
Ask HN: What do you use for personal, offsite backup? - nopal
What do other HN users use for personal, offsite backup?<p>I want to find an automated solution that doesn't cost a fortune.<p>With the number and size of files I have, buying storage somewhere and encrypting the files myself isn't very feasible.<p>My one requirement is that I be the only one that is able to decrypt my files.<p>The only service I've been able to find that allows self-management of the encryption key is Carbonite, but they don't allow it with the Mac client.<p>I just refuse to trust a company with all of my data.<p>Does anyone know of a good, hacker-friendly online backup service?
======
cperciva
I use tarsnap. (Also, I wrote tarsnap.)

I feel bad about advertising my product here, so I'll stop there and let other
HN readers tell you how fantastic tarsnap is. :-)

~~~
shrughes
I'm a user of tarsnap.

I have no idea of whether it's fantastic. I can see a list of times when I've
run ./tarsnap.sh, but I have no idea if it's _really_ encrypting the backup,
and I have no idea if it's making a backup in the first place. I mean, I
haven't had any hard drive failures and I haven't inspected the client source
code. (As far as I can tell, the product is great.)

And I can't remember where offsite I've put my keyfile, notwithstanding for
the microprinted uuencoding I have stored in my ear.

> My one requirement is that I be the only one that is able to decrypt my
> files.

Tarsnap lets you download, inspect, and compile the source code yourself, and
nothing unencrypted goes off your machine, so it's sufficient if you value
paranoia. But I have not comparison-shopped.

~~~
cperciva
_I have no idea if it's really encrypting the backup_

Unless you look at source code, you'll never know if a backup service is
encrypting your backups or not. At least with tarsnap you have the option of
reading the source code to verify that tarsnap does what I say it does. :-)

 _... and I have no idea if it's making a backup in the first place._

tarsnap --list-archives, tarsnap -t, and tarsnap -x are your friends. The
ultimate test of whether a backup was created -- for any backup system -- is
"can I get my data back".

~~~
shrughes
> Unless you look at source code, you'll never know if a backup service is
> encrypting your backups or not. At least with tarsnap you have the option of
> reading the source code to verify that tarsnap does what I say it does. :-)

You could reverse engineer the protocol that other products use. :_) And I'd
rather just assume that somebody else has reviewed the source code.

------
moe
If the command line doesn't scare you then <http://duplicity.nongnu.org/> may
be worth a look. It uses PGP and supports incremental backup to S3.

I'm personally a bit wary about the mass market backup providers like
crashplan and such. Sure they all say their binary client will encrypt my data
_before_ sending it to them. Sure their GUIs are shiney and much easier than
the sharp-edged OSS tools.

But when all my personal, backup-worthy data is at stake then I prefer to know
exactly what's going on, even if it initially took a little more work to set
it up...

------
rarrrrrr
I founded SpiderOak in 2006: Zero-knowledge encrypted offsite backup and sync.

It does intensive deduplication across your full data set, keeps historical
versions and deleted files for as long as you like and supports all major
platforms. You can use the GUI or cmdline/cron/launchd.

2GB free, $10 per 100 GBs up to 1.5 TB, but use the promo code "askhackernews"
for a 25% discount, or get a 50% discount automatically with a .edu email
address.

We have our own data centers and built a clustering file system specifically
for archival storage (colder data), which is why our prices are way under
companies that outsource to S3, etc.

~~~
soult
Do you provide an API or do I have to use your client?

Does the client run on 64-bit installations?

Are you really offering storage for $10/100GB/month or $100/100GB/year? Sounds
quite inexpensive to me.

Do you also give discounts to students with non-edu addresses (e.g. ac.at =
education subdomain for Austria).

How well is the data of your customers protected against hardware faults? Your
website mentions a distributed filesystem that tolerates the loss of many
nodes, but not how it does that? (erasure coding, mirroring, ...?) Also, do
you have geographically distributed storage nodes?

If I view data via the web interface, the password needs to be on your
servers. A mail provider, Hushmail, also did not store user encryption
passwords, they did actually not even require the password to be on their
servers for decryption, they used a Java applet. Due to a court order they had
to turn the Java applet into a trojan to spy on their users. Obviously, you
face the same danger (court order that requires you to store the password for
law enforcement when the user logs in on your website). Do you offer a
"Warrant canary" similar to rsync.net?
<http://www.rsync.net/resources/notices/canary.txt>

------
byoung2
Mozy

Sad but true story: I worked for a company that backed up email by printing
them. They finally upgraded after a year of pleading...to a hard drive in a
safe-deposit box at a bank down the street. And this was 2008!

~~~
edw519
Sadder but true story: I worked for a company that backed up mission critical
data to tape and stored the tape in the computer room! The building burnt
down. No more system. No more business. And this was 2009!

~~~
cperciva
_I worked for a company that backed up mission critical data to tape and
stored the tape in the computer room! The building burnt down._

Another thing to remember, which several companies learned in 2001: "The other
twin tower" doesn't qualify as an off-site backup.

------
nolanbrown23
Jungle Disk. <http://www.jungledisk.com/> It's great because it backups to S3
and it's cheap.

~~~
memorius
I too use this.

The nice thing about Jungledisk is that you can just mount the thing as a
directory (uses fuse under linux) and use rsync to do the backups. That works
well for me with multi-Gb source repositories, whereas when using Mozy on
windows, its built-in scheduled backups struggled badly and chewed a lot of
CPU, presumably scanning through all the thousands of files.

That's not really a fair comparison - I haven't tried Jungledisk's built-in
scheduled backups, merely using it as a mounted drive and doing the backups
manually with rsync. But that's too bad - last time I looked, Mozy didn't
support mounting as a drive, or even linux.

------
vdibart
I've been using rsync.net (<http://rsync.net/>) for years. With your
requirement to be able to encrypt, you can use a number of means since they
are very flexible. One I've used is to have some/all of my files encrypted
with TrueCrypt (<http://www.truecrypt.org/>). This won't work for large data
sets though, so you can look into something like Duplicity
(<http://www.rsync.net/resources/howto/duplicity.txt>). Haven't used it myself
so can't comment on it. They also support encrypted file systems. All in all,
I think rsync.net is easily one of the best values of any service I use.

------
appl3star
Dropbox. Well, it´s an online and offline solution for me and my most valuable
files no a Macbook Pro - since I get online access via getdropbox.com and I
got an old PC (yes, a Windows XP PC) as a sync client for Dropbox on a second
location. So if both machines fail: Online copy. And if Dropbox fails, I still
got everything on two harddisks in separate locations.

------
ja27
I wish I had a good solution. I try to upload all photos to a Flickr pro
account but that's not a true backup.

I periodically mirror files from home to a portable drive that I take to the
office and dump onto a (Truecrypt encrypted) drive on a machine at work.
That's my main backup system right now.

I also use a free Dropbox account for smaller files.

------
spitfire
dotmac backup daily. (easy access) rsync to a remote system daily. (long term
archival) An incremental DVD once a week, with monthly home folder backup.
Copies stay here at my home and at an offsite.

Only the physical backups actually take any effort from me.

------
jpcx01
I initially tried Backblaze however it didnt play nice with Mac OSX forks and
special files. I ended up using the somewhat overpriced "Twin" on mac. The
cool thing about it is it can just upload to S3 (as well as sftp, external
drive, etc).

------
yanowitz
crashplan. they just revamped their pricing too to have unlimited. way nicer
client/more reliable for me than carbonite or mozy. but, of course, ymmv. we
use them for production servers too.

~~~
jrg
For Offsite I too use CrashPlan, to computers at friends rather than using
their 'central' service.

------
esad
I don't know if they allow that, but I was thinking of getting one of the
advertised-as-unlimited-storage dreamhost account and using rsync to do my
backups. Anyone using this already?

~~~
cperciva
I don't know if dreamhost has done this recently, but I've heard many stories
of people having their accounts closed due to "using storage for a purpose
other than web hosting".

~~~
trinket
Yes, it is against their terms of service and I'm sure they enforce it. They
now market their storage as "Unlimited + xGB" where the x GB is the amount of
space you're allowed to use as personal backup space (currently 50GB).

<http://www.dreamhost.com/unlimited.html>

------
timcederman
I left a Thecus box sitting attached to a net connection at my parents' place
which tells dyndns.org where it is. Once a day my Mac Mini rsyncs to it.
Inexpensive and hacker-simple.

------
cdr
Tarsnap is probably the most "hackerish", but I use jungledisk and have been
quite happy with it.

------
NoBSWebDesign
Backblaze. Very easy and well integrated into Mac OSX system preferences.

------
bunni
Backblaze

------
njharman
S3

------
skwiddor
I copy the data arenas to another machine and when they are full (500mb per
arena) I burn them to cd.

I us this script to copy the arenas

<http://plan9.bell-labs.com/sources/contrib/maht/rc/vbackup>

It's slightly sloppy in that I could just append the unwritten bytes but for <
500mb who cares, its a 1gbe after all.

Venti dumps give me a full history of file changes. On the plan9 central
server one can browse the daily snapshots for 10+ years of plan9 development.
It also coalesces duplicate blocks so storing 20 copies takes as much room as
one.

Venti is available for plan9 and Lunix.

i accidentally wiped $home this week, then :

    
    
        cp `{yesterday $home}/* $home
    

got it all back

------
z8000
TimeMachine to an external USB drive (a WD Passport).

Offsite? I put it in my bag with me when I leave. :)

