Ask HN: What do you use for personal, offsite backup?
What do other HN users use for personal, offsite backup?
I want to find an automated solution that doesn't cost a fortune.
With the number and size of files I have, buying storage somewhere and encrypting the files myself isn't very feasible.
My one requirement is that I be the only one that is able to decrypt my files.
The only service I've been able to find that allows self-management of the encryption key is Carbonite, but they don't allow it with the Mac client.
I just refuse to trust a company with all of my data.
Does anyone know of a good, hacker-friendly online backup service?
39 comments
[ 3.4 ms ] story [ 103 ms ] threadI feel bad about advertising my product here, so I'll stop there and let other HN readers tell you how fantastic tarsnap is. :-)
I have no idea of whether it's fantastic. I can see a list of times when I've run ./tarsnap.sh, but I have no idea if it's really encrypting the backup, and I have no idea if it's making a backup in the first place. I mean, I haven't had any hard drive failures and I haven't inspected the client source code. (As far as I can tell, the product is great.)
And I can't remember where offsite I've put my keyfile, notwithstanding for the microprinted uuencoding I have stored in my ear.
> My one requirement is that I be the only one that is able to decrypt my files.
Tarsnap lets you download, inspect, and compile the source code yourself, and nothing unencrypted goes off your machine, so it's sufficient if you value paranoia. But I have not comparison-shopped.
I don't know what all tarsnap users are doing, but I've heard the following options on several occasions: 1. Give it to a friend. 2. Put it on a USB key. 3. Store it on a different computer. 4. Print it out (recent versions of tarsnap have printable key files).
Unless you look at source code, you'll never know if a backup service is encrypting your backups or not. At least with tarsnap you have the option of reading the source code to verify that tarsnap does what I say it does. :-)
... and I have no idea if it's making a backup in the first place.
tarsnap --list-archives, tarsnap -t, and tarsnap -x are your friends. The ultimate test of whether a backup was created -- for any backup system -- is "can I get my data back".
You could reverse engineer the protocol that other products use. :_) And I'd rather just assume that somebody else has reviewed the source code.
Sad but true story: I worked for a company that backed up email by printing them. They finally upgraded after a year of pleading...to a hard drive in a safe-deposit box at a bank down the street. And this was 2008!
Another thing to remember, which several companies learned in 2001: "The other twin tower" doesn't qualify as an off-site backup.
Backup is a nuanced problem. There's a good case for outsourcing it to a 3rd party who has the motivation to do constant QA.
What's the problem with that? It's probably better than 95% of small businesses out there. No, it doesn't offer geographic redundancy and it might not withstand a killer tidal wave or nuclear strike, but for many businesses that's a moot point: such a situation would destroy their business outright anyway, to the point where their computers would be the least concern.
If they swapped out the HD in the box frequently (on a daily basis) it's not the worst idea I've ever seen.
Only the physical backups actually take any effort from me.
http://www.dreamhost.com/unlimited.html
It's not bad but a far cry from "unlimited." Still, it seems to work fine for rsyncing "small" backups.
I periodically mirror files from home to a portable drive that I take to the office and dump onto a (Truecrypt encrypted) drive on a machine at work. That's my main backup system right now.
I also use a free Dropbox account for smaller files.
It does intensive deduplication across your full data set, keeps historical versions and deleted files for as long as you like and supports all major platforms. You can use the GUI or cmdline/cron/launchd.
2GB free, $10 per 100 GBs up to 1.5 TB, but use the promo code "askhackernews" for a 25% discount, or get a 50% discount automatically with a .edu email address.
We have our own data centers and built a clustering file system specifically for archival storage (colder data), which is why our prices are way under companies that outsource to S3, etc.
Does the client run on 64-bit installations?
Are you really offering storage for $10/100GB/month or $100/100GB/year? Sounds quite inexpensive to me.
Do you also give discounts to students with non-edu addresses (e.g. ac.at = education subdomain for Austria).
How well is the data of your customers protected against hardware faults? Your website mentions a distributed filesystem that tolerates the loss of many nodes, but not how it does that? (erasure coding, mirroring, ...?) Also, do you have geographically distributed storage nodes?
If I view data via the web interface, the password needs to be on your servers. A mail provider, Hushmail, also did not store user encryption passwords, they did actually not even require the password to be on their servers for decryption, they used a Java applet. Due to a court order they had to turn the Java applet into a trojan to spy on their users. Obviously, you face the same danger (court order that requires you to store the password for law enforcement when the user logs in on your website). Do you offer a "Warrant canary" similar to rsync.net? http://www.rsync.net/resources/notices/canary.txt
I'm personally a bit wary about the mass market backup providers like crashplan and such. Sure they all say their binary client will encrypt my data before sending it to them. Sure their GUIs are shiney and much easier than the sharp-edged OSS tools.
But when all my personal, backup-worthy data is at stake then I prefer to know exactly what's going on, even if it initially took a little more work to set it up...
The nice thing about Jungledisk is that you can just mount the thing as a directory (uses fuse under linux) and use rsync to do the backups. That works well for me with multi-Gb source repositories, whereas when using Mozy on windows, its built-in scheduled backups struggled badly and chewed a lot of CPU, presumably scanning through all the thousands of files.
That's not really a fair comparison - I haven't tried Jungledisk's built-in scheduled backups, merely using it as a mounted drive and doing the backups manually with rsync. But that's too bad - last time I looked, Mozy didn't support mounting as a drive, or even linux.
Offsite? I put it in my bag with me when I leave. :)
I us this script to copy the arenas
http://plan9.bell-labs.com/sources/contrib/maht/rc/vbackup
It's slightly sloppy in that I could just append the unwritten bytes but for < 500mb who cares, its a 1gbe after all.
Venti dumps give me a full history of file changes. On the plan9 central server one can browse the daily snapshots for 10+ years of plan9 development. It also coalesces duplicate blocks so storing 20 copies takes as much room as one.
Venti is available for plan9 and Lunix.
i accidentally wiped $home this week, then :
got it all back