Ask HN: What do you use for personal, offsite backup?

19 points by nopal ↗ HN
What do other HN users use for personal, offsite backup?

I want to find an automated solution that doesn't cost a fortune.

With the number and size of files I have, buying storage somewhere and encrypting the files myself isn't very feasible.

My one requirement is that I be the only one that is able to decrypt my files.

The only service I've been able to find that allows self-management of the encryption key is Carbonite, but they don't allow it with the Mac client.

I just refuse to trust a company with all of my data.

Does anyone know of a good, hacker-friendly online backup service?

39 comments

[ 3.4 ms ] story [ 103 ms ] thread
I use tarsnap. (Also, I wrote tarsnap.)

I feel bad about advertising my product here, so I'll stop there and let other HN readers tell you how fantastic tarsnap is. :-)

I'm a user of tarsnap.

I have no idea of whether it's fantastic. I can see a list of times when I've run ./tarsnap.sh, but I have no idea if it's really encrypting the backup, and I have no idea if it's making a backup in the first place. I mean, I haven't had any hard drive failures and I haven't inspected the client source code. (As far as I can tell, the product is great.)

And I can't remember where offsite I've put my keyfile, notwithstanding for the microprinted uuencoding I have stored in my ear.

> My one requirement is that I be the only one that is able to decrypt my files.

Tarsnap lets you download, inspect, and compile the source code yourself, and nothing unencrypted goes off your machine, so it's sufficient if you value paranoia. But I have not comparison-shopped.

Losing the keyfile is a real concern for me as well, and makes me prefer less secure options like Dropbox or Ubuntu One. What do others do about this?
What do others do about this?

I don't know what all tarsnap users are doing, but I've heard the following options on several occasions: 1. Give it to a friend. 2. Put it on a USB key. 3. Store it on a different computer. 4. Print it out (recent versions of tarsnap have printable key files).

I have no idea if it's really encrypting the backup

Unless you look at source code, you'll never know if a backup service is encrypting your backups or not. At least with tarsnap you have the option of reading the source code to verify that tarsnap does what I say it does. :-)

... and I have no idea if it's making a backup in the first place.

tarsnap --list-archives, tarsnap -t, and tarsnap -x are your friends. The ultimate test of whether a backup was created -- for any backup system -- is "can I get my data back".

> Unless you look at source code, you'll never know if a backup service is encrypting your backups or not. At least with tarsnap you have the option of reading the source code to verify that tarsnap does what I say it does. :-)

You could reverse engineer the protocol that other products use. :_) And I'd rather just assume that somebody else has reviewed the source code.

Mozy

Sad but true story: I worked for a company that backed up email by printing them. They finally upgraded after a year of pleading...to a hard drive in a safe-deposit box at a bank down the street. And this was 2008!

Sadder but true story: I worked for a company that backed up mission critical data to tape and stored the tape in the computer room! The building burnt down. No more system. No more business. And this was 2009!
I worked for a company that backed up mission critical data to tape and stored the tape in the computer room! The building burnt down.

Another thing to remember, which several companies learned in 2001: "The other twin tower" doesn't qualify as an off-site backup.

We (SpiderOak) had a customer who previously arranged their backups with rotating tarballs, encrypted and daily moved offsite. Trouble was, the crypto keys were only archived _within_ the backup.

Backup is a nuanced problem. There's a good case for outsourcing it to a 3rd party who has the motivation to do constant QA.

> to a hard drive in a safe-deposit box at a bank down the street

What's the problem with that? It's probably better than 95% of small businesses out there. No, it doesn't offer geographic redundancy and it might not withstand a killer tidal wave or nuclear strike, but for many businesses that's a moot point: such a situation would destroy their business outright anyway, to the point where their computers would be the least concern.

If they swapped out the HD in the box frequently (on a daily basis) it's not the worst idea I've ever seen.

The company was in Malibu, a place known for fires and floods. Any disaster that would destroy the office would make the bank inaccessible. And the backups were done weekly because it wasn't convenient to drive to the bank in rush hour traffic. The biggest flaw in the plan: the one guy with the key was fired!
dotmac backup daily. (easy access) rsync to a remote system daily. (long term archival) An incremental DVD once a week, with monthly home folder backup. Copies stay here at my home and at an offsite.

Only the physical backups actually take any effort from me.

Carbonite
I don't know if they allow that, but I was thinking of getting one of the advertised-as-unlimited-storage dreamhost account and using rsync to do my backups. Anyone using this already?
I don't know if dreamhost has done this recently, but I've heard many stories of people having their accounts closed due to "using storage for a purpose other than web hosting".
Yes, it is against their terms of service and I'm sure they enforce it. They now market their storage as "Unlimited + xGB" where the x GB is the amount of space you're allowed to use as personal backup space (currently 50GB).

http://www.dreamhost.com/unlimited.html

Dreamhost now has special "backup accounts" and seem to automatically patrol accounts for "abuse" outside of this provisioned space. They give 50gb for free, and then charge 10 cents/gb/mo beyond that.

It's not bad but a far cry from "unlimited." Still, it seems to work fine for rsyncing "small" backups.

crashplan. they just revamped their pricing too to have unlimited. way nicer client/more reliable for me than carbonite or mozy. but, of course, ymmv. we use them for production servers too.
For Offsite I too use CrashPlan, to computers at friends rather than using their 'central' service.
(comment deleted)
I wish I had a good solution. I try to upload all photos to a Flickr pro account but that's not a true backup.

I periodically mirror files from home to a portable drive that I take to the office and dump onto a (Truecrypt encrypted) drive on a machine at work. That's my main backup system right now.

I also use a free Dropbox account for smaller files.

I left a Thecus box sitting attached to a net connection at my parents' place which tells dyndns.org where it is. Once a day my Mac Mini rsyncs to it. Inexpensive and hacker-simple.
I founded SpiderOak in 2006: Zero-knowledge encrypted offsite backup and sync.

It does intensive deduplication across your full data set, keeps historical versions and deleted files for as long as you like and supports all major platforms. You can use the GUI or cmdline/cron/launchd.

2GB free, $10 per 100 GBs up to 1.5 TB, but use the promo code "askhackernews" for a 25% discount, or get a 50% discount automatically with a .edu email address.

We have our own data centers and built a clustering file system specifically for archival storage (colder data), which is why our prices are way under companies that outsource to S3, etc.

Do you provide an API or do I have to use your client?

Does the client run on 64-bit installations?

Are you really offering storage for $10/100GB/month or $100/100GB/year? Sounds quite inexpensive to me.

Do you also give discounts to students with non-edu addresses (e.g. ac.at = education subdomain for Austria).

How well is the data of your customers protected against hardware faults? Your website mentions a distributed filesystem that tolerates the loss of many nodes, but not how it does that? (erasure coding, mirroring, ...?) Also, do you have geographically distributed storage nodes?

If I view data via the web interface, the password needs to be on your servers. A mail provider, Hushmail, also did not store user encryption passwords, they did actually not even require the password to be on their servers for decryption, they used a Java applet. Due to a court order they had to turn the Java applet into a trojan to spy on their users. Obviously, you face the same danger (court order that requires you to store the password for law enforcement when the user logs in on your website). Do you offer a "Warrant canary" similar to rsync.net? http://www.rsync.net/resources/notices/canary.txt

Tarsnap is probably the most "hackerish", but I use jungledisk and have been quite happy with it.
If the command line doesn't scare you then http://duplicity.nongnu.org/ may be worth a look. It uses PGP and supports incremental backup to S3.

I'm personally a bit wary about the mass market backup providers like crashplan and such. Sure they all say their binary client will encrypt my data before sending it to them. Sure their GUIs are shiney and much easier than the sharp-edged OSS tools.

But when all my personal, backup-worthy data is at stake then I prefer to know exactly what's going on, even if it initially took a little more work to set it up...

Jungle Disk. http://www.jungledisk.com/ It's great because it backups to S3 and it's cheap.
Good, cheap, reliable. You can use your own Amazon S3 account and key, and you need not give the key to JungleDisk; if you don't share your key, you can't use some features that involve JungleDisk's own servers, but backup and restore work just dandy with the encryption done once on your own computer. Very efficient and cost effective.
I too use this.

The nice thing about Jungledisk is that you can just mount the thing as a directory (uses fuse under linux) and use rsync to do the backups. That works well for me with multi-Gb source repositories, whereas when using Mozy on windows, its built-in scheduled backups struggled badly and chewed a lot of CPU, presumably scanning through all the thousands of files.

That's not really a fair comparison - I haven't tried Jungledisk's built-in scheduled backups, merely using it as a mounted drive and doing the backups manually with rsync. But that's too bad - last time I looked, Mozy didn't support mounting as a drive, or even linux.

Backblaze. Very easy and well integrated into Mac OSX system preferences.
TimeMachine to an external USB drive (a WD Passport).

Offsite? I put it in my bag with me when I leave. :)

Dropbox. Well, it´s an online and offline solution for me and my most valuable files no a Macbook Pro - since I get online access via getdropbox.com and I got an old PC (yes, a Windows XP PC) as a sync client for Dropbox on a second location. So if both machines fail: Online copy. And if Dropbox fails, I still got everything on two harddisks in separate locations.
I initially tried Backblaze however it didnt play nice with Mac OSX forks and special files. I ended up using the somewhat overpriced "Twin" on mac. The cool thing about it is it can just upload to S3 (as well as sftp, external drive, etc).
I've been using rsync.net (http://rsync.net/) for years. With your requirement to be able to encrypt, you can use a number of means since they are very flexible. One I've used is to have some/all of my files encrypted with TrueCrypt (http://www.truecrypt.org/). This won't work for large data sets though, so you can look into something like Duplicity (http://www.rsync.net/resources/howto/duplicity.txt). Haven't used it myself so can't comment on it. They also support encrypted file systems. All in all, I think rsync.net is easily one of the best values of any service I use.
I copy the data arenas to another machine and when they are full (500mb per arena) I burn them to cd.

I us this script to copy the arenas

http://plan9.bell-labs.com/sources/contrib/maht/rc/vbackup

It's slightly sloppy in that I could just append the unwritten bytes but for < 500mb who cares, its a 1gbe after all.

Venti dumps give me a full history of file changes. On the plan9 central server one can browse the daily snapshots for 10+ years of plan9 development. It also coalesces duplicate blocks so storing 20 copies takes as much room as one.

Venti is available for plan9 and Lunix.

i accidentally wiped $home this week, then :

    cp `{yesterday $home}/* $home
got it all back