Backups are important. There is no doubt about this. If you have ever los data due to a harddisk failure or malware, you will most probably agree. But where should you store you backups? I used to have two strategies.
- I have two identical HDD’s. One for working with, one just for backups
- The media server (this one) below my TV set also has a copy of the backup but not as current
A couple of days ago I saw the apartment of a neighbor burning down at night. This is not only very sad for the people living there but also the no backup would survive. Even if you have two. Therefore a good option would be storing the backup somewhere else. The current hype are cloud services like the well known Dropbox. During the past couple of months, Dropbox managed to literally „collect“ security flaws and made major mistakes in their public communication. This doesn’t really help to trust them (or any other storage provider). So they are useless for storing backups on them. Of course, you could upload a Truecrypt container. But this is mostly impractical. You need to start up Truecrypt, sign in, then sync the files. The container then needs to be uploaded all over again in case you need more space, etc. It is much safer than doing nothing, of course. Still nothing you can use on a regular basis.
The (at least my) Solution
There must be a way to store data somewhere else, it has to be automated and it has to be encrypted on the local PC. The solutions I found most effective are
First I tried Wuala. This is a Swiss zero-knowledge provider. This means the data is being encrypted locally with the account password and not even the provider itself can decrypt the data as they don’t know the password. The software is written in Java but obfuscated, so closed source. You can only use their data centers to store data. I could not find any news on security flaws at their system. Still, there’s a weird feeling about this. So I only use it for not too sensitive data. It’s just easy to use from every PC with Java installed.
For real backups, I stumbled upon Duplicati. This meets virtually all requirements I had for a backup software: open source, encrypts locally, uses well known standards, plattform independant and I can choose where to store the data! Since I have enough FTP space left, I wanted to use this. On the other hand I still want the data to be encrypted in case the server is hacked, the provider is bitchy or any other case. This is all handled by Duplicati.
Just as in any backup software you can schedule backups, restore files, etc. The best part about it is the support for multiple backends. There are numerous protocols that are supported for storing the data. At the time of writing this, the following options are provided:
- Amazon S3
- Regular file drive
- FTP Server
- Google Docs
- An SSH Server
I guess this should be enough. If not, feel free to implement your own backend. It’s open source 😉
Each Backup consits of multiple files (data itself, file lists, signatures, etc). They can be split into smaller archives. Everything is being compressed using ZIP and encrypted using AES256 prior to uploading. Therefore also all the metadata is invisible (no file names, sizes, etc visible).
I will not go into technical details as this is pretty much all explained on the project’s website. But since I am using Duplicati, I sleep much better. MY files are stored on MY server, compressed and encrypted with MY key. So what should go wrong now? 😉 I hope this blog post helps to support the Duplicati project a little as it is a very good idea.