A Couple of Backup Options - What Should I Do?
February 17, 2006 6:02 PM   Subscribe

I recently subscribed to an online backup service that offers 1GB for $9.95 a year. After joining the service I discovered that you upload one file at a time. No uploading of folders. Is zipping files and folders the best solution for getting large amounts of data backed up with this scenario? More below

I also have access to the storage capabilities of my web host and I have 100GB+ available for storage. How would I use that to keep things private and not searchable, etc.? Simply password protect the directory used for backup?

Thank you!!

Looking for solutions,
Gerard
posted by Gerard Sorme to Computers & Internet (13 answers total)
 
For the online backup service I'd try to find out if they support WebDAV. Then, PC or Mac, you could mount the backup store and just drag and drop to your heart's content. Files, folders, whatever.

For a web host, if you want to keep the data private, I'd encrypt it. Either set a password on the zip file (probably fairly easy to break, but a deterrent) or invest some time learning PGP/GPG (much harder to break).
posted by roue at 6:18 PM on February 17, 2006


(Gerard, you don't need to sign your name)

(TL)
posted by thanotopsis at 6:19 PM on February 17, 2006


It all depends on how private you want it.

As Schneier said, "There are two kinds of cryptography in this world: cryptography that will stop your kid sister from reading your files, and cryptography that will stop major governments from reading your files."

Zip encryption is fine for the former. For the latter, you're going to want a private key block cipher. DES and AES are two very well known cyphers. With a suitably large key that you keep local and private, your host will not be able to read your files.

If you're just after combining files, a utility like 'tar' will be faster than zip, because it simply bundles files (into a tarball); it doesn't compress them. You can compress using bzip2 or gzip afterwards (forming the common .tar.bz2 and .tar.gz archive extensions).
posted by devilsbrigade at 6:21 PM on February 17, 2006


For what its worth, PGP is primarily public key cryptography. There is a step that involves a symmetric key (private) key, but the entire point of PGP is to decrypt something someone trusted has sent you without knowing their private key they used to encrypt it (so you know it can't be spoofed). You don't want PGP here, although you could use it if it was all you had.
posted by devilsbrigade at 6:25 PM on February 17, 2006


are you on Windows? if so just use the backup program it came with and copy the backup file to the server. alternatively, a lot of archivers have options to do a fairly basic job of backing up your stuff. (in fact, WinZip Pro 10 has scheduling, 256bit AES encryption, job support, and FTP uploading built in now.) if you're on a Mac, you could use an Automator workflow (assuming you're on 10.4) or the .Mac Backup program (if you have .Mac - though if you do, then there's not much point buying the extra service since Backup backs up straight to .Mac) or something like SuperDuper! to do the task and make a file to upload. (fwiw, it might be useful to know what host - there are services like yours such as StrongSpace that support neat things like rsync and stuff.)
posted by mrg at 6:30 PM on February 17, 2006


I'd like to point out that PGP (or gpg, if you swing that way) has a perfectly good symmetric encryption mode that works without PKC. It's a good and trustworthy solution to encrypting a backup file.

A zip or tar archive combined with PGP strikes me as an excellent base for a backup system. I say go for it.
posted by majick at 7:06 PM on February 17, 2006


How would I use that to keep things private and not searchable, etc.?


Files on web servers aren't magically searchable, or visible to search engines, just because they're on web servers.

They have to be linked from somewhere.

If you create a folder called your-isp.com/your-name/123456789 and put your stuff in there, I guarantee you the contents won't show up in google, unless you choose to make them show up in google.

(And even then, there are tons of posts on AskMeFi from people who desperately want their files to show up in google and can't get it to happen)

So no encryption is necessary and no work is necessary to make them "private and not searchable".
posted by AmbroseChapel at 7:40 PM on February 17, 2006


If you're using a Mac, use a 'sparseimage'. It's functionality built into OS X that lets you create a virual disk in the form of an image which is locked down with tough AES security. Disk Manager lets you create them and they expand to the size of whatever you add to them. They also look like normal drives (so are great for storing.. 'questionable' stuff securely normally too :)).
posted by wackybrit at 7:44 PM on February 17, 2006


Files on web servers aren't magically searchable, or visible to search engines, just because they're on web servers.

While google won't index stuff you place on a web host if you don't link to it, that doesn't necessarily stop anyone else with access to that box from noodling through your files. If the privacy of the data is important, encrypt it.
posted by roue at 9:25 PM on February 17, 2006


PGP isn't "a" thing, it has tons of different ciphers and modes for different purposes. You can certainly encrypt file(s) with it for this purpose. Tar isn't the only utility with null compression, either, since you can zip-without-compress.

And if you're thinking of usin FileVault with OS X, read around before you do - it can make recovery a pain in times of problems, and it causes problems itself: the sparseimage doesn't dynamically shrink, you have to hope that when you reboot or shutdown it asks you to compact it. This means that your home directory will stay as large as it has ever been since the last compaction (reboot/shutdown) until the next time. It's about 80% baked.. nice idea, not quite there.
posted by kcm at 12:17 AM on February 18, 2006


The problem with using a single monolithic zip file as an archive is that every time you want to retrieve a single item you have to retrieve the entire file.

Incremental backup using something like Dantz Retrospect is a much better idea. It works via FTP... there might be a way of making it work via WebDAV if you can automate the mounting of volumes.

One decent approach is to buy a very cheap old PC and set it up as an FTP server using free software. You then locate this at a friend's house, or your parents', or anyone who has broadband. You use a dynamic DNS service like no-ip give this computer a web address (like my-cheap-backup.no-ip.info). You then use incremental backup software to backup your essential documents via FTP every night.

You can do a reciprocal arrangement with your friends if you like.

I do exactly this as one of my backup strategies. The server is an old G3 located in my basement which I use to backup my office computer.

The great thing about an incremental backup is that even if your hard drive gets corrupted and you don't realize, you can find older versions of files in the archive.

My other backup strategies are:

1. Mirrored system harddrive. I have two drives in my main zero-downtime computer. They are mirrored every night using Synchronize X. If one of them goes down, I simply reboot from the other, having lost at most a few hours' work. This has saved my ass within the last month.

2. .Mac backup of keychains, address books and crucial documents. This goes hourly.

3. Gmail. All of my mail is forwarded to a gmail account, and I also email myself any landmark documents.
posted by unSane at 8:18 AM on February 18, 2006


You can also use gmail as file storage. There's even a handy little extension to make it easy to move files up: Gmail Space
posted by Mick at 8:57 AM on February 18, 2006


Response by poster: There are so many great ideas here. I think I am most comfortable with encrypting the files. While they may not be searchable, I don't want them available for anybody at the hosting company to wade through.

From the answers above, it's pretty clear that I should use my 100GB of web host storage available to me, along with backup software and encryption. The single file at a time through this other service just won't cut it.

Thanks everyone!
-------------------------
posted by Gerard Sorme at 12:53 PM on February 18, 2006


« Older Have you ever done it in a hot air balloon?   |   Acceptable foods for Fat Flush Diet? Newer »
This thread is closed to new comments.