Ask HN: How do you backup your Android?

139 points by Openai2 ↗ HN
How do you backup your Android?

226 comments

[ 1.6 ms ] story [ 225 ms ] thread
Android internal storage backup with Termux (and ssh daemon and rsync):

https://wiki.termux.com/wiki/Remote_Access

and apps I use the internal Google mechanism.

Restic also works pretty well through termux. I found it easier to setup with include & exclude lists than rsync.
Really interesting! Though what do you back up? Just files?
I use root and back up specific appdata and files to a remote backup. I tried backing up the-whole-damn-thing, but it is slow and pointless, hence the picking and choosing.
I just let Google handle it with the built in backup: https://support.google.com/googleone/answer/9149304?hl=en&co...
(comment deleted)
This never once worked for me with app data. I always have to set up apps from scratch.
What is app data? I guess maybe everything I use is already in the cloud anyway, so I never noticed that?
Whenever I switch android phones, I need to setup each app from scratch, unless is a google app.
What do you mean "set up"? Like when I get a new phone, my previous apps just reinstall themselves. I might have to log back in, but that only takes a sec with a password manager.

Does it not work like that for you?

I've only gone from Nexus to Pixel to Pixel though (all Google phones) so maybe that's why?

Configure all the apps as they were before.

Is like a new phone besides contacts/mails/photos, the rest (besides the pre-installation) is like I never used the apps on the phone.

From having to login to having to re-configure everything.

I just went from Pixel to Motorola and this has worked surprisingly well. Even for apps that I install manually.

That said, if I don't use the old phone to pull "the data" Google will not transfer more important things (Wi-Fis), settings etc.

By throwing it in a trash bin :)

Pretty reliable and you only need it once )

Iuse unison to sync to a private server and borg to backup most of /data to the same server via ssh, both from termux. I restore quite often, when reinstalling phones ( rDroid)
(comment deleted)
The only data I care about on the phone already gets backed up by Google and is then exported regularly via Google Takeout. I don't live on my phone so I tend not to generate much of any value on it other than random pictures of things.

Prior to Google automatically backing up everything, I used Titanium Backup.

> The only data I care about on the phone already gets backed up by Google and is then exported regularly via Google Takeout.

Are you using Google Authenticator?

If so, how do you backup your secrets?

It does do that similarly to Authy now doesn't it? I saw a thread here recently with people arguing it broke MFA to do so.
It has an export function that you can scan from an old phone. And I kept the setup keys in my keepass database.

On top of that now Google backs those up for you too.

I use a self-hosted Bitwarden instance for that kind of stuff and before that I used Aegis + Synchthing.
Google already automatically backs up secrets to your Google Account
What could possibly go wrong.
This is industry standard now. "Your security is very important for _us_". (and for the companies they work with, and for the 3 letter agencies they work with)
Plenty of TOTP apps that sync (including google)
aegis authenticator uses google's android backup system.
I didn't know about Google Takeout despite having searched for a way to get my photos out years ago. Blows me away.
The problem with Takeout is it removes the metadata from your photos. Google wants you locked in to Google Photos. Years ago they also removed the ability to sync with Google Drive, so the only way to get your photos out without losing metadata is to download them directly from photos.google.com, 50 at a time
AFAIK Takeout + Photos returns the original image file exactly as it originally existed, EXIF intact. Any additional metadata you have added manually is placed in a JSON file with the same name, adjacent to the image file.

It sounds like you want Photos to somehow merge that added metadata back into the image files, altering them. I'm quite confident that there would be an equal number of people complaining about changing their originals, if photos did that.

No, they remove all of it, date/time, camera, location, all of that is in the JSON. There are 3rd party tools to automate adding it back, but direct from Google all of your photos will not have any of the metadata
Based on my November 2020 Google takeout of 30 gigabytes of photos that I just spot sampled from my Synology, I can verify that the EXIF information on my photos from 2012 (jpg format) include the phone that I took the picture with, the aperture and shutter speed, the date and the time. I didn't do anything other than download the zip files and then extract them.
Beware when relying on Google Takeout for e-mail backup if you have old e-mails in other encodings than utf-8 : it permanently breaks some characters, which are replaced by 0xEFBFBD (that issue does not occur when doing backup with IMAP or GMVault)
Titanium backup requires root to do anything useful at this point, since apps can set a flag to allow backup of their data or not.
Just to note, it seems Titanium Backup is no longer maintained (last Play store update in 2019) and definitely does not work on more recent versions of Android.

I've found Swift Backup pretty much fills the same role at TB.

NeoBackup on FDroid is what I used before grapheneOS (where I'm not rooted)
I don't. Anything worth saving is not on my phone.
> I don't. Anything worth saving is not on my phone.

This is the way.

My device is rooted and I use NeoBackup to backup apps with all their data (including what the app developer marked as "should not be backed up", often data that they would like you to backup on their own cloud instead).

Syncthing synchronises these backups to my home server automatically, as well as the phone's user data (photos, mainly).

The photos are additionally sent to Photoprism.

I avoid Google's cloud as much as I can.

Would you trust a restore of those “do not back up” data you have a copy of? Or is this for inspection only?
I just restored my backups a few weeks ago when I bought a new phone. It doesn't work for all apps (I knew it, it's far from the first time I do that) but I am satisfied with the results.

It does help sometimes for retrieving some data manually by digging through the backup files (used it recently for retrieving all invoices from a service that were otherwise only available one by one through a painfully complicated process).

My use case would be to get my WhatsApp database…. Anyone knows if it restores properly?

(Useful even if not … WhatsApp search is abysmal, the db file is much more useful)

Not sure if it restores well because I don't use WhatsApp anymore, but I checked in an old backup and somewhere in the files there's an SQLite3 database "msgstore.db" with a "messages" tables that contains messages.
also use NeoBackup, and it works pretty well for the most part.
Since your phone is rooted, how do you manage banking apps and other things that don't like working on a rooted device? How much work is involved in getting those to work?
I don't use banking apps, but you usually can get around this with Magisk's DenyList.
For my part I use Magisk, and a specific module for one bank.

The French and Belgian identity apps (France Identité and itsme) don't work though. When I really need them (which is rare) I have to use an old phone that's not rooted.

I was positively surprised that the German passport app worked rooted without denylist.
I'm running LineageOS, rooted, with MicroG' Safetynet emulation (of sorts?). So a build signed with userdebug keys.

Some banking apps just work - two with warning on first launch, and one just doesn't care at all.

Two refuse to run and I have an old unrooted phone for them. Resulting in me being a good customer of those three banks that are not fussy.

So try and see, perhaps things just work!

My device is not rooted, but I use Syncthing as well. I mainly sync my photos and my TOTP tokens (Aegis). The rest I don't care about.

I used Nextcloud sync in the past, but found it unreliable.

> I used Nextcloud sync in the past, but found it unreliable.

What was wrong about nextcloud sync? I'm just about to set it up for myself.

The sync would stall and I'd have to go retry, or it would fail with no error clear message. In the end, I had no idea what had really synched correctly. The app was unhappy if I deleted a photo too quickly.

With Syncthing, I sync to a directory that my Nextcloud user can access (a read-only mount), so I can still easily share photos using Nextcloud, for example.

(although it's unfortunate that the Android syncthing app is being retired. h/t for the heads up and the recommended alternatives)

Synchthing on Android is End of life, alas https://forum.syncthing.net/t/discontinuing-syncthing-androi...
Yes, very sad.

Two alternatives exist:

1. Syncthing-Fork (https://github.com/Catfriend1/syncthing-android) - Works just like the official app. Install from F-Droid or GitHub. Single developer but active.

2. Syncthing in Termux - Run the actual Syncthing program in Termux. Takes more setup but uses the standard version.

The fork is easier to use, while Termux needs more setup but gives you the standard Syncthing experience.

Are there any issues or tricks for syncthing in termux, for e.g. always running in the background?
Termux persists for me via a silent notification—is that what you mean?
I have been using Syncthing fork since before the official app was discontinued, and can vouch for its quality. My favorite feature is that it allows conditional pausing of folders based on phone state, such as if the phone is charging or connected to WiFi. Just be warned that the version on Google Play was no longer updated last time I checked (Googles fault), so you're better downloading releases from the Github repo.
I did not know that.

Its a definitely problem for me.

> My device is rooted

A problem in and of itself: brittle when upgrading, won't work with you banking app, etc...

Just install a couple Magisk modules and your banking app should work fine. At least mine does.
Sorry for a dumb question, what are those
Magisk is a way to handle root on Android, it allows to insert system modules to change some things deep in Android. There used to be a feature called Magisk Hide that could make apps unable to detect you were rooted. Now you have to install other modules to circumvent safety net and other checks. It's an arms race : google changes the way it detects things, and modules developers update their circumvention techniques. Try to search "magisk hide 2024" and you should find more information
To add to the existing comment, the solution I use, and I think the most popular solution right now is called Play Integrity Fix: https://github.com/chiteroman/PlayIntegrityFix/

I haven't had to touch it in about a year, but some apps may try harder to keep people from having control of their own devices.

This makes me want to switch back more than ever.
Banking web apps usually, mostly work just fine. The one exception is depositing checks. It's pretty rare that I need to do that these days, though.
Play Integrity Fix.
It's true that it makes some things more complicated, but it's a trade-off that I'm willing to make for the convenience and security of hosting my own backups.
I'm not rooted anymore, but my banking app worked fine when I was. Only the health insurance app (TK) had issues
I backup photos onto external drives every few months when I remember too. Is there anything else to backup?
Contacts, SMS messages, that sort of thing. Some people are also really particular about all their settings and widgets and such.
I just can't imagine having to worry about this.

It is why I like a low end Samsung android. It is borderline disposable and I would never view it as more than temporary storage. Works until it breaks or I lose it then start over. In the meantime, if something is that important it mounts easy in linux and I copy over what I want to save.

Install adb then:

adb pull /sdcard/ /path/to/backup

Syncthing for files (music, photos, videos, noted), DAVx5 for contacts+calendar. Everything else is either a client app (email) or ephemeral (text messages).
I use Nextcloud to backup images or potentially other files. Other than that, there is nothing important to backup.
I use EasySSHFS to mount a backup directory my desktop, then NeoBackup to back up apps to it. Both require root.
I just plug in an external SSD formatted with exFAT via the USB-C port and manually copy folders (Documents, DCIM, Downloads, etc.) to it in the Files app.

After dismounting it in the Settings app (Advanced menu), I plug it into my computer and copy any files over I want to store there too (e.g., Pictures).

How do you deal with duplicates when you copy the files?
You don't. Google backup is partial and very limited compared to what apple does, plus privacy issues and you don't get access to app folder without root. (I know about adb but then you can't push the files back there).

So it's a shitshow as usual with Android, it all depends on the app. My weight lifting app it can backup on Google cloud. Great. My 2Fa on the other hand it only backup to the 'external' storage, need to transfer it to the computer then. Some app don't have backup option. Some app give backup option but then break when you restore it, like moon reader. Some books just disappeared from the backup.

And so on, and so on.

At the end I focus on photo, obsidian vault and 2fa. Everything else is just bonus if I backed it up.

Yeah Google's implementation here objectively sucks.

I should be able to toss my phone in a river, buy a new one and get it back exactly the way it is.

Syncthing handles the stuff which matters to me, but it can't get apps back exactly the way they were.

Last time I had an Apple device the only way to backup was plugging it into a desktop with iTunes.

How do you figure Google's backup (which backs up contacts, messages, photos, mail, and remembers which apps you have installed) is bad? What more could it do or should it do in your opinion? Also Google Authenticator now backs up to your account and you can recover it through a logged in browser.

> Last time I had an Apple device the only way to backup was plugging it into a desktop with iTunes.

Apple's supported full iCloud backups and over-the-air restore for at least 11 years, maybe 13 years.

Yeah, I would have figured. My actual question is how is Google's backup lacking?
It backs up... Photos, basically? With an iPhone you can take a complete image of the device, and never lose a file again. With Android, solid chance you'll never migrate to a new phone and not lose stuff. It's such a fucking shitty thing that doesn't need to be.
I've gone through like 5 Android phones back to back. Photos, documents, emails, installed apps, contacts... It's all seamless and works, literally just with Google's defaults.

What do you think you lose?

App data. Play store simply reinstalls the apps but they're in a clean state. Some apps supposedly back up and restore their data from Google cloud but that's rare.
Honestly, I can't think of a single app that doesn't back up its own data. Meta apps have their own backup mechanism, games all backup either through their own servers or Play Games service, pretty much everything I use is a service of some sort.

But yeah, I guess Google isn't backing up the state of the offline chess app I downloaded 10 years ago...

It's nice that you don't have this problem with the apps that you use, but others do.
Can you give an example? An app that doesn't back up data that's essential to you?
Not the same person, but this affects me and I can explain. I have around a hundred apps installed, and use them just frequently enough to keep them around. All of them can sync their data back to a new device without issue.

The problem is that when a new or wiped device installs those apps again, they won't have any of their account or configuration data. Even with a password manager to help, logging back in and configuring my preferences is a tedious, all-day affair. In years past, there were ways to transfer account data, but they stopped working a long time ago. I am eager to find a solution to this that works without root and on modern Android.

to be clear Apple's "full" icloud backup is full in name only. if you get a new iphone and do a backup and restore, expect to spend several more hours setting up various apps and details on your new device. you'll have to log in to your apps on the new device and setup things there if the app doesn't work with iCloud's backup mechanism.

it might be better than android's backup system, but it still leaves a lot to be desired.

Yep, Signal is not backed up via iCloud for example
It's a feature, not a bug. Apps like banks or Signal don't want to get backed up as it's a security risk if someone could just duplicate the authentication.
The owner of a phone should be able to back up all of the data on it, regardless of the wishes of anyone who doesn't own said phone.
I don't disagree, but I vote with my wallet. If the owner of the phone doesn't agree with that, they could stop using the phone/apps. Similarly the biometric data also doesn't get backed up or transferred over to a new phone. That's a product decision and I'm just explaining why things are done that way on iOS.
> How do you figure Google's backup (which backs up contacts, messages, photos, mail, and remembers which apps you have installed) is bad?

It uses Google. I have servers, desktops, laptops and phones, all of which are computers and all of which are on a local network. It should be possible for me to move all the data on my phone to a server, desktop, laptop or other phone without once sending a single byte outside of my network.

> Last time I had an Apple device the only way to backup was plugging it into a desktop with iTunes.

That hasn’t been true since 2011 with iOS 5.

I remember it well. I upgraded my iPhone 4 on AT&T with iOS 5 using iTunes. Shortly afterwards, I had an iPhone 4s shipped to me from Verizon.

I logged into my Apple account on my iPhone 4s and after it restored everything, it looked and worked just like my iPhone 4 with all of the settings and app icon positions bring in the same place.

There is also internal app data that gets backed up

I use Folder Sync Pro to sync files to a NAS. This app provides a lot of flexibility in terms of the kinds of destinations (NAS, various cloud service providers) and support for different protocols like FTP and SMB.
I don't backup my android but I synchronize some stuff (photos/docs) using syncthing-fork. These are then backuped on the server they are synced to.

Additionally I sync my calendar and contacts with davx. Same as before, backup is done on the server itself.

I don't see the point making a backup of installed apps and their local config.

I use my Android tablet for sheet music. The music often gets annotated during rehearsals, and so it needs to be backed up. I find that SyncThing works great for this, and my backups go to another PC in my house. Since it doesn't require the cloud, I can access it in performance spaces where I can't get WiFi.

Everything else is backed up through their respective services, such as Gmail, and I just don't have an interesting enough digital life to have much else to backup.

Git works fine with Termux.

I have a folder synced with syncthing to my laptop and a raspberry pi that has a hdd. I actually have three hdds that I rotate now and again.
"adb backup" sometimes works (when it does not hang randomly). Restore also sometimes works. This was one of the reasons i got an iPhone, TBH
Contacts and such I currently "trust" the default behaviours for, though I've got some noted down the old fashioned way for emergencies or if I somehow get looked out of the account. I keep meaning to use Takeout as an extra measure. Photos I sync to my own backup system via rsync+SSH via Termux. Everything else is easy enough to replace or came from other sources (my local media library, etc) anyway. I used to backup more (podcasts & such) via rsync but recent versions of Android have made that more difficult without rooting.
For backing up Android contacts, go to https://contacts.google.com/ on your phone or laptop. You can export everything as csv.

Takes less than a minute It's well worth doing from time to time.

All the stuff I care about is all backed up in some form (photos to Google Photos, emulator game saves through Syncthing between my decices, contacts in Google Contacts, emails are in Gmail, credentials through Bitwarden, etc).
I can literally throw my iPhone in the ocean, buy another phone, log in to my Apple account and my new phone looks and works just like the old one with all of the settings, Home Screen app placement, widgets being in the same place and local app data being restored.

You would be missing all of that

Which I don't really care about tbh
wow, hacker news and all these people just "phoning it in"

We really need more folks to hack on their phones and set/spread a good example.

Otherwise "general computing" will be replaced by landlords.

The concept of a landlord may be traced back to the feudal system of manoralism (seignorialism), where a landed estate is owned by a Lord of the Manor...

https://en.wikipedia.org/wiki/Landlord#History

(comment deleted)
Perhaps a few more responses now from people who own their data?

There are still a scary few "I use adb" or "I copy the data over MTP"

Sadly, not everything on the phone is visible to those two. IIRC, [MS]MS logs aren't (I might be wrong here though) and if you use Google Authenticator, your OTPs aren't, which I learned the hard, hard way.

I need to root my phone.

Tragically, as you mention, the security restrictions on most apps at this point block filesystem access via adb.

Wild to learn about the OTPs, I'll need to take a look and (likely) rectify that security hole since I manage my backups myself (at enrollment time the keys go in escrow).

My phone is an appliance. I have no more desire to manage my phone than I do my dishwasher.

I sign into my Apple account, pay Apple for more storage and everything gets backed up that’s on my iPhone and iPad.

When I get a new phone, I log in while I’m at the Apple Store, wait for everything to be restored, wipe my old phone and give it back to Apple for a carrier discount or a discount from Apple.

Life is too short to do otherwise. I work with computers 40 hours a week in exchange for money that I then exchange for goods and services.

Using the LineageOS built-in backup tool : Seedvault and upload it to my nextcloud server. Didn't have to use it to restore yet so no real idea how good the restoration is. I also have automatic pictures/video upload to nextcloud and contact/agenda sync with DAVx5.
Then it's not a backup. Always test your restoration properly before calling it a day
SeedVault is a trainwreck. Backups sometimes fail, restores very often fail. It's time this thing gets a rewrite.
I don't have root on my android and I try to avoid using any FAANG's infrastructure. A few weeks ago I bricked my phone and lost a bunch of data because I only backed up my photos. More on that in a sec, but the big thing I learned is how much stuff on my phone I didn't miss once it was gone and how much I did miss.

App backup? who cares? This was a chance for me to see what's new on F-Droid and it's been great (lookin' at you keyboard.futo.org).

I back up my photos using termux, rsync, and rsync.net. This model seems pretty solid. I should extend it to app data, but I don't have an automated way to back up app data yet. It's just a thing I have to do when I think of it, which is a recipe for disaster.

I'm taking syncthing out of the picture. I was using it to share markdown, html and some graphics between devices and my phone, but I regularly end up diffing .conflict files. I hope to get better behavior from Nextcloud.

Still, I'm the same happy guy I was before December 30 so I think a few manual app data back-ups, back-ups for non-photo content to Nextcloud so I can share it between devices more easily, and the same old rsync stuff for photos should work great.

"I back up my photos using termux, rsync, and rsync.net. This model seems pretty solid."

This is a common workflow.

In addition to termux/rsync we do see a number of people using syncopoli.

FWIW, my personal phone is an iphone and I use the excellent 'iexplorer' to browse the phone as if it were a filesystem.

Can you share resources on how to backup through termux? I hadn't thought of that.
try flickboard. once it stops melting your brain it is awesome
Stop using F-droid. It is insecure and shouldn't be the primary way of installing apps. Stick to Aurora Store or Play Store
Could you elaborate on that? Do you mean bigger possibility of apps containg malware or what?
https://privsec.dev/posts/android/f-droid-security-issues/, the recent findings of bypass of certificate pinning [0], wireguard creator doesn't trust f-droid himself [1], continued harmful attacks to GrapheneOS devs [2] and a few more points regarding their build infra using a deprecated debian release.

[0] https://www.openwall.com/lists/oss-security/2024/04/08/8

[1] https://gitlab.com/fdroid/fdroiddata/-/issues/3110#note_1613...

[2] https://gitlab.com/ironfox-oss/IronFox/-/issues/7#note_22877...

I read your sources, and one, as a user, I'll let these people sort out their drama among themselves, two, the security issues of the apps that are downloaded I think are way higher potentially than the ones in F-Droid in itself. With these considerations, F-droid is fine as a way of installing apps. Just as fine as any other technically imperfect service, business, or product that we use daily. In fact, I consider it higher than average in quality.
By signing into my Google account.