks)
- Write some tool that does the hashing/matching for me to see if anything's missing/corrupted (does something like this exist already?)
- Switch to a better service or just local backups
https://www.backblaze.com/restore.html
The problem is that this is very expensive if you're not in the US. I'd have to pay for customs + return shipping, which would add up to much more than the cost of a new drive.
It's not /quite/ the same, but thankfully even after Brexit I can export broken electronics from the UK to the EU for warranty repair—without being charged a fee when the repaired item is returned to me. (The manufacturer in the EU isn't charged a fee either, when they receive the broken item.)
As for returns shipping, maybe you can shop around, but yeah, it can be expensive.
I did follow up, but haven't gotten a response yet. Will update as I get it.
Edit: New update:
> I apologize, but this would in fact be the only sure fire way if you are concerned about any deleted files. There wouldn't be a way to compare hashes the way you describe in this case as that mechanism is simply not implemented into the Backblaze software. The Backblaze software is intended to prevent data loss. It would not be intended to be able to automatically cross reference local and server data against each other to display what is and is not backed up on our servers.
Would you mind posting the exact information you gave them, and their response - redacting sensitive information of course.
This was my message to them:
> Hi, I was safety frozen. How can I find out the cause? I haven't made any significant changes to my system lately. In the support document it says that I should check if any data is missing - I have a lot of data backed up in backblaze, how can I know for sure nothing is missing or corrupted? How should I proceed? I've checked with CrystalDiskInfo and it seems that all SMART data is fine. Computer behaves normally. I've attached bzlogs and bzreports folders, just in case they're important.
And this was their response:
> Unfortunately there is simply no way to confirm what caused a safety freeze from our end. We can only provide the most common causes in this case, however we wouldn't be able to pinpoint the exact cause. The only way to verify any missing/deleted data would be to access your View/Restore Files page and cross reference what is found on our servers and what is found locally on your system. There wouldn't be any direct or automatic method of checking what data is missing, if any.
Edit, New Update:
> I apologize, but this would in fact be the only sure fire way if you are concerned about any deleted files. There wouldn't be a way to compare hashes the way you describe in this case as that mechanism is simply not implemented into the Backblaze software. The Backblaze software is intended to prevent data loss. It would not be intended to be able to automatically cross reference local and server data against each other to display what is and is not backed up on our servers.
He asked me what would happen if he put millions of very small files in a directory, I explained about filesystems and that each file would take up a 4k sector and space in the file, and that the behavior of the shell is undefined if there are more than 10,000 files in a directory as defined by POSIX...
I'm pretty sure he tried it anyways :-)
I had a Mac which crashed and that had a whole bunch of files go missing. Backblaze didn't want to do backups with a huge subset of my disk files gone without having gotten notification messages from the file changes API that this stuff should be missing/was deleted. So they safety froze my machine.
It's cool that Backblaze notices this. But yes, the question of what to do next isn't clear. Does one just start a new backup? Does one scour the backup looking for anything that may be missing on your machine, now? Etc.
I'd love to know -- what do other HN users for this? The story author's point about backups only being backups once you've used them to restore really* rings true to me.
2. Sign up for the optional 'PackRat' service, or whatever they call it nowadays
3. xcopy c:\*.* d:\dropbox\backup /s /e /d
Somewhat tongue-in-cheek, but that's basically what I do, using the Windows equivalent of a cron job to refresh the backup once a day. Not on the whole c: drive, just on my development directory tree.
The ability to dig through older versions of all files has been incredibly valuable, given the large number of build targets and other assorted binaries that aren't under source control.
https://github.com/borgbackup/borg
https://rsync.net/products/attic.html
It's not as user friendly as something with a GUI but IMO anyone on HN should be able to get it working in about 30 mins.
1. https://torsion.org/borgmatic/
2. https://rsync.net/products/attic.html
One thing to notice about the super-affordable Borg plan is that it doesn't include free ZFS snapshots. My understanding is that you can have the SSH key used by the host to push its backup restricted to only Borg, and only append-only, within its repo... but if there's another way to access the ZFS (e.g., with an unrestricted SSH key), the Borg repo could be deleted. And then you might really want automatic ZFS snapshots as an additional layer of protection.
1. I have local zfs snapshots on my machine(s)
2. These get sent to my home NAS
3. They are then sent to a NAS I have at a friend's house
4. Then Borgmatic does it's thing to rsync.net
This covers my needs, I could upgrade to the full plan but if I need to be going to rsync.net shit has already hit the fan.
To clarify - it doesn't include free ZFS snapshots. You can configure and use them but we count them towards your quota.
If your data doesn't change much, they won't use up much space ...
Their Backup client is so buggy and unreliable that you're honestly better off just backing up locally, there's less chance of your backups ending up worthless that way.
Right now I'm using Arq Backup + S3 and have been happy.
Arq + Wasabi
The only thing I'm not happy about with Arq is that a "verify" downloads all the backup data to checksum it. That takes 3 or 4 days on my connection.
I thought I read that many cloud storage provider APIs provide a way to ask the server for a checksum of a stored blob. I'd have expected Arq to make use of that, but maybe it is not reliable (the server might just report what the checksum is supposed to be, not actually read the data and checksum it?).
Arq documents their storage format. I wonder if it would be possible to use a VM on Azure to access my OneDrive storage and do the checksumming on the VM?
HashBackup (I'm the author) has a lot of ways to verify backups. For B2 uploads, it generates a SHA1 hash before sending the data, stores that in a local database, sends the data with the hash, B2 generates an independent hash of the data, and compares it to the one HB sent. If there is a mismatch, an upload error occurs and the upload is retried.
On download, B2 sends the data and SHA1 hash (I'm assuming it verifies the hash during erasure reconstruction also), HB generates a SHA1 hash for the received data, verifies it against the SHA1 B2 sent, and verifies it against the SHA1 stored when the file was uploaded.
After the upload, files can be verified by:
- downloading the complete file as above, then verifying every block in the file - getting the file size and SHA1 hash from B2 and verifying those against the local database (no data download) - downloading N random samples from each file and verifying the block-level SHA1 for each sample - downloading a small percentage of the files every day to verify the backup over time (this can be done with whole files or random samples)
If a problem is detected and you have other copies of the backup on another storage service or locally, HashBackup's selftest will fetch all copies of a file to reconstruct the original backup data to correct any errors, then upload the corrected file to all destinations.
I see from this Reddit thread [1] that it was removed for storage locations that don't need it a few months ago, saying
> Back Up and Validate is a waste of time and money for any storage location that provides checksums. That's why we removed it. It only causes pain and cost.
My last "back up and validate" to OneDrive was a couple months before you removed it, so it looks like I was just hitting the "waste of time and money" case that prompted its removal.
From the Reddit thread, it looks like the way to do a check that everything is OK on both ends when using a storage provider that provides checksums is to clear the cache and to modify the backup plan (just editing it and saving is sufficient), and then do a backup. The cleared cache makes it get the checksums for everything in the backup and the modified backup plan makes it rescan everything locally. Is that correct?
[1] https://www.reddit.com/r/Arqbackup/comments/n87vuw/missing_b...
i do a full-full-everyfile backup on occasion to a NAS.
Instead of using BB, get a Synology/Qnap/FreeNAS box to backup all your stuff locally, and back that up to another service (e.g. Glacier or Synology's own C2).
B2/S3 is what most people want.
Can you elaborate on this part?
But these days you can store objects in an S3 bucket and specify the storage class as "GLACIER" for "S3 Glacier Flexible Retrieval" (or "GLACIER_IR" for S3 Glacier Immediate Retrieval or "DEEP_ARCHIVE" for S3 Glacier Deep Archive). You can use the regular S3 APIs. We haven't seen any rate limiting on this approach.
The only difference from the "online" storage classes like STANDARD, STANDARD_IA, etc is that downloading an object with GLACIER/GLACIER_IR/DEEP_ARCHIVE storage class requires first making it downloadable by calling the S3 "restore" API on it, and then waiting until it's downloadable (1-5 minutes for GLACIER_IR, 3-5 hours for GLACIER, and 5-12 hours for DEEP_ARCHIVE).
Then I realized that S3 Glacier and Deep Archive were even less expensive than B2. I took a bit further of a look and found that Glacier/DA files have some fairly chonky metadata that must be stored in normal S3, and for a lot of our images the metadata was larger than the image in question. So Glacier/DA would increase our storage costs. Over all it probably wasn't a money-saving situation.
The ideal use case is to bundle those up into a tar file or something and store those large files, and manage the metadata and indexing/access ourselves.
So, using rclone to copy 11TB of data to B2.
Particularly given you never address the commenter's point, which is that your pricing is pretty expensive?
"Price high, low volume" is certainly a valid pricing strategy, but you have no right to be snarky when people say you're priced high.
The fact that people are consistently describing you as overpried means your marketing really isn't showing the corresponding value to them.
It takes about 2 days to make a full backup, and I can fit incrementals for the next 5 days on the batch-of-7. Then I switch to the second magazine, and do the same thing. I actually have 3 magazines, one of which I swap in and out every week, and during the before-times, I'd take that off-site to work.
I have ~30 years of data, from back when I was in college and writing CD-ROMs for backup, all on the one system. Admittedly, the major space-taking thing is the Plex library, but I wouldn't want to lose that either. It takes about 5 minutes to walk into the garage (where the server-rack is), swap magazines and I'm done - the rest is automatic.
I have vague ideas for writing a more-efficient tar designed for this specific type of setup (big disk with attached tape). The best way to do it I think is to have multiple threads reading and bzip2-compressing data, piping blobs through to a singleton tape-writer thread. Every now and then (50GB, 500GB, 1TB ?) close the device and reopen the non-rewindable device to get a record-marker on the tape, and then store the tape/record-marker/byte-offset etc. into a SQLite database on the disk. That way I'd get:
- High levels of compression without making the tape head wait for the data, which ruins the tape head. Multiple threads pooling highly-compressed data into a "record"
- fast lookup of what is where, I'm thinking a SQL LIKE query syntax for search, against the disk-based DB. No more waiting for the record to page in from the end of the tape.
- fast find on-tape, since you'd know to just do the equivalent of 'mt fsf N' before you actually have to start reading data
Right now, tar is good enough. One of these days when I get time, I'll write 'bar' (Backup And Restore :)
I need a solution for backing up the stored states for my 100 trillion digit PI calculation efforts.
O_O
It's not noisy when writing to tape, but the mechanism is noisy when a tape is being loaded, the magazine is being shuffled to get the right tape, etc. It's the mechanical parts rather than the tape drive itself that's too loud, especially with Webex conferencing being a part of the day now.
So I have it set up in the garage, in the server-rack. I was worried about temperatures in the Summer, so I bought a 100W solar panel, an attic fan, and linked them up, positioning the fan above the rack. That fan shifts so much air that the in-rack fans (with temperature monitoring) didn't get above 85 all summer, which is pretty amazing for the Bay Area. The tape deck seems to be fine in that sort of temperature, and yes I do do the occasional 'tar tvf' to check the data is readable :)
I got an HP IP KVM switch a while ago. When it's on, it makes as much noise as a bunch of servers or a blade center. Got some fans for retrofit...
[1] https://www.backupworks.com/quantum-superloader-3-LTO.aspx
I use a RAID 1 to handle drive failure and also keep local backups on a NAS. BB is my third layer of backup. I've never run into issues with BB backups so I'm happy for what I get for the price.
The question this thread seems to be raising is... do you? Do you really? Are you sure?
I have a ZFS based NAS. And periodically do a incremental backup (zfs send) of the entire dataset, encrypt it gpg and pipe it straight up to S3 deep archive. Works like a charm.
The catch with S3 deep archive is if you want to get the data back... It's reliable, but you will pay quite a bit more. So as a last resort backup, it's perfect.
I've only verified with a smaller test dataset to validate the workflow on s3 deep archive (retrieval is $0.02/GB). I've done full backup/restore with the zfs send/gpg/recv workflow successfully (to a non aws s3 destination), and used s3 for quite a long time for work and personal without issue, so personally I have high confidence in the entire workflow.
Does it do incremental backup transfer to Glacier or does it have to transfer the entire encrypted blob every time?
I have a path/naming scheme for the .zfs.gpg files on s3 which include the snapshot from/to names. This allows to determine what the latest backed up snapshot name is (so the next one can be incremental against that). And also use when backing up, since the order or restore matters.
Currently I use it to back up my lossless music collection and nothing else.
Backblaze B2 was on the table too, however I think my asymetric internet connection is my biggest issue right now. Only 40-50Mbps upload won't do much for backing up multiple TBs of data. May need to consider pre-seeding drive option if I can justify the cost.
Other solution was a separate, lower spec Synology I can pre-seed and send to a friend's house who has a homelab.
I'm not a big fan of backing-up a back-up and opted for a Time Machine backup to a local nas and in parallel, an off-site backup to B2 with Arq on my macs.
Why does the integrity of the backup rely on files stored on the computer being backed up? This seems so stupid that I'm sure I'm missing a clue.
But I can't do that without knowing which files are missing.
Reading the explanation in the reddit thread, that's not the impression I got at all.
1. If your computer exploded, your backup integrity would not be compromised
2. If gremlins in your computer did mess with the file, your backups could be compromised. That sounds bad, until you realize that gremlins in your computer could also compromise the executable to do other things that could compromise the backup, (eg. telling the server to delete existing backup data because the retention period has passed or whatever, or simply uploading bad data and waiting for the retention period of 30 days to pass). Moral of the story: if the computer doing the backup can't be trusted to operate correctly, all bets are off.
lol
He doesn't understand the fundamentals of the problem he's solving, and is actively writing code that basically puts tools down and starts shouting "EVERYONE STOP!" in response to expected scenarios.
Most filesystems provide no guarantees at all by default on writes. NTFS journals metadata writes, but not data writes. Append-only files are absolutely expected to be truncated. The application must deal with this either by being insensitive to rollback, or by explicitly requesting a write cache flush! This is very well known to anyone that has ever written any kind of write-ahead-log, database engine, etc... There's a bazillion articles about how this is intended behaviour and no amount of screaming and shouting will make it go away. Learn the storage API guarantees, or STOP writing code that has critical dependencies on storage!
This quote especially seemed childish and immature to me:
> "And this one makes me actively angry, because both Microsoft and Apple will happily throw away portions of your files and not tell you about it"
No, this is NOT Microsoft's or Apple's fault. It is 100% HIS fault for not understanding what's going on. Even if a file flush is correctly requested, consumer HDD and SSD drives are well known to ignore this and keep things in volatile RAM cache to boost their IOPS numbers at the expense of durability. Only "enterprise" drives honour this API properly, and even then there are corner-cases around things like 512/4K sectors and torn writes. Similarly, consumer drives don't have power protection, so partial sector writes are entirely possible and should be expected if they lose power mid-write, or just crash at an inopportune time.
To be more constructive: The correct thing to do is that a log writer must always end log writes with a checksum of some sort. If the log is truncated (for any reason!), then it must recover starting from the last-known-good checksum. Throwing your hands up and saying "NO MORE BACKUPS FOR YOU! EVER!" is not the right response. Retrying backups from the last-known-good point automatically is the correct response.
PS: Some of his other rants are also a lack of understanding of thread safety and/or the lack of ECC RAM in consumer-grade PCs causing random misbehaviour. Heck, you'd also have to deal with bad sectors, corrupt filesystems, and a bunch of other corner cases that just makes this guy scream and shout instead of writing robust code...
PPS: I just realised that the reddit post is by 'CTO and Founder of Backblaze'. Wow. Note to self, do not use Blackbaze for anything, ever. If the CTO is this clueless, then their products can't be trusted.
I'd be more interested in the skill of the developers themselves than the CTO.
Even if you could guarantee some things, refusing to run backups or restores in the face of rollback is just Wrong with a capital W.
Yup, therefore:
| you will always need to be able to figure out the state/diff from scratch.
So if you evaluate a backup system, this needs to be the first thing to check. "what if I backup and accidentally lose my log/summary/sync-state ?"
> This quote especially seemed childish and immature to me:
>
> > "And this one makes me actively angry, because both Microsoft and Apple will happily throw away portions of your files and not tell you about it"
>
> No, this is NOT Microsoft's or Apple's fault. It is 100% HIS fault for not understanding what's going on. Even if a file flush is correctly requested
Several times you seem to jump to the assumption that I don't understand fsync and disk flushing and that is the core issue. You aren't understanding what I'm criticizing. Here is an example of what bothers me:
You take a picture at your wedding, and you store it on your hard drive. You like the photo, it means a lot to you, and you use it as the background for your desktop FOR FIVE YEARS. You have rebooted hundreds of times, and it's always the background for your desktop. Then one day 5 years after your wedding, you reboot your laptop, and it seems to take a little longer to boot, and then after you sign into the laptop half the image you use for your desktop background is scrambled. The middle of it looks like dirty snow. You didn't get any reports of any issues from the OS manufacturer, but now one of your photos is corrupted.
This isn't because the software that wrote the photo 5 years earlier forgot to flush the picture to disk. It just isn't. Behind the scenes, as your laptop was booting from an aging drive, it probably encountered some issue, and it went about fixing the problem as best it could - which I have no problem with. My issue is the drive lost some data, and if the OS manufacturer would let you know this occurred you could take useful actions like order a new drive, prepare a restore from a few weeks ago before that issue occurred, etc.
> No, this is NOT Microsoft's or Apple's fault.
It isn't their fault that the drive is going bad, I agree. Drives go bad, that's why we have backups. My issue is the OS manufacturer try to cover up too much, keep too much hidden from the user, and didn't let the user know data loss has occurred (or might have occurred). And yes, I hold them accountable for not telling customers what is going on. It isn't anybody's "fault" that it occurred, but there is a responsibility to let customers know about it so the customer can take appropriate actions so they don't lose data (or more data).
I try to write incredibly paranoid software. Part of the reason is that is the "average" environment the Backblaze client runs in is more unstable than what most software developers are used to. The whole point of backups is to run when the computer is going sideways, it has bad RAM, it's losing disk sectors, or a customer's cat likes sleeping on the keyboard because it's warm, and the fans are clogged with cat fur. And because the family has teenage children that don't know about computer security problems, they download and install unstable junk from all over the internet because why not? That's the environment my software runs in, and I take my job of trying to protect my customer's data very seriously.
My own experience with Backblaze personal backup was negative because I had so many directories and files that it took them longer than they anticipated to prepare a recovery drive, but I know that I don't have a typical use case and I recommend it without reservation to people who want that kind of whole computer backup.
It seems to me that service that can't deal with the bug I'm actually having is awful, whether that bug is rare or common. As an individual user, I care about my experience, not the statistical aggregate of user experiences. (Generalised 'I' here—this is not my bug.)
Also, the official solution (checking all backed up files manually) is genuinely awful, even if this were actually a rare bug.
Ordering a drive from them is very expensive if you're not in the US like me.
There are some funny stories about Backblaze personally delivering an emergency drive to someone in a remote part of the world, but they don't help the median user.
It is a poor backup for personal work because the terms and conditions are for B2B.
The terms and conditions are suited for contractual obligations under due diligence. They allow a business to avoid negligence claims when something goes wrong in a third party contract.
The service is not designed around the sentimental value of baby's first steps. Stop paying for storage and it goes from viewable on everyone's iPad to gone.
Personal work should be backed up on physical media. Multiple copies in multiple locations. If there's a copy in the cloud, that's convenient. But it is not durable.
Good luck.
Disks in your friend's basement are more durable when not attached to a network and sitting in a Pelican case instead.
One of the things a personal backup might want to survive is a long period of incapacitation and or neglect or higher priorities. The cloud, because it takes a dependency on credit cards, doesn't do that. A spinning hard disk in a box tends to and if it doesn't spin up there is still the physical media from which the data can be recovered.
S3, etc. are suitable for business records. You can insure against their loss. If you don't have money to pay the bill you're probably not really going to need a backup much longer. etc.
To put it another way, there is a decades long track record of success with physical media. There is about a decade and a half of total experience with the cloud.
But for the sample size of me, I feel like I am far more likely to keep paying for cheap cloud storage for 10 years than I am to adequately maintain and test an offsite backup myself.
And to be clear, this is secondary backup, on top of my primary, onsite physical backup.
[0] https://rclone.org/commands/rclone_check/
Needless to say it doesn't instill confidence in the quality of software engineering that I rely on for disaster recovery.
Or are you saying your heuristic for determining the underlying engineering quality changes its output based on 1 bit flip? Identical executables is awful engineering, but a few bytes different (out of 90MB) is great engineering?
Really? You genuinely don't see why I would think a case with >99.99% identical executables might be relevant to a case with 100% identical executables?
With 100% identical executables, there does not appear to be a good reason to have multiple copies under any circumstance.
With anything < 100% identical, well, maybe there’s a good reason to have multiples. Who knows? Id probably give someone the benefit of the doubt and figure there was some engineering challenge that made it faster/easier to do it that way.
So yes, 100% identical is completely different than almost 100% identical.
They're completely (!) different? And you're saying this despite the fact that the comment I replied to was discussing cases where one could "just execute one binary n times (with different argv[0] if they'd like)"... which is something you can do with different executables just as well as with identical ones? It's not just a little different but completely different? So different that not only you don't see any similarity, but you also cannot fathom why I might think there's some similarity?!
If they're 99% the same, it's generously easy to assume that there's a material difference. That assumption is completely nonsensical if they're 100% identical.
So no, for the sake of every bit of context in this conversation, it does not make sense that you'd bring up an unrelated scenario of "similar" binaries.
Context is important. For example, chimpanzee DNA is 99% identical to human DNA. Without context you could make the argument, “They are almost identical!” and be correct. But in the context of discussing the ability to fly to the moon and return safely, the two genomes are completely different.
But with computer code, you very much can (for example) easily replace all the executables with a combined one that gets hardlinked with different names, such that they behave differently depending on argv[0]. They don't even need to be 100% identical for us to be able to do this; it works just as well with 1% identical code—you just end up with bigger combined binaries. This is the Busybox approach (notice it combines executables that have hardly anything in common), and it's in fact exactly what Clang already sometimes does (like on MSYS2); one would think they could take the same approach here. This is also precisely the context of the comment I replied to was saying, right? This is the context I was replying to. It's so confusing to me that you claim I'm missing context when I was in fact addressing the context I saw directly—and it was the other comments that were not.
You can instead configure LLVM’s build system to build a single dynamic library and have the tools link to it, and this eliminates all of the duplication. However, it apparently comes with a “substantial performance penalty” [1] due to the nature of dynamic linking. (This actually surprises me, and I wonder whether it’s only referring to the inability to do LTO, or whether even LTO-less static linking is faster. Aside from the startup time issue.)
A theoretical alternative would be to build all of the tools into a single executable, à la Busybox, where the combined executable would inspect argv[0] to figure out which tool’s code should be run. That way you could statically link the LLVM libraries without duplicating them in multiple executables. LLVM’s build system does not support this. I think it would be nice if it did, but it would be nontrivial to implement.
[1] https://llvm.org/docs/BuildingADistribution.html
I think the latter is also the case (though to a much lesser extent) on x64. One of the unfortunate features of x64 is it lacks direct 64-bit jumps, so every jump to an external library ends up being an indirect call. (In fact, with a potential memory load on top of that.) This was kind of surprising for me when I learned it too; it doesn't apply to x86.
A clean solution would be to have stub executables that link to a central libClang.dll/libLLVM.dll (-DCLANG_LINK_CLANG_DYLIB=ON), but this is not supported under Windows because a DLL can export at most 2^16 symbols. Some work would need to be invested to make process launching on Windows work differently than on other platforms, but then disk space is not that much of a problem.
(Also note that in this case you don't need symlinks per se, just identical binaries with hardlinks. Each executable could inspect argv[0] and figure out what it's invoked as, and behave accordingly.)
What I don't understand is why can't they just bundle everything into a single DLL, then make whatever stub executables they want just call the exported main() in that DLL. I think that might be what MSYS2's copy already does, though I haven't checked. That DLL wouldn't need to export anything else, just the main() function that each .exe stub would forward to. And it can handle everything else internally if it so desires.
Symlinks have been supported since Vista, though by default creating a symlink does indeed require Admin rights. Hardlinks can be created by anybody and are extensively used by Windows itself.
I'm not aware of even Windows 10 or Windows 11 being able to create Symlinks on FAT32 and exFAT, but I could be wrong? But it doesn't matter, the code as written is cross platform, it works on Apple Journaled File Systems, APFS, exFAT, etc. We then compile it for Macintosh, compile it for Windows, and compile it for Linux.
We can then spend extra time and carefully detect each filesystem and each platform and then make the optimization if we can. And this is a valid criticism that we have not done this yet. But no matter what we need this general code that will always work FIRST, what the links are is a space optimization to save valuable SSD space when it is possible.
This seems needlessly dismissive. I feel like they definitely know that you can execute the same binary multiple times.
>
> This seems needlessly dismissive. I feel like they definitely know that you can execute the same binary multiple times.
I'm the programmer at Backblaze that made the copies on purpose, I wrote some extra code to do this, and it's meant to help us debug certain things. Yes they are identical, the installer only ships with one copy of the executable, the installer then makes the copies on purpose. I get to explain this from time to time. :-)
In Windows when you want to know what is going on behind the scenes, you can bring up Task Manager and look at the different names of the different processes that are running. On the Macintosh this is called Activity Monitor, same sort of thing. The different names for the executables are for different "threads" which have different roles. Backblaze is multi-threaded to get higher performance.
The parent coordination process is called "bztransmit". But when doing the actual transmission it spawns the bztrans_thread01, bztrans_thread02, bztrans_thread03, etc.
So BEFORE I made multiple copies of the executables with different names, a customer would say "bztransmit is hung" or "bztransmit is using up too much memory". There was very little visibility into this. But now that I made multiple copies with different executable names, when the same customer says "bztrans_thread03 is hung". Or they say "bztransmit is using too much memory". We immediately have narrowed down what to look at.
Here is a screenshot showing what "Chrome" looks like to me in Windows, and how it compares to how Backblaze's bztransmit looks like to me in Windows: https://i.imgur.com/KOJHJ9Q.jpg In that screenshot, you can see there is the "main thread", and "worker threads". Meanwhile chrome is just one big list of processes all named the same thing (see the screenshot). I prefer the Backblaze system, but I understand it upsets some customers that prefer the chrome experience.
That's it. It's not some huge mystery.
One question asked here was do we know you can launch the same executable twice? Yes, and we do that. The bztrans_thread05 is launched for thread 05, thread 25, thread 45, thread 65, etc. It's THREAD_NUMBER mod 20. Here is what it looks like to hit 500 Mbits/sec upload speeds, this isn't photoshopped, it's a real screenshot on my development computer: https://i.imgur.com/hthLZvZ.gif
Another question is: why not use hard links or symbolic links? That's the only real optimization possible here, everything else was on purpose. The answer is not an excuse, it's just an explanation if you are curious. The software we develop at Backblaze is cross platform, so what we like to do is make the most general form first that will always work, then if customers complain or we want to refine it we special purpose code in per file system or per platform. The most general thing to do is make full copies. We could then go on to make links on the Mac WHEN POSSIBLE and the equivalent on Windows WHEN POSSIBLE, but it never became a large priority. The reason I can't use one technology is we support several file systems, and not all of them are the same or support the same technology for links.
Every feature we have is the result of prioritizing it over working on other things. Until recently, we did not have a lot of funding or an infinite supply of programmers, so we had to choose what order to implement each feature in. I'm not saying we got all the priorities correct, or that we did things in the correct order. I don't really even think there is one correct order. For example, some individual home user customers prefer saving 180 MBytes of their valuabl...
Consider also that having multiple distinct binaries interferes with (dis)allowing Backblaze to reach the internet with process-based firewalls like Little Snitch, because each copy needs to be configured separately.
Some tools, like Docker, have a function for collecting relevant diagnostics. Perhaps it would be useful to you to migrate towards a solution like that rather than asking the user to identify a misbehaving process on their own.
Thanks, that was super exiting for us. After 14 years, I claim (and this is controversial) that we're no longer a startup and now we're just a mid-sized publicly traded company. :-)
> process-based firewalls like Little Snitch, because each copy needs to be configured separately
Yeah, that was actually a surprise and unfortunate. What the Mac architect (one of my business partners) and I think is that now that it is nice and stable, we might go down to 1 or 2 bztrans_thread executables, and one bztransmit. That seems like a better tradeoff where we waste much MUCH less disk space, and it is only 3 executables to allowlist in Little Snitch, and it achieves basically what we want now that it's stable and working well.
Originally there were 10 threads MAXIMUM, and we made 10 copies. And each copy was linking with shared libaries so it was only 10 MBytes of disk space which nobody noticed. Then Windows lost their friggin' minds with one of their releases and forced us to link statically which bloated it way up to 5 or 10 MBytes per executable. Then we went to 20 threads maximum and the whole thing was silly. When we went to 100 threads maximum we said "enough" and went to mod 20 for re-using executable names.
By the way, ALL OF THIS could be avoided if Microsoft and Apple provided an API to set the name displayed in Task Manager/Activity Monitor. Maybe that's a security issue, I don't know. But frankly wouldn't it be SUPER TOTALLY USEFUL if chrome displayed the current web page loaded in the process name of each and every chrome process? Then you would know which one to kill when something goes sideways.
The problem is process lists should be showing the true state of the computer. It wouldn't be a good idea to hide the actual executable name. But it sounds like it could be useful to add another column for "label", so that threads could set a label and offer more insight on the process list.
Yeah, that would work really well. When you look at the "services" control panel in Windows, there are two columns. One column is "Name" of the service, and another column is a longer explanation with the column header "Description". I put a small description in there for bzserv (our service) plus a URL to our company website. I think this is just being polite, customers who don't recognize what "bzserv" is can immediate find more information on it.
Use anything else, but not backblaze.
[0]https://m.xkcd.com/937/
It supports hardware encryption and the backup process is pretty much "tar cvf /dev/st0 /some/files". Downside is you don't actually save money doing this, because the drive costs ~$800. Upside is you're not relying on anybody else for worst-case scenario recovery of your important data.
The actual read/write speed are about as fast as HDD, but if you're compressing it's easy to get blocked on CPU and get a fraction of that.
Mine supports hardware encryption with AES, newer ones have hardware compression and better read/write/storage per tape.
Actually, Backblaze already supports shipping an HDD, so if they supported shipping cheap tapes they might be usable for archival backups too.
I have 26 terabytes on my NAS, so with 2 copies I'd probably use $800 in HDDs? I could swap to a new 10TB HDD every few hours just like a tape, attach group labels just like a tape, it'd have similar speed, and I'd probably write new images to the same HDDs every so often.
The word "just" sounds like you think it's less work, but it sounds the same to me. FWIW, I did roll from HDD to HDD for years, so I'm familiar with the concept.
Put them in safety deposit boxes at the bank, give copies to a friend, bury them in your backyard, and - yes - store a set or two in the closet.
Because they're encrypted, there is the issue of the encryption key needing to be managed. But that's the only issue.
[1] https://news.ycombinator.com/item?id=29535055
> Mine supports hardware encryption with AES
Can you get the bytes off the tapes without that particular drive (or that particular model of drives)? I prefer software RAID over hardware RAID because I don't want to have to keep a replacement card around.
https://www.backblaze.com/blog/system-maintenance-update-log...
Though reading some of the "backup got frozen, compare everything by hand" stories from here, I'm starting to wonder if maybe I shouldn't put my data somewhere else. Problem is, I've yet to find another "fire and forget" type of wolution for windows that works anywhere near as well.
They don't seem to recognize why backups silently failing is a very bad thing.
I stopped using Backblaze after that revelation.
I’ve also had issues with downloading my 2TB of data the Backblaze has. Takes about 3 or 4 days, if you’re successful. With retries and failures, wall time was about a week. And I have a 1G/1G internet connection. And doing the work to break it into 500GB chunks sucks.
I’d like to back up more of my files but I worry I would not be able to get it back.
> if you run into big trouble, you can go get the box back for a really fast restore
Backblaze provides this service for our customers! Customers can ask for an 8 TByte encrypted USB attached external hard drive to be prepared in the Backblaze datacenter with all their data beautifully restored on it, then we FedEx this anywhere in the world to them. This is a free service as long as the customer returns the USB drive to Backblaze in a reasonable amount of time (a couple months, and we can work with customers if they need longer). Or customers can pay $189 (which includes the drive, the data, and world wide shipping) and keep the 8 TByte USB drive.
You can read more about the USB hard drive restores here: https://www.backblaze.com/blog/usb-hard-drive-restore/ and why it is a free service here: https://help.backblaze.com/hc/en-us/articles/217665948-Resto...
What we often see is that if a customer's laptop is stolen or crashes, they sign into the Backblaze website to download the 3 or 4 individual files they were working on when the laptop was stolen. Let's say that is a term paper due the next day. That way they are back up and running IN SECONDS. Then the customer orders a free USB drive with 8 TBytes of their data which will show up in a few days. They can live without their wedding photos and their music for 3 days, but that term paper has to be handed in.