[Techtalk] offsite backup for home users

Wim De Smet kromagg at gmail.com
Fri Nov 16 13:12:18 UTC 2012


(hope it's okay I bounce this back to list)
On Fri, Nov 16, 2012 at 12:17 PM, Rudy Zijlstra <
rudy at grumpydevil.homelinux.org> wrote:

> On 16-11-12 11:44, Wim De Smet wrote:
>
>> Hi,
>>
>> On Fri, Nov 16, 2012 at 3:06 AM, Amanda Babcock Furrow<alb at quandary.org
>> >wrote:
>>
>>  No one has mentioned Amazon S3 yet.  I'm pretty sure they're the
>>> cheapest way to back up large amounts of stuff.  They've just
>>> rolled out the ability to have your older S3 backups archived
>>> to their new Glacier tape backup service.
>>>
>>>  I looked into this a while ago. I find the pricing a bit hard to parse
>> (do
>> you pay monthly for all data in the system, or for data added?), but it
>> seems if I add up the numbers I get ~100$ per month for 1TB? Something
>> like
>> crashplan+ costs less than that _per year_. Comes at the cost of
>> flexibility of course, but I don't see the cost advantages of S3. Please
>> do
>> tell me if I'm missing something major.
>>
>> Here's the website for crashplan:
>> http://www.crashplan.com/**consumer/crashplan-plus.html<http://www.crashplan.com/consumer/crashplan-plus.html>
>> Not an endorsement (I haven't used it, but I do think it's one of the
>> cheaper ones). I do wonder if they really "mean" unlimited GB. That's a
>> lot
>> of data I could load on their servers for that 6$/month.
>>
>> Aside from that and spideroak, I didn't really find any attractive (cheap)
>> options. But I don't really remember all the companies I looked at and why
>> exactly I rejected them again.
>>
>>
>>
> The main reason i am wary of most of them is security. How difficult are
> they to break into? And keep in mind that social engineering is the weak
> point almost by definition, as a result of the clash between "user
> friendly" and "secure"
>

That's true of any cloud service I guess. The best you can do is encryption
with user managed keys. At least that doesn't expose your data if they
somehow get to your account. Amazon supports that (don't use server-side
encryption though!) as well as crashplan (have to enable it) and spideroak
(by default). That will defeat a social engineering attack because they
simply can't get at your data from the company side.

Of course they might have messed up the implementation etc, but I don't
think the average person should be that paranoid. Running your own server
will be more expensive and possibly more dangerous (depending on how well
you admin) plus wherever you host it has to be a trusted facility.

My favourite low-tech alternative is to just dump backups fully encrypted
onto a disk and take it into work/vice versa. Simple, effective and quite
cheap but hard to keep up, which is why I think it's better to actually
just go with a cloud service.

regards,
Wim


More information about the Techtalk mailing list