Hacker News new | past | comments | ask | show | jobs | submit login
What I Would Do If I Ran Tarsnap (kalzumeus.com)
801 points by tnorthcutt on Apr 3, 2014 | hide | past | web | favorite | 311 comments

Patrick notes in detail that the post is written with Colin's approval. I am not a customer of any of Patrick's services, nor am I a customer of Colin's, although perhaps I should be a customer of both. The most telling part of the post is right here, beginning with a quotation from the Tarsnap FAQ:

" >Q: What happens when my account runs out of money?

" >A: You will be sent an email when your account balance falls below 7 days worth of storage costs warning you that you should probably add more money to your account soon. If your account balance falls below zero, you will lose access to Tarsnap, an email will be sent to inform you of this, and a 7 day countdown will start; if your account balance is still below zero after 7 days, it will be deleted along with the data you have stored.

"Yes folks, Tarsnap — “backups for the truly paranoid” — will in fact rm -rf your backups if you fail to respond to two emails.

"Guess how I found out about this?"

That says it all.

I am a customer of Colin's, though I almost had a very similar scenario happen. Luckily, my understanding of crypto caught it, and Colin is quick to answer emails, so I'm good to go (for the most part...)

Here was my deal: I stupidly told my computer to upgrade libc, and only after apt completely failed and wrecked the machine to the point of `ls` not working did I realize that I had some personal data that wasn't backed up. Of course.

My plan was thus: use an Ubuntu LiveUSB, upload a copy of /home/steve to Tarsnap, then install Ubuntu, and be on my way. As I was compiling Tarsnap, I realized that my mental model of machines on Tarsnap was probably wrong: it's not that I have a Tarsnap account, with access given to a set of keys. It's that each key has its own backup. So what I _almost_ did was upload an encrypted backup of all my stuff, then wipe the drive and the key, never (hopefully!) to see my data again. :(

Even when you're technical and know about this stuff, you can screw it up, because you're still human.

I think that is the point for improving UI and how the service is served. The more geekie you are the less help you need for the easy stuff, but more tragic is the result when you eventually crash.

Just like the best (arguably, maybe I should say boldest) drivers are the ones who get killed on car accidents. When you are too confortable on driving at 80Mph is when you are closest to die. And it is when you need more help, more user-friendly interface, more insurance to keep you safe from your own mistakes.

Keeping all of UI difficult just to please the geekies will actually harm some of them pretty bad eventually.

Also I find interesting how a lot of people is forcing to Colin a very romanticized idea of a "not for the money" entrepreneur that just want to keep things in this raw state. Sounds to me that Patrick is closer to Colin than anyway creating this image of him.

hm, the first think I do when setting up new tarsnap hosts is create the .key file and back-it-up elsewhere. Since it's a text file '1Passwd' locker is good and if I were more paranoid I'd probably had a printed copy of every key. Just like GPG :-)

Yes folks, Tarsnap — “backups for the truly paranoid” — will in fact rm -rf your backups if you fail to respond to two emails.

I don't think that quite says it all, because the other important factor is that you can't properly predict when the underlying conditions that would trigger those e-mails will arise. Patrick seems to have latched onto the use of picodollars as his pet hate there, but of course the real cause is the unpredictable efficiency of compression and deduplication. This problem remains even if you move to tiered dollar pricing for "up to X GB" plans.

I have multiple businesses that are definitely good candidates for using Tarsnap, but sadly that combination of unpredictability and insufficient warning/recovery mechanisms is a deal-breaker for us. No matter how great Tarsnap might be technically, from our point of view it's not offering a reliable backup with its current model, which is a shame for all concerned really. I do hope Colin will consider the various comments on this and look into fixing it.

So, what exactly he should do?! Call you? Keep the data for ever and pay a visit to let you know that something bad is about to happen?!

Yes, he should call you. He should charge you enough money that it's worth his time to do that.

(I had a hosting service that my credit card started bouncing on delete some data a few years ago. I was furious. I'd paid them a bunch of money over the years, and they knew my phone number: if they'd called me after I didn't respond to their emails I'd still be their customer, and I'd still have that data).

For a backup service, I'd be perfectly happy for it to hold on to my encrypted data for a year after I stop paying, then charge me a hefty "recovery" fee (at least how much I should have paid for the time that I wasn't, and quite happily more).

If you run a kennel, and someone is a few days late collecting their dog, do you call them or shoot the dog?

Yes, I know the margins on pico dollar backups don't justify a call. But for a $50 / month plan, it's a lot more feasible.

The comparison is flawed. Would be better to ask what if you leave your dog for 6 months in a dog-hotel and the 7th month you don't show up?

I'm sure your dog will end up dead eventually or nowhere to be found.

That said I get your point. But rolling your own notification solution shouldn't be that much of a problem for technical people or people with deep pockets. Just hire a programmer to write an application that reads picodollars and if the predefined threshold is passed the program makes a phonecall/sends 15 emails/call the local authorities?!.

There is this hole-in-the-wall looking place in NYC chinatown that serves Chinese comfort food meal. It closes real late and remains affordable while serving great meals. It is frequented by Michelin star rated restaurant chefs (of all cuisines) for the after dinners hours mostly through word-of-mouth.

Now I'm certain that the owner of the place knows he can charge more and rebrand to the mass audience. But I'd like to think it is a point of pride that his successful peers enjoy his services and that trumps any desire to change from the status quo.

He is happy being Chef2Chef and I'm glad Colin is happy being Geek2Geek.

A businessman is on vacation on an island; walking on the beach, he comes across a middle-aged man sitting next to a very small rusty boat.

- What do you do?

- Right now I'm not doing anything; sometimes I fish.

- So you're a fisherman?

- If you want to call it that.

- Why aren't you fishing now?

- As I'm sure you'd put it, I have reached my daily quota.

- What's your quota?

- One fish a day. At most. Some days I don't catch any.

- One. Fish. A. Day?? You can't make a living with one fish per day! Where do you even go to sell just one fish??!?

- I don't sell it. I eat it.

The businessman stays silent for a while, watching the man watching the sea. Then he says

- Listen, I'm a businessman. Don't you want to hear some advice about how to grow your business?

- Shoot.

- First, you should make it your goal to catch as much fish as possible, every day. There must be a market somewhere on this island where you could sell it?

- There is. 2 miles from here.

- Okay, great. You catch a lot of fish, you walk to the market, you sell the fish, keeping some for your own consumption if you wish.

- And then?

- And then, with the money you buy a net. A net will let you catch so much more fish at once.

- And then?

- And then you catch more fish, you sell more fish, you make more money. With the money, you can buy a better boat.

- Better in what sense?

- Bigger, nicer -- better looking! And with that boat you'll be able to catch even more fish.

- Oh. And then what?

- Then you make even more money, and you can save it.

- Save it?

- After your expenses are paid, you keep the extra money; after a while you'll have lots of money.

- And what do I do with that money?

- Once you have enough money, you'll be able to retire! You won't have to work anymore!

Now it's time for the fisherman to think. He stares at his feet for a while and says

- But I'm not working right now.

Wasn't there a fable posted to HN which continued this story -- about how the businessman found the fisherman's neighbour to serve the market?

I don't know why you are being down-voted.

Here's a follow-up and slightly different take on that story: http://blog.figuringshitout.com/the-parable-of-the-fisherman...

Here's an HN discussion about it: https://news.ycombinator.com/item?id=6602351

I am not happy with it at all.

You know what he could do with the millions Tarsnap could make him? DONATE IT TO FREEBSD. How about that being Geek2Geek? How much more better off would the world be if Colin donated $500,000.00 of his surplus income from the business to the FreeBSD foundation? Or the Python foundation? Or THE FSF?

It's infuriating how blind many intelligent people are to how much better the world would be if they allowed more money. I don't care if that ends up being them buying a new house or donating it or building another amazing business or having the money to live while they write more amazing open source software.

What if by making more money Colin is able to start another business that does unknown and amazing things for cryptography! The possibilities are endless and makes me SO ANGRY that people with such amazing knowledge and skill that is so much more than mine are SQUANDERING IT BY THINKING THEY ARE DOING THE WORLD JUSTICE BY NOT CHARGING MORE MONEY!

If you are paying less, you can do all those things.

No. You cannot.

Do I donate money to certain projects of mine? Sure. When did I donate the most money? When I billed a private equity firm $300.00 per hour for development work and had a surplus of $15,000.00 dollars. I gave quite a bit to the FSF and others.

Do you really think that by charging the PE firm $50.00 per hour I would be enabling them to donate to the FSF? FreeBSD Foundation? Haskell? GNU? Do you even think they would or care? I certainly wouldn't have enough money to do so at that rate, but I did at $300.00 per hour.

Highly naive my friend. I'm sorry to be offensive but I'm sick of my intelligent peers (sometimes even more intelligent) squandering what is, a massive opportunity sitting in front of them that is being ignored for a totally ridiculous noble cause when their "noble causes" could be enhanced so much more without an iota of evil behavior.

Tarsnap isn't going to become an big evil corporation by charging more. It might if he decides to sell it, but I doubt that. It would be enabling him to do even more amazing things for software, geeks, the world, whatever. Those amazing things could be donations to enable OTHER brilliant people or it could be a new business, or new features that make backups a better experience, or it could be starting an R&D lab for crypto that pumps out purely Open Source research on cryptography that makes its way back into Tarsnap or different business.

Patrick actually answers this point. The shorter is that while people are free to spend as they please to charities, businesses usually don't. He goes on to note that businesses have very different value structures. This means that while I may consider a hundred buck real money, an enterprise business very likely will not. The final bit is that businesses value some things disproportionately highly compared to the trivial cost of it. There are plenty of reasons for this that he makes clear.

But that value is for that service, not a charity. It will never get redirected otherwise. So getting a business to happily pay a large sum for a cheap service is a fantastic way to ensure you now have the money to donate, and likely an order of magnitude more.

This is also the reason he says to charge $500 a month, but to give away the service to them that need it. Because the business is effectively subsidizing the needy here, while itself provably working in it's own interest. This is pretty win-win if anything.

Anothing thing he mentioned which I think is really important here is that a business (at least his own) cannot make a donation, that's an unnecessary business expense. It seems important to understanding his view - he wants to pay more for an even better service but literally cannot do so legally.

My question here is: why can't a business make an "unnecessary business expense"? Are businesses legally forbidden from doing so? Really? Why?

Or does it just mean that the business can't deduct it from its earnings for tax reasons? In that case, why doesn't the business just pay the extra tax? In my eyes, there's nothing wrong with paying tax.

I just cannot understand why anyone would make a rule against such a thing.

(Note: as you probably already understand, I do not run a business.)

Or increase your salary and use the surplus to donate. But really most of that profit should probably be directed to improving the business, or R&D that goes back into the business (which can be opensource!).

So what is the place?

Great NY Noodle Town

Isn't that kind of selfish though? Hiding your light under a bushel and all that. If the guy could be making many more people happy by having them enjoy his great food, but keeps it as a secret only for those in the know... it's his right, but I don't think it's very admirable.

Fantastic analogy. Nicely done.

What is the name of this place?

It's incredibly selfish to leave huge amounts of money on the table when your customers would both a) increase and b) not mind paying it and then you could e.g. give it to charity or something.

It's not like it would have to stop being tarsnap. Most of these suggestions are simple common sense. I'm a fucking nerd and need something like tarsnap and the thought of "picodollars" means I'll never give him my money (even if he reprices) because it means I can't rely on his business to not do completely nonsensical things.

This is getting a lot of negative reactions. If this causes cperciva not to listen to this post, it will be a Big Tragedy.

A lot of people here are ~saying "maybe cperciva isn't motivated by money". OK. I get that.

Here's the thing - I honestly believe that Tarsnap is the best backup solution. I believe this because I hang around HN, I'm a technologist, and I trust tptacek and patio11, among others, when they say it.

I am right on the edge of someone who would actually use Tarsnap - I'm a geek, but I also run a business, the money it would cost me is less than peanuts (if I could figure out how much it would cost me, that is - see the article). I'm probably not going to use Tarsnap because of a few missing but critical features that patio11 mentioned, like auto-recharging money (do I really need another bullet on my todo list, or to worry about my backups disappearing?).

But there's a whole world of people out there. People who could really, really use Tarsnap. People who have my user data on their systems, and who I wish would use a service as good as Tarsnap. These people will never, ever use Tarsnap, because of all the reasons patio11 mentioned, and because they will never hear of it or know that it's better than everything else.

What I said above has nothing to do with moral philosophy. It is a fact about the world that, if cperciva doesn't play the "marketing game" (or the "make your software useable by normal people" game), less people will use Tarsnap.

And the world will be worse off. Is this a tragedy? Sure. cperciva doesn't owe the world or anyone in it anything. It isn't a moral absolute that giving cperciva more resources, to make Tarsnap that much better, is the right thing to happen.

But I hate to see a whole forum full of people who actually think that what cperciva is doing is somehow more "noble" and less "greedy" because he doesn't care about money. *

* I have no problem with cperciva acting however he wants in this regard, and absolutely do not mean any disrespect. I honestly don't think cperciva owes anyone anything. But I do think that it's an empirical fact that the world will be worse off for less people having used a good backup solution, and I honestly believe that living ina world with more people using Tarsnap, and incidentally cperciva having more money, is a better world. If you really want - donate all that money to GiveWell, and the world will be even better off.

Thank you for eloquently saying what I wanted to say.

It is not about the money. I can guess that his original motivation for creating Tarsnap was to create the most secure backup solution for people who care about their data. The natural progression to this goal would be to let more and more people know about this solution and get them to use it so that data is protected.

Imagine this contrived scenario. Think about all the hospitals storing important health records for patients. Currently, they are not using Tarsnap not because it is technically lacking, but lacking 'business-y' things which are important. What if Colin's hospital mismanages their backup and all records become available to the public.

The irony is that the Colin has solved the hard problem (technical solution) but doesn't want to address the easy problem (business requirements). I sincerely wish Colin would implement these suggestions.

I am seriously thinking of asking to collaborate with him and letting me re-brand Tarsnap and create a backup solution which businesses could buy.

Would you agree the best solution is for cperciva to start a second brand that is purely B2B and more in line with the blog post?

I think the negative reactions stem more from an attraction to the Tarsnap brand as a G2G service combined with cperciva's cavalier attitude toward's increasing his income by charging his customers more. Regardless of patio11's thoughts, the current 'brand' would take a hit by losing the 'geek to geek' luster.

The OP maintains two separate brands for separate products. Maintaining a 'premium B2B' brand for Tarsnap would bypass any negative reaction, I think.

I'm not sure why the majority of the people [OP included] think a single B2B or G2G brand is the 'best option'.

I think a single brand is a better option in this case because it greatly reduces scope, and seeing as it's a one man business scope is the biggest enemy there is. But also because I don't see it as a black and white decision about whether to appeal to geeks or enterprises.

I think patio11 went too far towards the "only appealing to non-geeks" end of the spectrum, partly because he just wanted to show how big of a spectrum there is. It's absolutely possible to have a optimized pricing system, and a well-designed (not talking just visuals) homepage without being anti-geek. For evidence of that just look at Stripe or GitHub. It actually seems like an incredibly rewarding task if cperciva finds the right geek-oriented designer.

Github is the perfect example. Very "pro-geek". But can you imagine if they had appealed to only people who are comfortable with the command-line and with no GUI's? Github is in many ways just a nice GUI and good documentation on top of git, making it more accessible for the average programmer.

And does anyone honestly think the world would be better if git was less widespread?

Perhaps I'm just strange but I wouldn't pay for GitHub and I am the reason that we went with GitLab at $DAY_JOB since its my responsibility to maintain everything Git.

The majority of my coworkers are GitHub's target audience [programmers that do not really want to truly understand how Git works] and they have no active desire to use GitHub. I'm literally the only person that works here with a GitHub account which I barely use because I run a private instance of GitLab instead.

So, while it is a perfect 'mainstream' example, in your eyes...it is also a prime example that there is a significant market that wouldn't use GitHub professionally.

I don't really agree with this characterization of GitHub's target audience. After spending the last 18 months working with a distributed team of ~40 engineers and ~20 bizdev/salesfolk I cannot imagine a suitable replacement for GitHub when it comes to organizing the information surrounding our workflow. I am now in a 2-man startup and it is indispensable for its ticketing and communication features, not to mention helping me figure out when I am most productive. Also, do you realize how great it is for non-coders to "get" GitHub and start using it for critical documents? Iterating through some legal agreements is much clearer when your lawyer/partner now understands what a repo is and how to revert to a previous commit.

That's fine, my comment/explanation could have been clearer.

I was trying to explain that there is two markets for backups/Tarsnap and trying to shoe-horn it into the GitHub comparison led to confusion.

GitHub sounds like it is a SPoF for you is the only reason I'm adding this part of the comment:

If you can't 'imagine' a suitable replacement, I'd try GitLab. They are similar enough I think you'll be surprised how easy it is to replace GitHub in your workflow.

I'm not suggesting you actually replace GitHub, I'm just suggesting you expand your options so you have a backup plan in case GitHub disappears one day.

And there are many enterprises that pay for GitHub Accounts or Private instances of GitHub Software on prem...

Why... Same reason companies pick any other software... Same reason companies pick RHEL over Cent... etc

Support, Security, and outsourced management

If your team has the time to manage your GitLab installation, update it, fix it if/when it breaks, etc. Great. Other organization choose to outsource that to GitLab...

Same thing here with backups... People that want to roll their own inhouse solution would not be TarSnaps target.

Fyi, GitLab and GitHub both provide similar services. One is open source, one is not.

You can buy on premise support from GitLab or GitHub for their respective products.

So, it isn't rolling your own...or even being on your own [unless you choose to be].

The confusion is probably my fault, I'm not the clearest of posters.

Just out of interest, why do you think GitHub's target audience are developers who don't want to truly understand git?

Git is as easy to use as scp or rsync from the commandline for most common tasks. So is Tarsnap.

The Tarsnap -> Patio11's Idea is being approximated as equivalent to Git -> GitHub.

So, in this context, the people I've dealt with that would want Patio11's Idea of Tarsnap are people who don't want to take the effort to understand what they are dealing with.

GitHub has a larger audience that has nothing to do with development. Social features, simplifying things for non-developers, etc. but I do not feel that portion of the 'product' is relevant in this context.

The people I know IRL that prefer a GitHub-type interface over doing things with Git via the command line are the type that need me to fix the issues they run into for them. The fact I'm basically git support for other IT folk leads me to that conclusion.

And frankly, I'm not a Git guru. I'm a very, very average software developer who acts as the sysadmin for Dev at $DAY_JOB.

I fully believe other people have different experiences but I've implemented Git workflows at 2 companies now and I've seen a consistent pattern.

Please do understand, I'm not saying they should or need to learn Git. It is better they focus on the domain expertise they bring to the table [e.g. Web Design, Email Design, Data Science]. I'm just saying it is a different audience than Tarsnap's current one.

I'm one of them. For me it's because I made some token efforts before to understand it, and it seemed far more complicated than source control should be. I have very simple needs, and correspondingly don't really have a desire to learn non simple tools.

And if that works for you, you shouldn't learn it. :)

But I think Tarsnap -> Patio11's Idea is like Git -> GitHub. I think there are two separate audiences there with different needs.

100%. Tarsnap is like GitHub if it were priced by picodollars per byte in the repository blob.

Perhaps, but realize, that the 'truly paranoid' would not use GitHub's paid offering. They'd have their own private behind the firewalls of an open source product with source code they could examine.

At least in my opinion.

GitHub has an enterprise plan where you can run it behind your firewall.

'with source code they could examine' you seemed to have skipped over?

Well, obviously it's not open source, but GH Enterprise is delivered as a running Ruby app, so you can take a look. Of course the TOS says you shouldn't read or reverse engineer or whatever.

But I know people fix bugs that GitHub won't fix in their enterprise product by patching the Ruby source after each new update.

I wonder what would happen if someone built what was described in the post and used tarsnap as the backend...

Is that even possible? ;)

It is very possible and I'm remarkably tempted to do it myself in my free-time.

I also believe that was the intent of Patrick posting this publicly - to stimulate Colin into realizing what people really fucking want and that someone may actually go build a better tarsnap using tarsnap if he doesn't.

I'm sick of Tarsnap's complete disregard for its users; charge more money, listen to your users, improve the product!


Holy shit! What could HE DO FOR FREEBSD with the personal surplus in income from properly implementing Tarsnap as a business!?!?! IT'S FUCKING MIND BOGGLING.


You do it. You're free to become rich yourself and donate half your fortune to the FreeBSD project we all love. Do FreeBSD a favor and make an tarsnap wrapper for businesses who need to pay 1.500 USD monthly to feel secure.

I would love to but I'm building a different company focused on helping people optimize their home energy - I plan to do it (get rich) on that one.

You also mis-characterized what I said. Completely. But whatever, pretty typical Hacker News. It's actually really an interesting dichotomy: there are so many brilliant hackers on here that believe asking for a lot of money for a valuable product and service is evil and yet they're all participating on a forum built and hosted by an organization that specializes in smacking hackers with a fish until they realize the deep and fundamental mistake in that way of thinking.

My argument was that many different kinds of good can be had from the availability of resources and casting resource acquisition in a stigmatic light is cutting innovation off at the knees. All because some less enlightened people figured out how to acquire a lot of resources and use them in non-society friendly ways.

Do you really believe Elon Musk could have turned Tesla into such an awesome company by being Geek2Geek? Fuck no. Elon understands the value of charging for value and how much more value he can usher into the world - so do other amazing entrepreneurs.

I would rather see cperciva acquiring a lot of resources than many other people in the world. I would rather see a lot of people on Hacker News be wealthy people instead the alternatives out there - but they never will be until money and the having of it is no longer stigmatized by them.

For many businesses, $1,500.00 per month to feel secure is pennies. I would rather see Tarsnap, an actually secure service, pulling in that revenue than other "secure" offerings that actually aren't.

To provide some scale reference: my previous company an SEO metrics company had customers paying $1,500.00 per month or more just to know where their customer's URL's were in Google search results.

If there are people willing to pay that much for that, what and who do you think exists out there that would pay 5x that amount to make sure a $25Million class action lawsuit is launched against them? Or to protect hundreds of millions in assets?

If the assets I'm backing up are worth millions to me (tangibly), spending $20,000.00 per month for highly secure and reliable backups is easy.

The source code of the client is not under a liberal license.

I guess lawyers could argue about whether reselling the service fell under 'using'.

(I don't mean this to be hostile to the licensing, I just think that it is a big thing getting in the way of it being very possible to do as you say)

A point worth considering, the spirit of what I said though should be considered - not specifically the details.

The spirit being, that someone WILL fill this gap in the market. Someone. I would rather it be Tarsnap and Colin; though.

You see a gap in the market, the op does, other comments do.

But none is going to roll their own replacement because they are involved elsewhere - I see a gap in the reasoning not in the market :-)

The negative reaction to Patrick's design template is so meta.

It completely proves his point the power of "wrong" design.

Everybody forgot all the brilliant things Patrick said because they didn't like the design.

And that's his point!

Send a non-technical guy who's ass is truly on the line to Tarsnap and, sorry, he's going to have a negative "blink" gut reaction.

If you've ever built a SAAS to any scale, you'll know that is true. Sad. But 100% accurate.

Stripe's original UX to me was a better example of where Tarsnap could go (vs. even the current stripe site):


Headline, button, 5 relevant "benefits"

Then a link to start, documentation, and get help.

Almost exactly what Patrick illustrates before he loses us with a rushed design.

Instead of a critique of how Tarsnap is run, this sounds like a business proposal for a company that would offer B2B services using Tarsnap as a back-end.

They could do things like offering a flat $100 rate for what is probably $2.60 of services and then roll around in the money. Or donate some of it to Tarsnap so it will keep running.

Hmm... in many ways, it's actually not a bad idea. Especially if you partnered with Tarsnap so you could effectively do referrals to each other: send the geeks to bare-bones Tarsnap and they'd send the PHBs to you.

My first thought exactly. My second thought was - if Patrick is so convinced about this and already has such good ties with Colin, why doesn't he run this business on top of tarsnap, and they both agree on a way to share the profits.

This way, Colin can keep things his way, Patrick his way, and they both profit.

patio11 wrote about it here: https://news.ycombinator.com/item?id=7524429

> Because being on the hook for people's backups is not my idea of a fun time, because I'd be directly competing with an Internet buddy who I'd rather see successful, because I have no particular comparative advantage in backups that I don't have in a host of better product categories, because I already run three businesses and enjoy sleeping occasionally, because running services is in fact a heck of a lot harder than posting about them, etc etc.

The point about competing is void if they collaborate (and they are already friends, so collaboration of this sort should be easy). Each does what they're best at. Patrick at marketing and reaching corporate clients. Colin at the delivering the core product and keeping on the promises of never losing your data etc.

To some extent other concerns about sleep and worrying about other people's backups is also something that Colin would take care of in my dream collaborative scenario.

I see Patrick's point being that Colin did the hard technical work to create the service, he should probably take the huge profits for himself.

But sure, it does sound like there's room for what you describe -- even more so if Colin doesn't jump on it.

So set the business up, make LONG_MAX dollars, then offer to hand it over to Colin lock, stock, and barrel if he will admit that it was a good idea all along.

If Colin does not accept, start giving the profits to the OpenBSD foundation.

Yes. I'd pay money for an OSX UI to backup my laptop.

OSX UI to backup your laptop, encrypted, to AWS: www.haystacksoftware.com/arq/

I don't know tarsnap well enough to compare encryption models with Arq or anything, but I'm not invested enough to dig into it either. Arq works for me as a customer, and I'm not really in the tarsnap market.

Why not just use Arq + S3/Glacier then? http://www.haystacksoftware.com/arq/

As someone who knows a little something about this business, and who has been excited and enthusiastic about tarsnap from day one, I hope Colin pays no attention to what you have written and continues to provide his service (note, I didn't say "run his business") just as he has.

I want to live in a world where tarsnap is sold for picodollars.

Well, I hope he changes the "auto deleted if you don't check your email for 14 days" and just charges my credit card accordingly. Operating on pre-payment is kind of nutty.

"Operating on pre-payment is kind of nutty."

Not if you reconsider "backup for the truly paranoid" and ponder about who actually IS the paranoid and what he is paranoid about. Could it be him being paranoid about not wanting to run after his customers money for a service that already has been provided?

rm -rf after 14 days is a bit severe. There is a middle ground where you deny access to the service, but don't delete the data. Note that this is a timeline not set by the customer's "delete if you haven't heard from me by X", but by a billing system set up around unpredictable costings.

Besides, even the truly paranoid don't know when they're going to lose access to emails for two weeks. Sudden hospitalisation? Travelling in an internet poor area, and your hotel that promised access was 'down'? Temporary incarceration for something you never did? Death of a loved one that puts you out of your normal life procedures? Or just fat-fingering a command because you're human, and missing out on the email from an accidental bulk delete (or similar). Perhaps change it to an opt-in for the truly paranoid: "If you're uncontactable for two weeks and our billing system decides you're out, delete my data rather than merely revoke access".

After all, if you're really after a 'dead-man switch', then that should be a feature on it's own, not something to do with billing. "If I haven't logged in for -foo- weeks, delete my data". That's clearly a dead-man switch, not a proxy analogue conducted via "we've consumed what's left on your account". Plus the user could set the number of weeks, rather than just "some unpredictable future time".

What about 28 days? :-)

He could just not stress about running after his customers and chalk it up to breakage. Probably not a good use of his time to be chasing after them for a couple of dollars.

The "truly paranoid" would check backup status email more than once every fortnight. ;)

What happens if I get in an accident and get in a coma for longer than 14 days? What if I get arrested? What if I go on my honeymoon and simply forget about the backup? What if ... truly paranoid people are paranoid about that possibility, too.

I know I am and that this 14 days clause is the only reason why I am not using tarsnap.

"What-if"s are fun! (Still operating under the ";)" from earlier.)

What if auto-renew were added, but you're robbed and knocked into a coma for 2 months. In the meanwhile, the credit card company notices the suspicious transactions, can't get a hold of you, and cancels the card. Auto-renew occurs 3 days later, but the card number on file doesn't work. Colin Percival calls your phone number, and gets no answer for a month. Then what?

If you're truly paranoid, you might have to consider that possibility as well.

With every scenario and solution you can come up with which require intervention, I can double down on and think of a worse-case scenario where your solution won't work and you'll lose your data. A possible non-intervention solution could work, which is to front-load the account to the limits of your paranoia.

What if the payments were taken out of an account automatically and you could load up a reserve with money. This would allow for calculations on your usage:money without it being a major factor on immediate loss of service.

There are two kinds of paranoia here:

1) Paranoid that you will lose your data.

2) Paranoid that your data will fall into the wrong hands.

It seems to me that Tarsnap values preventing #2 over preventing #1.

To follow on your example, what if the authorities who arrested you want to get their mitts on the data in your tarsnap account? Won't you be happy that your data is irrevocably deleted?

Or... you could just put 1 year's worth of funds in your tarnsnap account, and check it every season to top it off.

One of the benefits of a paranoid setup should be not having to constantly check on things.

There are many types of paranoia. Micro-managing is one. Eg,

> if you believe you must check on every detail, your style is symptomatic of insecurity or paranoia - http://www.adams-hall.com/micwilstrany.html

In any case, my ";)" from before stands.

What is google just decided to filter those e-mails into my spam folder and I miss both? That seems like a very possible thing to happen.

Why haven't you white-listed them? The problem with the "delete after 14 days" is that it can be hard to predict on your side how long it will take to exhaust credit. But here what you're asking them is to work around a possible misconfiguration on your side. That's a different class of error.

If tarsnap is really a G2G business, then it makes sense to assume you know how to white-list an email address.

How many other misconfigurations should they deal with? What if the battery is dead on your cell phone when they try to call you after several missed the emails? (Or you're out hiking where there's no reception, or on a cruise, or in another country and didn't want to pay high roaming charges, or ...)

What happens when the CC fails? What happens when the CC fails and the customer is non-responsive? Ultimately Colin has to make a call of whether he deletes the files or not after some point of non-communication from the customer.

He will eventually have to wipe my data. However, as it is quite valuable to me, I want this to happen after actual attempts to contact me, including many emails and actual phonecalls. And at the very least no earlier than many months after payments stop. I'm okay with paying more for the service to get this.

So, why doesn't anyone set up a payment service dedicated to topping up tarsnap accounts? If this is something people want, and colin doesn't care to implement it -- just pay someone else 1.5 the price with the added (mutual) guarantee that you won't run out of funds (possibly with a max, and/or complicated rules for when payment should cease) ?

Sounds like easy money all around, and colin won't have to deal with the support fallout (nor get paid to deal with it, which is ok).

I feel like so many people consider it to be some sort of moral imperative that every company care deeply about growth and market positioning and enterprise-readiness. What happened to "build the company you want to build and have fun with it"?

Wait, I thought you ran rsync.net, right?

Wouldn't that make you one of Colin's most serious competitors? I thought you made most of your money from the enterprise market. The same market Patio is suggesting Colin enter!

It makes me happy that tarsnap exists, just like it makes me happy that things like prgmr.com or FreeBSD exist. The world is a more interesting place.

Wouldn't the best response to Patrick's post be to start a non-Geek brand [a B2B brand] for Tarsnap [under a different name] and sell it that way?

Or (to play devil's advocate) for someone else to start a slick B2B brand that used tarsnap as a backend, and took all the surplus out of the middle...

I'd rather the original creator be talked into a 'premium' B2B brand where he nets the profits. Then again, if refuses, I suppose there is nothing unethical with someone doing that.

I completely agree : But many people (including, possibly the original creator) would feel differently if (a) they chose not to take the advice, and everything remains the same ("I don't need that money"); and (b) someone else took all that surplus instead ("How dare they steal from me!"). Either way, the original creator's bottom-line is the same (probably higher in case (b) due to volume).

Another possibility would be for there to be an 'authorized' premium B2B version - where the original author gets a certain X% ownership, and the slick-marketing type does all the fluff/flashy stuff that adds value for that set of customers.

Well you are free to go ask :)

What patio11 doesn't get, is that part of the reason why HN crowd considers tarsnap "the best backup software" is exactly because Colin Percival is what patio11 calls "bad at business" (and what I would call "motivated not only by money").

BTW, that is the same reason for the backlash over Oculus acquisition: people are upset that it will no longer be run by "bad at business" engineers like John Carmack, but instead by "very good at business" Mark Zuckerberg.

HN is wrong about why Tarsnap is the best backup software, and that's partly because Colin is falsely modest about what Tarsnap is. Tarsnap is the best backup software because it is the most technically credible secure backup service on the Internet.

One way you can gauge just how wrong HN is about this point is to compare Tarsnap's business to that of any well-known backup provider, virtually all of which could (presuming, perhaps unfairly, that Colin is rational) buy Tarsnap with pocket change.

Backup is a huge business, and enterprise/business backup is an especially lucrative segment of that business. Colin has the most technically credible offering for that segment. But he captures only a tiny fraction of it, and regularly finds himself on HN explaining to HN people why Tarsnap costs so much given how cheap AWS storage is. Q.E.D.

It’s kind of amazing that some people here believe its modest price to be Tarsnap’s main value proposition.

This sort of misunderstanding is encouraged by using one's limited supply of the customer's time and attention to highlight "picodollars" as opposed to "Considering online backups? You get to choose between a) you can retrieve your backups, b) other people can't retrieve your backups, c) a and b, but only if you won the Putnam."

In the 90's Microsoft could (presuming, perhaps unfairly, that Linus is/was rational) have bought Linux kernel for pocket change.

The community values when money/power is not the only/main driver for people creating technology. And for a good reason, I think. When we ask ourselves "why we can't have nice things", more often than not the answer is that "people in charge" are motivated by making more money, not making better stuff.

Yes, there is some naivete in this mindset. But I think some of that innocence is a good thing. FWIW, I liked patio11 more when he was excitingly writing how he earned $30k on Bingo cards then the new incarnation that is proud of using a shitty ThemeForest template because A/B tests well.

No, they could not have, because the Linux kernel is open source software. But I understand the confusion, because Colin does his level best to market Tarsnap as if that was what it was.

I am unclear on what you think the purpose of a commercial website is, given your objection to the idea of suggestions that make them perform better.

I don't really have any objections, or really any opinion on whether Colin should or should not charge more.

I was just pointing out that it is a good thing that there are smart people who are "bad at business", who are "irrational" as you put it. Many good things we have came from such irrational people (that was the point about Linux parallel) and many ugly things come from people who are only following the bottom line.

Exactly. What patio11 calls "Geek to Geek" business and suggests Colin move away from. Any new user who sees the suggested standard three tier pricing scheme is going to immediately recognize a traditional business. And there goes the entire g2g market. Which I suppose patio11 doesn't care about given that he's suggesting a move away from that.

But without g2g, Colin is going to be competing in a huge market with a bunch of other players. He's also likely to enjoy his business a whole lot less.

Right, because geeks never buy services from traditional businesses.

Oh, wait.

>>Colin is going to be competing in a huge market with a bunch of other players. He's also likely to enjoy his business a whole lot less.

Also painfully incorrect. When you have a unique selling proposition, it's easy to compete in a huge market with a bunch of other players. It's also enjoyable.

How "painfully" self-centered. It's not about whether you consider it to be enjoyable or easy. It's about what Colin is likely to experience. And given his past reluctance to listen to similar Tarsnap related business advice thrown his way numerous times over the years, one conclusion we can draw is that he fully understands what the options are and he simply doesn't believe he would enjoy the change. There are other possibilities for his lack of change, but I didn't hear you suggest any.

Well, I would not assume to guess what Colin would enjoy, or how he would enjoy it.

However I agree, it does depend on Colin's motivations. If Colin doesn't want more users, and doesn't want more money (for even the same amount of work), then your viewpoint is possibly accurate and has merit.

Other possibilities for his lack of change are clear - we do not always act in our best interests for a garden variety of reasons(negative mindsets, backgrounds, etc etc). This can be very frustrating to our friends, who might have experience and insight into our situation, and want the best for us.

Oculus was never run by anyone who is bad at business.

John Carmack came on relatively late as CTO, not CEO, and Palmer was the owner of some valuable IP, not the one running the business.

The presumption here is palpable. There do exist factors other than the financial -- whole categories of them -- that people take into account when making value judgments like this.

Maybe some people view the Oculus acquisition through that myopic lens, but many do not, and your generalizations do your point of view no justice while simultaneously misrepresenting many of theirs.

If you run a high margin SaaS business where much of the technology is open source, you are going to get cloned. Once you get cloned, you can be crushed by people much better at marketing and sales.

If you stick to low margin / cost plus pricing, it effectively poisons the well for your competitors.

The "poison the well" strategy has worked very well for Craigslist, and the Siracha hot sauce guy.

I'd do everything patrick suggested, but stick to the cost plus pricing and not worry about extracting consumer surplus for the value you create.

Once you have a $500/month enterprise plan that is popular, you are going to have competitors that offer more for $400/month, and VC's will be plowing them with money to hire salespeople to go after these $40,000 LTV customers. All the sudden, your product will no longer be the best solution for your own customers.

Once you have a $500/month enterprise plan that is popular, you are going to have competitors that offer more for $400/month, and VC's will be plowing them with money to hire salespeople to go after these $40,000 LTV customers.

And most of your $500/month clients won't move. You won't get so many new clients, but your existing clients have 'something that works' and 'we're doing something else now'.

An enterprise-level client - one that the article characterises as being able to employ lawyers, and specifically not the cheap ones - isn't going to change from a vendor with a working system to a new vendor just to save $100/month.

From the sounds of it, Tarsnap isn't trying to own everyone's backups and expand at the speed of light. It's been a 'take me or leave me' product whose income currently satisfies the owner. Not getting new customers because of undercutting competitors will only happen when the level of income is much higher than it is now, and one assumes the owner won't have a problem with that given pricing history.

I like how you present Craigslist as "poisoning the well" for other business rather than "providing maximum value for consumers".

I wish all businesses operated on tiny margins. That's how capitalism is supposed to work: competition eats up surplus.

You are right, the two things are just different sides of the same coin.

Jeff Bezos and Craig Newmark are both "providing maximum value" and "poisoning the well of competitors". I'd say both ended up in the same place yet have completely different business philosophies.

When discussing the merits of different pricing strategies, it is best if the argument stands without being clouded by notions of altruism.

It doesn't poison the well as it stands, because someone could still take the OSS software, add a pretty layer with the business continuity guarantees and a bunch of salespeople, and charge $500/mo, and businesses would go with that one rather than that looks/acts like tarsnap. And that would be a rage inducing tragedy. To avoid that, I really hope Colin takes some/all of this advice.

Tarnsap is not actually open source, so you could not do that.

I meant to edit, you're right - I was corrected by someone else that it's only the thin client that's open source.

Even that is not. You may look at the source, but not redistribute it.

This actually perfectly qualifies as being open source.

No, it doesn't: http://opensource.org/osd

> Open source doesn't just mean access to the source code. The distribution terms of open-source software must comply with the following criteria:

Tarsnap also doesn't claim to be open source: http://www.tarsnap.com/about.html

> While the Tarsnap code is not distributed under an open source license,

Ah ha, thanks for the further correction! Well that makes me feel better about the likelihood of someone taking Colin's work and profiting handsomely off of it.

At that it is possible for some enterprising hacker to set up such a business using tarsnap, and try to pay colin as a consultant to make any changes required to tarsnap. Effectively build a shell business around the tarsnap business. Were I a bored sysadmin, I'd be tempted; especially with the key:backup relation, I could aggregate customers' accounts on tarsnap no problem, and take on all of the headaches mentioned for a very fat fee.

Strongly disagree. Yes, there will be competitors, and there will be competitors that cost less than you. However, if you're targeting business customers they won't care about the difference between $500/month and $400/month, or even $500/month and $25/month, so long as they are happy with the product and level of service they are receiving.

cperciva's competitive advantage is almost entirely reputational; if Bob the Fast-Follower made a tarsnap v2 clone it'd be too dodgy to do anything but compete with the tons of existing friendly backup and online drive services.

I'm reminded of this post by lionhearted: http://sebastianmarshall.com/the-genius-and-tragedy-of-patri...

That would be a more apt comparison if this blog post hadn't been part of an ongoing conversation Patrick and I had been having with Colin, not all of which HN is aware of.

> an ongoing conversation Patrick and I had been having with Colin, not all of which HN is aware of

The knowledge that there's missing context, which was provided in some sort of back room inside-baseball hn-elites secret discussion to which I was not a party and will never be granted access, kind of makes me wish the article had never been posted in the first place.

"Here's my article - which you'll never understand, because you weren't there, because you're not cool enough". Great.

Oh FFS, there's enough good info in the article to just think about that, without getting all butt-hurt about in-groups and out-groups.

For any that don't know better, Patrick has since made a lot more than $60k a year since he started consulting and running Appointment Reminder.

I'm still reading and just looking at the screenshots and I have to say I very much prefer the Tarsnap design not the cheap template one which doesn't really look very trustworthy to me and is probably more suited for an online pharmacy.

I feel the same way. It reminds me a lot of https://www.nearlyfreespeech.net/ where they pretty much say that they are server guys and suck at design. I respect that.

And the redesign in the article looks like someone grabbed a free theme and swopped some text and a image.

Nearlyfreespeech's homepage is infinitely more attractive and professional looking than tarsnap's.

And, no, the redesign in the article looks exactly like someone grabbed a $20 theme and didn't bother to swap in the image.

Coudn't agree more. The current design of tarsnap is much better. It shows that tarsnap is serious about technology and security.

So Patrick says in so many words that

"Customers like typical HNers might like Tarsnap the way it is, but Colin should instead market to [such and such businesses] using [lots of specific and actionable advice] because [lots of reasons explained in excruciating detail]".


"Oh, I like Tarsnap the way it is."

It's not just HNers, I would say that a lot of people who are involved with designing/building websites will tell you that this is not a great way to redesign the website (It's probably just a quick draft). I don't say the current design is great but it's better than the one he's proposing in my opinion.

And just by looking at his personal site he's probably not the first person to ask for advice on how to design your website. I'm not trying to offend the writer but there's a reason why there are web designers and UX people dedicated to the task.

I realise that this redesign is just a small unimportant part of all these suggestions (and I agree with some of them) but if he puts it out there it's worth giving feedback on.

Doesn't change the fact that his redesign looks identical to the 100 generic free wordpress themes you see on lots of non-technical and spammy sites around the web.

Colin could spend one day and come up with something that didn't look super generic. My idea would be something dark and simple, like this: https://useiconic.com/

Patrick's actual advice was: "Here’s what I’d tell a contract designer hired to re-do the Tarsnap CSS and HTML [...] a visual redesign will probably cost Colin four to low five figures."

Then he supplemented this with: " let’s hypothetically assume it isn’t in the budget. In that case, we go to Themeforest and buy any SaaS template which isn’t totally hideous."

So don't complain that it looks identical to 100 generic free wordpress themes -- that was Patrick's point, and his actual advice was exactly what you call for: spending a day to come up with something.

For geeks. Not for business people who have to make the decision to pay for it.

Of course, you don't make the change if you don't want to become the B2B mega secure backup business that patrick is pitching. But if you do want to grow into that then you have to re-brand into something a clueless supervisor is going to be able to authorize. That won't happen often with the current design.

If Colin doesn't want to make a big B2B business, which I'm sure we all believe to be true, then you can keep the old design and be happy. But if he wants to have a "real" business, then he should absolutely go with a standard bootstap theme.

edit: four to for. duh

It shows that Tarsnap is a very serious open source project, of a vaguely FreeBSD lineage. Since that's not actually what Tarsnap is, the site design is doing him an obvious disservice.

Out of curiosity, what's the biggest P&L you've had responsibility for in your career?

I don't think that's out of curiosity.

It is. I'm curious because I'm interested in someone who has managed a large P&L but nevertheless thinks Tarsnap is the way to go for their org.

I am also curious because I believe most of the comments here on HN amount to not liking this article because it doesn't appeal to them as a customer without regard to what it means for Tarsnap as a business.

Yes, but you have to admit it does need a call-to-action link that's actually a button.

Exactly. The last thing you want is your website to look like a WordPress template when your target audience is the paranoid.

Note that the whole essay retargets tarsnap as a secure backup business. Not paranoid geeks.

But patio11's redesign would actually appeal to the executives in suits who make the purchasing decisions, while you HNers would still trust it because it's run by cperciva.

Sigh... why does everything needs to be focused on the "Enterprise", the "suits with the checks"? I want to get to this post-scarcity world everyone keeps talking about, but we will never get there if we treat every product as something that must extract "consumer surplus" and be "defensible from competition".

I feel like we should strive to destroy the enterprise, not enable it. I am sure that Patrick's approach would be more profitable, but how many people would be put off by this "professional-oriented" position? Yeah, I'm the guy who would rather go through the trouble of installing/maintaining my own GitLab server than paying a dime to Github/Bitbucket. It doesn't make sense economically? I don't give a shit. I feel like there must be something in this life that I should be able to do by myself. I will give as much time needed to someone who needs help to install/setup Ubuntu on their laptops, but to hell with them if they ask for help to setup their printer on Windows or Mac.

Also, I know that Colin gave the go-ahead to write this piece, but reading the thing it amazed me how it works only as a way to push Patrick's agenda, but none of Colin's. The template that it took only 20 minutes to put together? Put it on a git repo and make it public domain, let other people build upon it. Tell people that those who are genuinely focused on tarsnap success that they can contribute, and even educate other users. This piece works only to show that Patrick can tell people what they should do, but there is nothing Patrick has done to actively improve things.

What better way to destroy the enterprise, as you put it, than taking their money.

And it's less about 'catering to the enterprise', and more about doing business on your own terms.

>>Yeah, I'm the guy who would rather go through the trouble of installing/maintaining my own GitLab server than paying a dime to Github/Bitbucket.

Then please note you're not really suited to participate in a discussion about optimally pricing SaaS to businesses. It will be painful for you, and the people involved.

>>it amazed me how it works only as a way to push Patrick's agenda, but none of Colin's.

Patrick and Colin are friends. Patrick wrote this post to help a friend. Patrick's agenda is Colin's success.

>>there is nothing Patrick has done to actively improve things

Patrick has spent hours thinking about and distilling his thinking into a blog post, designed to help Colin. Patrick is regularly paid Large Sums of Money for his experience and capability in this exact, specific area. What should Patrick have done? Fly from Japan to where Colin lives, push him aside, and implement all the work he suggested, against Colin's will?

Oh, come on. "Taking their money" would never destroy them. As Patrick loves to say, this is peanuts to most company budgets. Also, by focusing on enterprise needs instead of normal folk, you end up with an offering that is designed for the enterprise, which automatically pushes out the smaller fish.

> Patrick's agenda is Colin's success.

Sorry, but this is bullshit. Read the blog post again. I would doubt very much that Colin feels like Tarsnap is a failure of some kind - quite the opposite. Patrick's agenda is keeping the idea that what he does is worth "Large Sums of Money". This might work with the marketing people, but it disappoints me to no end to see this becoming the prevailing view of "Hacker News".

> What should Patrick have done?

A much shorter blog post:

"Do you know Tarsnap? It's this amazing backup solution, created and run by Colin Percival. I wished I could tell everyone to use, but I understand that most people get put off by it's lack of marketing polish. This is understandable if you know that Colin is a genius who (like most other geniuses) do not realize how things that seem simple to him might be harder for the common folk.

I am not such a genius, so I can not contribute to tarsnap itself. But I can contribute to ancillary things that Colin is too smart to even bother doing. So I put together this website (http://link_to_repo) and also this wiki (http://link_to_wiki) where people can discuss things and/or come together to improve the product in ways they think it's relevant. This way we can have Colin doing the things he is already happy doing at a such an affordable price, we can get rid of these small annoyances and get to have more arguments to convince Grandma to use Tarsnap. Most importantly, everyone can be sure that Tarsnap will be around for a much longer time. "

Now, this would be pushing Colin's agenda. This would be allowing Colin to do business on his own terms. Patrick's post just reads as a self-marketing piece.

>> you end up with an offering that is designed for the enterprise, which automatically pushes out the smaller fish.

Can you think of a utility or service that serves the needs of a wide range of businesses, from freelancers all the way up to enterprise? Electricity? Github? Dropbox? Internet connectivity? These services have found ways to charge all businesses of all sizes appropriately at fair rates, without "pushing out smaller fish".

>> I would doubt very much that Colin feels like Tarsnap is a failure of some kind - quite the opposite.

Much like the opposite of love is not hate (it's apathy), the opposite of success is not always failure (it's flat-lining). Growth keeps living things alive, including businesses. Patrick's suggestions are a bunch of ideas focused on helping Tarsnap grow.

>> Patrick's agenda is keeping the idea that what he does is worth "Large Sums of Money".

I do not know a better method to value something that is worth "Large Sums of Money" than people paying "Large Sums of Money" for it. In fact, that is the very definition of value. This is not limited to marketing people. It is the definition of a 'market'. Patrick has a track record of people paying large sums of money for his services, when he was actively consulting.

>> A much shorter blog post: "Do you know Tarsnap? It's this amazing backup solution, created and run by Colin Percival."

Lets imagine you have the experience and ability to 10x or 100x software companies, as Patrick does. When Patrick looks at Tarsnap, he sees a series of simple, straightforward actions that could 10x or 100x it, that does not necessarily require any more work than what Colin is currently doing. With that in mind, it would be impossible for Patrick to credibly and authentically write that kind of boring-ass sales-shill blog post, that would have reached a tiny audience of disinterested people.

>> This would be allowing Colin to do business on his own terms.

Colin is fully free and allowed to do business on his own terms. Patrick is also free and allowed to have and express opinions on how Colin does business. In fact, Patrick even received Colin's consent to write that blog post.

>>Patrick's post just reads as a self-marketing piece.

Having known Patrick for years, and considering him a close friend, this is the furthest statement from the truth I have read on the internet. At least, since I last reloaded the comment thread on this post.

Seems like we are in very different mindsets when discussing the whole thing.

First of all, I do not share the idea that growth is the only to measure success. In fact I strongly disagree with it. Colin's idea of success could as well be "What is the state of art when it comes to secure backup software? When Tarsnap is the answer, that will be considered a success".

Second, you seem to be too hung up on the idea of keeping the business alive. I was semi-serious when I was talking about the post-scarcity world. In my ideal world, Colin would be out of work, just like me and everyone else. I want secure-backups to be a commodity infinitely cheap, not something that I may get for free only if someone else is subsidizing some artificially larger cost. I want Colin to work on things he cares about, out of his own personal interest, not for this SV fucked up measure of success.

Third, I know my blog post is boring. That would be the whole point, actually. Don't forget we are talking about fucking BACKUPS here. They are not supposed to be exciting or deserve all this ink we are spilling over it. The point what I am trying to make is that, what I would see as an actual contribution worth of praise (and even value) would be if Patrick went through the boring parts and muck and said "Hey Colin, I know this is now what you want to focus on, but it's important as an user of the product, so here you go."

Was that we got? No. What we got was some blog post from someone "highly trusted in the community", which works only to establish that he "knows what he is talking about". And yes, there are people willing to pay large amounts of cash for this. I wouldn't, and it disappoints me that so many people here do.

Lastly, this is not an attack on Patrick, but rather on this mentality that is so widespread and so exposed on the blog post.

> This piece works only to show that Patrick can tell people what they should do, but there is nothing Patrick has done to actively improve things.

I believe that's called consulting.

First of all Epic post from patio11. Lots of great advice that can be used by others.

I think the main thing is that all the things that Patrick is mentioning is overhead that Colin likely doesn't want.

He's running this as a lifestyle business and not a company that wants to make millions. I agree that certain changes can be made that allow better value for users (the auto-payment ability being very important) but all these things add overhead that Colin doesn't seem to want. Each change has a multiplier of time, and extra stress.

Heck, he doesn't want to waste his time on fixing his logo to be sharper.

I find Colin's approach refreshing. It's rare to see someone (especially one so gifted intellectually) be so in tune with what they want out of life. Having freedom to do what he wants, enough money to enjoy life and save for retirement and providing an important contribution to the world is what Tarsnap provides.

I'm sure Colin will make changes to make it more useful but I think it will be in the context of what's the best for the users and not what's the best for his pocket.

This post just converted me to use Tarsnap for five servers worth of backups.

I've encountered Tarsnap half a dozen times over the last ~two years, but I was always thrown off by something ("what is this?", "backblaze is easier to use", "that pricing model is way too high - I'd be paying over a thousand dollars a year", etc.). Patrick's post systematically affirmed that I have a clear and pressing need for this, that it's severely underpriced, and a clear path of implementation.

Over lunch I mentioned tarsnap's hit by bus plan to the honchos of a seven figure/year business that needs secure offsite backups. They had a good laugh and dismissed tarsnap completely.

For my own needs I can't use it because I can't tolerate the casual backup obliteration policy.

The message I got out of patio11's work was that there are show stopping issues that are not fundamental to excellence of the product. Lose them. Help more people.

Bill me monthly. Don't obliterate the backups I'm counting on. You can have my business, my recommendations, and my thanks.

(And by all means he should, get a person or a service to take care of all that billing nuisance. Don't let it bring him down. I contract people to collect the money I don't enjoy collecting. That person needs a job too.)

Perhaps, then, there's much more room for services like this that are more established with a better UX at a higher price point.

The biggest fault with this is the assumption that the geek market isn't big enough to do serious business in. I wouldn't alienate existing customers by an enterprisey makeover.

Even when it comes to B2B, it is better for a service like this to get into enterprise via their geeks than try to appeal to their suits, because Tarsnap's strengths mean nothing to a suit.

How about serving both geek market and B2B market? As Patrick noted, Tarsnap Basic will still exist for all geeks to pay pico dollars by usage.

I do consulting for hedge funds in NYC. Most of them use an accounting system called 'Advent Geneva'. This particular software solution has a Unix component where the actual accounting data lives. My clients would like to back up this database securely and reliably. Security is extremely important as for a given hedge fund, their trades and positions are extremely sensitive information. Tarsnap is exactly the backup solution these clients would want to use. As a consultant, I don't think I will ever be able to sell Tarsnap in its existing form to these clients. Keeping aside pricing, these clients would want an SLA (and other legal stuff mentioned in the article) for the backup service. These clients are more than willing to pay costs associated with this higher level of service and will benefit tremendously from using Tarsnap.

I do not know any backup solution which is better than Tarsnap and it's unfair that businesses will have to use less-than-ideal technical solutions ONLY BECAUSE Colin doesn't want to adjust 'business side' of his product offering.

Or just sell the same product through two different channels. Call it "Tarsnap" and make it work via a CLI and low-fi Web site for the geeks who appreciate such things, and call it "Super Secure Backup Pro XP" (or whatever name appeals to normals) with a GUI and a lickable Web site for the non-geek population.

Underneath it can all be the same product, just packaged differently depending on who the potential customer is.

>Or just sell the same product through two different channels. Call it "Tarsnap" and make it work via a CLI and low-fi Web site for the geeks who appreciate such things, and call it "Super Secure Backup Pro XP" (or whatever name appeals to normals) with a GUI and a lickable Web site for the non-geek population.

See, this is something I have thought a lot about. I can understand the value of the 'enterprise' pricing tiers (and yeah, if I have to do a bunch of paperwork, it's totally fair for me to charge you more.) So I can see where pricing tiers could be a good thing.

However... the bit I'm questioning here is how far you distance your 'enterprise' product from your 'geek' product- Especially if you have a strong 'geek' following already, I would argue that you don't want to start over in the 'enterprise' space. You want to carry over the name. Either, as Patrick suggested, move the 'geek' product to a less-accessible URL and professionalize your primary brand, or build a "tarsnap enterprise business edition" url.

Either way, there is a whole lot of value in a brand valued by nerds. I agree that brand needs to change some (and the product needs to change more) to be marketable to the enterprise, but... the boss basically respects his or her geeks... enough to pay them a lot of money. Sometimes I even find the business folks emulating the geeks when dealing with computers. A MBA where I worked saw how paranoid I was about ESD and asked for one of my wrist straps. He used it while he was typing emails on his mac. The "business edition" of the thing his geeks say is awesome is going to have a lot more pull than just some random new brand.

But how much does "Tarsnap" as a brand buy you in the enterprise space, really? Enterprise buyers won't get what it means -- to them "tar" is sticky black goop, not an archiving format. That by itself is no big deal -- if you spend enough, you can get people to remember anything -- but there's no evidence that Tarsnap has that kind of "brand awareness" among that crowd, is there?

I normally would agree, don't throw away a perfectly good brand if you can avoid it. But if the customer has never heard of your brand, and wouldn't understand it if they did hear of it, that's one of the few cases where coming up with a new one could make sense.

>But if the customer has never heard of your brand,

If they've never heard of the brand, you are right. A good name that your customer hasn't heard is better than a bad name your customer hasn't heard.

But, my belief is that there are a lot of semi-technical "enterprise" or at least "SMB" types on places like hacker news, who likely have heard of tarsnap. And even if not, as I said, management listens to their technical help, often more closely than it seems.

Hell, I've had a few 'enterprise' type companies coming to me, by recommendation of their technical folks. The deal usually falls through because I am not equipped to deal with that sort of thing, but the opportunity was there, because a non-management technical person knew my name. Colin is way closer to being able to support those sorts of customers than I am, and I think he has a much larger technical userbase than I do, too.

>and wouldn't understand it if they did hear of it

I'm a firm believer that how recognized your name is matters a whole lot more than how "good" or "meaningful" your name is. A bad name that your customer has heard before is worth a lot more than a good name that your customer has not heard of.

What does conviva mean? what does akamai mean? Avocent? Cisco? To your average English-speaking monoglot, these are just random strings of letters. Much like 'tarsnap' is a random string of letters to people who aren't crusty sysadmins. The names of companies gain meaning through use.

I'm a little embarrassed that I never got the word play in "tarsnap" until just now...

Super Secure Backup Pro XP -- Built on Tarsnap.

But what you described is a total pain in the buttocks. I think it's unfair to pin that on Colin's "unwillingness to adjust".

"Even when it comes to B2B, it is better for a service like this to get into enterprise via their geeks than try to appeal to their suits, because Tarsnap's strengths mean nothing to a suit."

This is very explicitly talked about in the article.

And as Patrick says there - a "geek" will NOT manage to get most businesses to use Tarsnap. For lack of many features, but also because of the "terrible" design (terrible at convincing businesses to use Tarsnap).

The suits have some requirements as well, and it's not "just because" but sometimes because of legal/organizational requirements.

The geeks may love it, but the business needs an invoice. No invoice, no purchase.

Getting an invoice is not that hard. Tell Colin once and you get a automated invoice the first of every month...

I'm exemplifying

Unless I skimmed over part of the post, tarsnap is still run by crontab on a unix/linux box. So, still pretty geeky. And the idea that "affordable encrypted backup" can't be understood by "a suit" is silly.

Hit the nail on the head with the pricing model. I really want a backup solution like Tarsnap that encrypts my data client-side and has an OSS client. I'm even fine with it being a Unixy command-line tool. But I have almost 1TB--a lifetime, so far--of pictures and music that I want backed up. I have literally no idea how much that would cost with Tarsnap, and it could be as high as hundreds per month. There's no way to find out until the bill comes. So I'm just not going to bother.

If cperciva wants to keep metered pricing, maybe offering a free 3-day trial or something so users can get an idea of how much their particular backup situation would cost before committing would be a good idea.

If you have ~1TB of free space, just create a regular tar archive of your data and compress it -- maybe factor in another 10% for dedup (as seen anecdotally by others with large image collections -- this assumes you have raw images+jpegs -- for just jpegs, maybe nothing). Should be (bounded by) 500 USD first month (storage and upload), and 250 USD/Month after that (and ~250 USD to restore).

I'm not sure what's difficult with these calculations?

The dedup (as I understand it) is mostly relevant for incremental backups "adding up" -- so that you can (mostly) run weekly backups without worrying too much about storage cost ballooning out of control.

Note: I'm not affiliated with tarsnap, nor am I a customer -- partly because I'm in a similar position: The data (emails etc) that I can afford to backup in a similar fashion to tarsnap (I use backupninja as a front-end for duplicity) is almost trivial to backup -- the rest (photos, media) I cannot currently afford to backup to the cloud (nor do I have the upstream bandwidth for it).

I am not sure how tarsnap dedups, but you could use apenwarr's amazing "bup" to create a dedupped, compressed backup and get a good idea of the size. But at those prices ...

An external, USB powered, 5400RPM 1TB drive can be bought for $60 last I checked. An online backup service is nice to have, but for $250/month, you could buy a new 1TB disk every week, format it with TrueCrypt, copy your stuff to it, and email it to a random acquaintance/family member (or a known wrong address in Hawaii, so it comes back to you with "wrong address" a few weeks later). It's not as convenient as tarsnap, but way more resilient, not to mention that downloading 1TB back is going to take more than mailing the disk back to you -- or in most cases, taking a return flight to retrieve the disk yourself.

> It's not as convenient as tarsnap, but way more resilient

I'm not so sure about that. In either case loosing your encryption keys is a single point of failure, but tarsnap is backed by regular s3, so it should take a pretty cataclysmic event for the data to disappear -- contrast that with dropping your hd 1 meter and loosing the data.

I don't expect to have a hopelessly slow and asymmetrical 10-20/1-2 mbs Internet connection forever, so at some point personal backup to the cloud is likely to become more viable (technically I could get ~gps upload at my university right now). The only remaining obstacle would be price -- and while backing up servers via tarsnap sounds great, if all you want is off-site ~1TB storage with the bandwidth to use it you could just get a dedicated server somewhere. Not as redundant, but assuming you have on-site backup on disk, and a live copy on your server, you'd have to be pretty unlucky to loose any data.

FWIW I don't think tarsnap aims to be a personal backup solution (for multimedia) -- and for now neither is S3/glacier. If it were, there'd be no reason for Backblaze to have their storage pods.

> contrast that with dropping your hd 1 meter and loosing the data.

Note that tarsnap prices are comparable to 1 new drive per week. After a year, you'll have 52 fully independent snapshots. If the 4 latest ones fall from 1m height, you still have 48 copies (losing most recent month, but having access to all of last year).

And it doesn't take a cataclysmic event - if Colin can't pay amazon e.g. Because the Canadian FBI might have a gag order instructing him to back door he service ... Or else ... I know he can't, but I am not sure that will stop them from disrupting the service. Same goes for any cloud backup, by the way.

That's the ballpark I figured in, and that's why I'm just using Crashplan. $5/month for unlimited storage, but with "encryption" in scare quotes. Paying literally 50x that for Tarsnap is just not practical, since for me true encryption is a nice-to-have and not a must-have. Though I can't really blame cperciva for not being competitive in that regard, I totally understand the difficulty/impossibility involved.

> the intersection of Catholic teaching on social justice and SaaS pricing grids,

Maybe it's just me, but I would read the _hell_ out of that blog post.

Interesting article. I'd actually not heard of Tarsnap before, one question (to those who use it), why would a geek use it over:

  tar -cf - / --exclude='/proc/*' --exclude='/dev/*' [..] | \
      xz -z | \
      openssl enc -aes-256-cbc -e -salt | \
      > /mnt/your/networked/google/drive/backup.$(hostname -a).$(date "+%Y%m%d-%H%M%S").aes.tar.xz
I spent a while going through https://www.tarsnap.com/ and I didn't find any flexibility tarsnap offers over it. To make it work unattended, it's trivial to generate a unique key per backup for openssl (use a tmpfs) and then gpg encrypt the key and email it to sys admins or whatever mailing list before killing the tmpfs.

I could understand the appeal to less tech savvy users if there were a gui, or it featured cross platform support beyond those supported by tar, <insert compression tool>, openssl/aespipe/gpg/<insert encryption tool>, or the storage was super cheap.

So what's the value proposition here?

No (geek) love for Duplicity around here?

When I moved away from being a Mac only to a Mac & Debian user a while back and consequently looked around for a non platform dependent backup strategy (to replace JungleDisc), I did almost opt for Tarsnap but was ultimately put off by these two show-stoppers:

1: The data is stored on Colin's servers, not mine.

2: Seriously. What does happen if Colin walks under a bus?

In the end I went for Duplicity backing up to my own Amazon S3 storage. No harder than Tarsnap to set up –if you interface with it via Duply, storage costs are miniscule and a corporation the size of Amazon wouldn't fit under a bus!


Data deduplication, incremental backups.


Deduplication and incremental backups are table-stakes for backup software.

The reason a business would use Tarsnap rather than some other backup service is the level of confidence that Colin can provide that Tarsnap will reliably protect their data from attackers, including compelled insiders at Tarsnap.

In other words, Tarsnap can offer an enterprise an offsite backup service that is demonstrably as safe as backup data that the enterprise retains direct custody of.

That is not an offering other backup providers can reliably duplicate.

That's right, I was just answering the parent what advantages Tarsnap it has compared to a OSS, bash-pipe-made, tar+encrypt solution.

Security remains the most important difference between those two options.

I assume you refer to all the seemingly nitty problems with the pipeline above (from what I can see, there is no way to verify that the archive wasn't tampered with).

Would you say the same about a solution that signs and encrypts the archive with gpg (signs with a machine's key and encrypts it to the owner's key). If so, can you elaborate on some examples of security problems that solution could have?

Are you asking if I could design you a secure backup system?

I could, and it might asymptotically approach the quality of Colin's.

I don't think you're comfortable with the amount of money I'd charge for that service.

You're better off paying Colin cost-plus for AWS storage, since that's all he seems to want to charge. :)

Heh apologies, my fault for trying to be clever, the mechanism I actually use is incremental and deduplicated. I substituted it for tar to simplify.

I actually use ZFS (filesystem), so my backup flow is closer to:

  TSTAMP="backup-$(date "+%Y%m%d-%H%M%S")"
  zfs snapshot -r $TSTAMP
  zfs send $TSTAMP | \
      xz -z | \
      openssl enc -aes-256-cbc -e -salt | \
      > /mnt/your/networked/google/drive/backup.$(hostname -a).$TSTAMP.aes.tar.xz
The underyling ZFS filesystem is deduplicated at filesystem level, and snapshots are incremental. THere're a few other minor differences (the dest is another ZFS host which syncs to Google drive, and I nuke the local snapshot after send because RAID 1+0 space is more expensive than RAID1 .. )

To answer my own question: deduplication :)

I had not considered multiple backup sources, mine is deduplicated per host, am I to understand tarsnap is deduplicated across all hosts sharing a set of keys?

Also, easier restore and snapshot deletion.

Consider how you would restore using incremental ZFS snapshots. You'd have to pull all the snaphots, unpack the base snapshot and then sequentially unpack each incremental snapshot.

In tarsnap, the server will compute the 'snapshot' you want for you, and will only send you the data blocks that belong to that snapshot.

In tarsnap, you can also delete any snapshot you want, and only blocks belonging exclusively to that snapshot will be deleted. In your system, deleting a snapshot means you lose all snapshots from that one until the next full snapshot.

Also, in ZFS you're limited to backing up complete datasets, but with tarsnap you can backup any set of files you want.

I think that's the case.

Note: https://github.com/bup/bup does that too (though it does not encrypt), and http://liw.fi/obnam/ does too (and it does encrypt).

What tarsnap gives you that obnam doesn't is (a) managed cloud storage, (b) tarsnap's history and reputation, and (c) Colin's personal reputation. That's a lot, and it costs money above the S3 storage costs (which you could point obnam at).

I would like to do something similar with BTRFS.

How are your snapshots incremental? In BTRFS you would need to specify a base snapshot.

What is the restore process? You init a zfs file systems and then zfs receive the backups in chronological order? How are the dependencies between snapshots managed?

The 'zfs send' command will send an incremental snapshot if you specify '-i snap1 snap2'.

To restore, of course, you'll have to have snap1, and then you can apply the increment.

That's what I thought. I wanted to know if the OP had some way to manage the dependencies between snapshots.

Deduplication. And like any other SaaS or cloud model, not hosting it yourself.

The example I cited uses Google drive

Not sure if you are deduping there.

He uses scrypt, not openssl/aes-256-cbc.

A few differences.

scrypt is a key derivation function, not an encryption algorithm. Tarsnap still uses AES-256 CTR mode for encryption.

See my response to tomp - it is deduplicated.

Colin may be a crypto genius and his code extensively reviewed, but I'd wager more eyes have been cast over the openssl codebase than tarsnap.

Or...How I would run an online backup service completely unrelated to Tarsnap, with different goals, different priorities, and different ideals.

Honestly, he's put so much thought and effort into it already and seems to care a lot about it, I wonder why he doesn't just launch a competing service.

Edit: Whoa, lots of downvotes. I guess it is a bit odd to ask a person who just said "What I Would Do If I Ran Tarsnap" if they have any literal interest in running Tarsnap. Silly me.

Because being on the hook for people's backups is not my idea of a fun time, because I'd be directly competing with an Internet buddy who I'd rather see successful, because I have no particular comparative advantage in backups that I don't have in a host of better product categories, because I already run three businesses and enjoy sleeping occasionally, because running services is in fact a heck of a lot harder than posting about them, etc etc.

You are assuming that Colin did not make a number of different (but similar in spirit) decisions when he set up tarsnap the way he did.

But if you espouse like this on 'what you would do if you ran tarsnap' then you probably should be doing just that, rather than to list your own set of priorities that contradict the whole premise of your well intentioned public good advice.

I read this as a public offer to do better, excuses about how you're too busy shouldn't count. If you're going to tell someone how you would run their business you should be wiling to do exactly that. Otherwise your words lose a lot of strength.

Especially because running services is a lot harder than (publicly) posting about them.

I read the article as an immensely valuable 'Business 101 For Geeks: With Current Case Study' tutorial, and wished I had more than one upvote to give it. Seriously, people pay good money for educational material of far lower quality, and we're getting it free. Demanding that the author take on another business is... an inappropriate response.

Indeed. I have paid and will continue to happily pay significant sums of money for educational material at approximately this detail level, so I'm very very happy that Patrick is willing to do it for free.

The whole point is that cperciva has a unique competitive advantage in operating tarsnap in that he's a remarkably good at that problem set.

patio11's whole point is that he loves both tarsnap and cperciva and thinks literally everyone in this equation would be better served if cperciva made more money and by making the tarsnap user experience more sensitive to the needs of businesses who want to rely on it.

part of the allure of Tarsnap is cperciva's security and engineering expertise. While patio11 is brilliant, that is the one part of the "business" he wouldn't be to compete with.

Couldn't he just run a marketing site that passes user data directly through to Tarsnap, but charges a 1000% markup for the flashy website?

Yep, I think this is basically the problem with this post, it's Dropbox with an open source client and maybe that is what he doesn't want it to be.

If you think Tarsnap is Dropbox with an open source client (but marketed differently), a) you do not understand the engineering reality of Tarsnap (or you have a very... curious understanding of Dropbox) and b) Colin, please note that your marketing is creating fans who think that Tarsnap is Dropbox with an open source client.

I meant the product described in the blog post not tarsnap as it currently is.

I'm quite aware of what tarsnap is.

I think Patrick's comment still applies if you think he described "Dropbox with an open source client." Since it's still tarsnap, it still retains all of the security benefits of tarsnap. Saying "open source client" does not capture that.

How about Dropbox + TrueCrypt, except easier to automate and much cheaper beyond Dropbox's free tier, in exchange for taking the risk on a one-person business?

You realise that Dropbox isn't a backup system, right?

I have a backup file there, so can confirm it does work for that purpose.

Um, no.

Delete that file on one device, it is gone from all that share it.

Dropbox preserves history of the file even after file was deleted.

Especially with Packrat feature.


Didn't know, thanks! Also didn't know that (from Dropbox help) "Your files are stored using 256-bit AES encryption". You have to trust them with the keys though.

Put only a backup copy (not the source file) into Dropbox or Tarsnap. Don't delete the file on either system. Same boat.

Scripts can copy out from the Dropbox to both negate your issue and proliferate backup copies to many physical locations.

Things tarsnap would need to be anything like dropbox:

* Mobile support

* Windows support

* A web interface

* Any way of using it other than CLI

TFA left all that stuff in place. "tarsnap the software" does not change at all.

Wow, this was a very interesting read and if forget all the minor changes like the site design his argument cracks open an argument against the way Tarsnap is run. Forget all silicon valley, photo sharing, selling coffee to 20-somethings startups, it seems to me Tarsnap is running inside its own Silicon Valley bubble.

The argument here is Tarsnap is a great product but the way its being sold actively discriminates those who would be best served by their offering, but are not run by unix wizards, and I think we should all care about this issue as well. If it means a company like Target is easily convinced to use a solution like Tarsnap, instead of a competitors, or worse, rolling their own - I think we would be all much better off.

With a great tool like Tarsnap, no matter how its priced, or how its sold, or what CSS is loaded - it should be clear that it provides a great value add and most people are better off with Tarsnap's solution in an enterprise setting. We shouldn't forget its incredibly easy to say "Well things are great now" when they are only great for you.

I've gotta agree with just about everything Patrick said there, despite being inclined more towards Colin's way of doing things.

For the last several years I've been running a business whose primary purpose, really, is charity: providing high quality technical services to people and businesses who couldn't otherwise afford them.

It sounds like a noble cause, but it sucks balls.

You're not serving your customers' needs if you end up in the hospital for any of a hundred different reasons that can happen to anyone at any time, and there's nobody that can manage the service for you while you're out. (Look: you obviously think that having a backup plan for data is important; why do you not think that having a business backup plan is also important?)

You're not serving your customers' needs if you can't afford to ensure the integrity of your own infrastructure. No business lasts forever; what happens if Amazon, two years from now, starts making policy decisions that cripple your business? Steve Jobs died just over two years ago and most people agree by now that Apple has become a different company. Bezos is not immortal, and there's a board of directors that would very much like to be making a lot more money from Amazon.

You're not serving your customers' needs by maintaining an unnecessarily high barrier to doing business with you. I do web and mail hosting for a number of customers. Having backups is really important to me. But I'm also busy and underpaid and my hair's always on fire and my bank account never has quite enough money in it, so tarsnap for me has never looked better than my current backup system (BackupPC on a machine I have physical access to in a secure location). Excel modeling to attempt to estimate my monthly costs for a service is obnoxious.

You're not serving your customers' needs by being unable to fix problems that they are actively complaining about because you're the only engineer in your business capable of addressing them.

Colin's current way of doing business is actively interfering with his goals -- assuming those goals are anything more than, "provide a cool backup service as a hobby".

You don't have to become a disciple of SV startup culture. There's a fantastically large middle-ground that allows for changing the business just a little bit without sacrificing its soul.

The amazing thing here is that both Colin and Patrick are amazing engineers: Colin as a software engineer, but Patrick as a business engineer. A business is an abstraction that can -- and should -- be engineered. That means understanding the scope and requirements of the problem being solved and then coming up with a system that meets them. Colin, for godssake, take Patrick's advice just as seriously as somebody should take your advice on cryptography.

Someone should just clone Tarsnap, run it as a business, and compete with Colin. He's in it for the fun and hobby, not the money and no one can change that in his personality. If anyone feels that a company can be doing something better but refuses to do it better, then compete with it.

People keep trying to "fix" Colin instead of doing the entrepreneurial thing and competing with him. He can't be fixed because there's nothing "wrong" with him. That's like telling Good Will or the Salvation Army to change their pricing. If you want a for-profit department store then start your own Walmart. If you want a better backup service like Tarsnap then clone the thing and do it better.

Tarsnap is trustworthy partly because of Colin's reputation, and you can't clone that.

Colin's an unfathomably smart, pretty reasonable dude. It feels wrong to assume that he's in this for the religion of it, or that no argument exists that's convincing enough to change his mind.

For the same reason, "fixing" seems like the wrong verb here.

Better, why compete? Just wrap him! Put up a better marketing site, sell packages, and pass the actual traffic back to Colin's servers. Volia!

It's not easy to wrap tarsnap. If you own one tarsnap account, how do you split that up into multiple accounts? You'd end up writing code for account management and authorization (not written by colin).

Also, you can't provide the guarantees you want. You could hire 24 hour tech support but will they be able to troubleshoot colin's servers if they are down and he is sleeping?

Update: another business idea for Colin. Keep tarsnap as-is but license the server code for a fee so others can run a business as proposed.

That... is interesting.

What the OP don't understand is that there are services like that already (i.e. [1]). You want something more drobxy but supposedly secure?! Go for SpiderOak!!! Plenty of solutions around you could even buy Amazon S3 or Glacier storage yourself, make a gpg and use dump/tar/whatever-utility-you-like encrypt and upload them yourself using a script (or set of scripts).

[1] http://www.haystacksoftware.com/arq/

The difference is, I trust Colin. Aside from djb he's one of the few people on this planet I would trust to write crypto/security software and get it right.

SpiderOak? Only heard about them because they're "hip" on here, given the state of technology in the average startup, I wouldn't trust them with my data ever.

So you want the hip part of Spider-oak and the quality of TarSnap. That's fine to ask, but these things very rarely play well together.

PS. Let's not be harsh on SpiderOak though, I never used it for backup purposes and haven't read about any security breaches or privacy concerns about it anyway.

As to "just clone Tarsnap", up till now I thought that only the client app is open-source, isn't that so? If yes, then I believe it's not even "just clone"?

I believe that the website mentions open source contributions, but that the entire client is not open source.

> This page would literally be 1/5th the size of this blog post or less and take less than an hour to write, and would probably double Tarsnap’s sales by itself.

cperciva: Pretty please try this first and measure the effect? Would be super interesting!

From the tarsnap mailing list:

I'm currently suffering from a deluge of emails (turns out that a blog post from Patrick McKenzie saying that I shouldn't have cut prices results in even more people signing up for Tarsnap than the price cut did, and most of my email comes from new users)


Whenever I read Patrick, I'm reminded I have bad thinking about how to price something. My idea of a fair price is = COST_TO_MAKE x 2 or something like that. In reality, it's VALUE / 2. Meaning, if a backup service provides $100 worth of value (reduction in risk), I should be ok with paying $50 for it. I shouldn't reject a backup service because I know that it costs $1 and they're charging me $100.

Consumers are pretty price sensitive, and business that sell directly to consumers must cater to this. This is why Patrick is always advocating that you start a business that sells to other businesses. A business doesn't mind paying for something as long as the cost is below the value it gets them. Isn't that the basics of business? Buy low, sell high? Buy a service that provides $X value as long as the cost is < $X?

I first can across this difference when I was a newbie DBA. We needed to upgrade our SQL Server cluster to the latest edition. I reviewed the differences between the various editions, and decided we could use some of the features in Enterprise vs. Standard. I did a little estimation, and showed how much time we could save between the DBAs and the developers if we got Enterprise. It was nowhere near the difference in the license costs, but I passed my findings onto the IT manager and the CEO. The CEO said buy Enterprise. I was stunned, and thought it was a bad decision. The reality was that we got so much value out of SQL Server, it didn't matter that we paid more than what was absolutely necessary.

Developers have the consumer pricing mindset as well. They complain about IntelliJ, Xamarin, or Visual Studio licensing, or worry about SQL Server costs. Even if an IDE provides you with a 1% performance gain, I'm pretty sure that's worth it for most companies. Who cares if a language/framework/database/server is free if reduces your output by even 5%. That's just bad business. You can claim a license fee on your taxes, but you can't claim an opportunity cost.

Consumer tight-fistedness for consumers can also be a bad thing. I live in a relatively cheap area of the US. When I travel, I'm shocked at the prices. In order to feel comfortable, I have to ask myself not Is this a good price? but Would I rather pay $15 for a pina colada or go without? Often the answer is, Yes, I'd rather sip a coconutty concoction on the beach in Hawaii than have an extra $15 when I get home.

It's not wrong to think of stuff in terms of whether it's worth the price, though. See: the Mr. Money Mustache school of thought, in which every dollar you don't spend is a dollar closer to not ever having to work again.

> "Colin is in no danger of selling Tarsnap to people with multiple terabyte databases — there’s only a few dozen of those organizations in the world and they would not even bring up Tarsnap to joke about it."

...is not actually true. There are likely thousands of companies with multi TB databases, many of which are small shops who need a backup solution. S3 is one option of course...

A company I know of and do business with produces software for firms in which a terabyte is considered a small installation. Many firms use this software.

I stand corrected. Would love to hear more next time we're in the same room.

Yes, and it is actually that kind of conversation. I will email you about some thoughts on a different topic, and you will recognize my email from my profile.

I think Patrick is usually right on the money but I have at least 2 gripes with this post:

1) $50/month is WAY too much for the opening tier. Maybe $50/year. $50/month may sound OK to someone who already has a business generating meaningful revenue. But $50/month would be a show-stopper for most bootstrappers (which I imagine is a core audience). Especially when compared to something like Digital Ocean's $5/month.

2) The site design proposal looks pretty horrid. No doubt the current web site is also lousy, I think he could stick with something that still "speaks" to geeks. That "new" site design looks like one of these terrible templates which I think actually could send the wrong message.

If Tarsnap added recurring billing and (much) better documentation with examples, I think Colin would do just fine. He doesn't need to rethink his marketing, there's enough geeks to keep him fed.

The article seems to derive its consequences from the unwritten assumption that the goal of tarsnap is to earn as much money as possible, or to attract as many customers as possible, or at least to attract those users who would benefit from tarsnap.

Maybe this isn't cperciva's goal? Maybe he is just running the service as he wants it to be?

Maybe we as geeks would be even better served if Colin was taking the money he's currently leaving on the table from business that aren't us geeks directly, but we have technical input in? Because currently he's missing out on those customers, and I know for a fact (I tried) that where I work would use tarsnap if Colin implemented what was shown here, they'd give him $500 a month, and us geeks continue using it with pico dollars (that doesn't go away!) and Colin gets more money and time to improve the service.

Seems good to me.

While the main post was interesting enough, and has already garnered responses, I'm genuinely amazed that people pay for that level of "cron monitoring".

Looking around I see at least three services ("probyapp.com", "deadmanssnitch.com", and "cronwat.ch" - the latter of which has an expired SSL certificate).

FWIW one of the main reasons I've never used tarsnap is the pricing and the picodollars, it never felt "real" enough, although obviously it is completely transparent.

It's in gigabytes right on the home page conveniently converted. How does $0.25 / GB - month feel less real than....anything else?

My favorite thing about tarsnap is how damn reliable and trustworthy Colin is. If I see tarsnap start to move towards whatever fad all the other SaaS platforms are following today, I'll probably assume that they're trying to be the next Dropbox. That might be the right decision for tarsnap, but I'd move my backups.

A very close approximation to patio11's vision of what tarsnap should be already exists: http://www.rsync.net. I use them with duplicity instead of tarsnap for exactly the reasons patio11 went in to.

All the same benefits as tarsnap: de-dup, guaranteed privacy, OSS, headed by a bona fide geek (http://blog.kozubik.com/), fair pricing. Plus: multi user sub accounts, 7 days of free server side snapshots of your entire backup space and geo redundancy.

Plus business benefits: SAS 70 / PCI / SOX / HIPAA compliant, a company that's been going for over a decade and isn't reliant on one person or supplier etc.

His advice re: paid articles/guides is basically what DigitalOcean is doing at a larger scale, and with great success.

This is pure brilliance. And probably a massive windfall for Colin if he acts on it.

I loved leaving the existing service as a poorly publicized option, as it keeps the hn-crowd-early-adopter-technical-consultants using the service, and thus recommending it to the $500/mo businesses.

This is sort of like: "I am a business consultant, here is how other businesses do things. Do this"

There is no problem in the way the service is priced. Its about the same way cloud services charge. How much are you going to spend on a big AWS installation, including bandwidth, storage and compute? You dont know? Well knowing that to a penny is hard.

Well boo hoo. I was going to go on vacation and I dont wanna read email when I am on a 21 day sabbatical. What happens if there is not enough money on the credit card you are charging your other cloud services too? You get email, and if you go over they stop running your stuff.. Go over even more and eventually they will just delete your stuff. That is not just your backup that is your entire platform.

I dont see the problem here. The use case is, I sign up for tarsnap, I put some money in the account and then I dont want to ever think about it again.

Do you do think with other cloud platforms? Dont you want to keep an eye on what it costs? Wouldnt that be prudent?

The same with tarsnap. You star using it, keep an eye on what it costs. Then after a while you should be able to create a projection of how much its going to cost. That to me seems like a good thing to do if you run a "serious" business.

Cool, Patrick takes over, I stop using tarsnap. I am a minority, I get that and I'm fine with it, but that's the way I feel.

Side-Note: I don't feel okay about the way this turned out for Colin. He is a member of our community, I'm reading his comments here, he is active. Everyone here, judging his business model, with some people being extremely harsh IMHO, feels like an on-line reality or something. I don't like it.

Lacking good counter-arguments to the article, I'll just vote with my wallet and sign up for the current tarsnap today. To be fair, I had been contemplating it for a while, but this just pushed me over the edge. I feel manipulated. :D

I'll follow you, although I actually deposited money like half a year ago but have yet to start testing it :P

This is the way to do criticism on the internet.

As a geek, this sounds quite lucrative yet boring. I'd be torn.

Also, the proposed design looks ugly and absolutely standard, whereas the current one has this touch that makes it stand out. As a geek, though.

I do not understand the negative reactions.

What about reframing the marketing/messaging changes the underlying tech involved?

How is creating a complimentary B2B site, going to make the G2G one any less valid?

I'm not understanding why there is a recurring theme in this thread that having awesome underlying tech is somehow mutually exclusive from running a great business as well.

How much of this could be done by building a new business that internally uses tarsnap? The business provides these service plans and completely abstracts the client away from the fact that it uses tarsnap under the hood. The primary risks I can see:

1. Colin gets hit by a bus and Tarsnap disappears. There's not much that this new company could do to protect itself from this problem, short of convincing Colin to implement a failsafe that, upon his verified death, hands full control of Tarsnap (including any relevant private keys and passwords) over to someone who can continue the service (and that someone could easily be the founder of this new company).

2. Technical support that this company could provide would be limited based on the level of support that Colin would provide to this company. Again, perhaps this company could draw up an agreement with Colin for priority support, paying some large amount of money per month for the privilege.

3. There's probably other issues I'm missing, perhaps this company can't make the same guarantees tarsnap itself could (e.g. ability to be HIPAA-compliant) due to not being in control of the technical aspects.

But otherwise, it could certainly provide all the metered pricing guarantees, including guaranteeing backups don't get deleted after a 7 day shot clock. And they may be able to make other guarantees (e.g. priority support) depending on what they can convince Colin to deal with; I'm sure that it's easier to have a single special customer that gets special treatment than it is to offer priority support (and other guarantees) to arbitrary customers.


On another note, I disagree with the author that metered pricing should be removed entirely (although he seems to have already conceded that he will never win that argument). Tiered pricing for businesses is great, but there's still a need for cheaper pricing for various reasons.

Perhaps I'm an employee at a company that's testing Tarsnap to ensure it meets the company's needs before making the case for the company to buy a service plan. I may not have the authority to purchase a $50/mo plan, but I certainly would have no qualms about paying $1 out of my own pocket to test the service for two weeks.

Or maybe I'm an independent developer who's bootstrapping a business. I'm still in development mode so I have no customers and therefore no income. Being able to pay $2/mo for the backups I need is a lot more appealing than paying $50/mo. When I finally launch my product and gain users, then I can consider switching to the $50/mo plan for the guarantees it offers (e.g. predictable pricing).

What I love about the concept of metered pricing is how direct it is. You pay exactly for the resources in use. No strange statistics, heuristics and assumptions have been applied to your data, whatever it is, that's what you're using and that's that. You can then look at your month-to-month usage and do the statistics yourself.

I do like the proposals in the article, but I wouldn't make the metered pricing that invisible. I'd call it Elastic Tarsnap, put it in the same table before Tarsnap Professional, give it a faded background and put the language with the picodollar pricing on it. This will communicate that that's the intended product for the truly paranoid power user who needs their personal data backed up. Maybe even put that exact sentence under it "Backups for truly paranoid power users (or unix geeks)". Because it's not just corporations that have specific needs, we unix geeks have specific needs too.

I like Elastic Tarsnap. That appeals to me, I think it probably appeals to everyone who does like the current pricing model, and it's pretty easy for businesses to ignore.

I really like that idea. It seems like an awesome compromise.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact