OFF: Online backups (was: Re: HW: Alien Autopsy)

Paul Mather paul at GROMIT.DLIB.VT.EDU
Thu Jul 30 09:46:57 EDT 2009 

On Jul 30, 2009, at 5:45 AM, Jonathan Jarrett wrote:

> On Mon, 20 Jul 2009, Paul Mather wrote:
>
>> One possibility to consider is to use an online backup such as Mozy  
>> or Amazon S3 as your backup drive.  (Be sure to read the SLA very  
>> carefully!)  That way, you can offline your storage and disaster  
>> recovery headaches to someone else.  (The downside is that it is  
>> more expensive than a DIY consumer solution, but who said  
>> enterprise-level solutions necessarily came cheap?:)
>
> 	I have to say that I would never want to trust my backup to an  
> outside agency.

That's a fair comment, although, truth be told, you already do.  For  
example, you trust Seagate, Western Digital, Maxtor, and the likes not  
to produce buggy firmware that will brick your drive suddenly.   
(Seagate Barracuda problems, anybody?:)  You are trusting them to be  
truthful about failure rates and failure modes.  You also are trusting  
the outside agency that wrote your backup software to produce  
something that actually backs up everything needed to restore properly  
(permissions, ACLs, xattrs, flags, resource forks, etc.).  You're also  
trusting them to document it properly so you can understand its  
shortcomings and implement it properly.

To be fair, these are quite rare events, but then so are large  
enterprise storage vendors going bankrupt without any lead time  
whatsoever; network outages in agencies with SLAs specifying five  
nines of availability; and so on.

> Online services go bankrupt sometimes, and then no SLA will bring  
> your stuff back. Or, more simply, they can just have network  
> outages. By all means use this for an offsite restore-in-case-of- 
> disaster level copy but I don't think you want to use it in  
> preference to a home solution.

One of the attractive things I see regarding online backups is that it  
solves quite nicely the thorny dilemma of offsite backups.  Lots of  
people who undertake backups still store them onsite, and then, when  
something nasty like their house gets flooded; burns down; or gets  
broken into and their equipment stolen, are left up the creek without  
a paddle because they've now lost their active data AND their  
backups.  That's a disaster recovery no-no.

I'm involved with the MetaArchive initiative, which is an offshoot of  
the LOCKSS (Lots of Copies Keeps Stuff Safe) project.  When they  
recently announced they were moving the Properties Server into the  
Amazon Cloud I had the exact same reaction as you did: do we have a  
non-cloud instance to use as a backup?!?  Our migration into using  
cloud computing is measured, deliberate, and gradual.  I would expect  
anyone using an online backup solution to be wary, too, and to  
exercise due diligence.  But, I think we should be realistic about the  
risks, and, to be honest, I think the risk of making a hash of  
implementing a home-brew backup solution is as great as---or greater  
than---using an online one.  (Hands up those that use "RAID" as a  
backup solution.  [You do know it isn't, don't you?]  Hands up those  
who do that have actually simulated a drive failure and replacement...)

I believe that the more people that use online storage such as Amazon  
S3 the more reliable it will become: we will view it much the same as  
we do as electricity in the industrialised world: something that is  
"just there."  More and more software supports online storage,  
including even some FTP clients.  More and more third-party backup  
solutions are leveraging online storage, too.  One I discovered  
recently that looks very interesting is a project by the FreeBSD  
Security Officer, Colin Percival (author of bsdiff, portsnap, and  
freebsd-update), called Tarsnap (see http://www.daemonology.net/blog/2008-11-10-tarsnap-public-beta.html 
  and http://www.tarsnap.com).  It describes itself as "online backups  
for the truly paranoid," which, I have to admit, does warm the cockles  
of my heart.  The good news is that its prepaid pricing model is  
currently profitable even with the relatively low economies of scale  
provided by its paid private beta phase, meaning the service is self- 
sustaining.  And, at only $0.30/GiB/month storage space and $0.30/GiB  
of bandwidth used, it is cheaper than all the current crop of online  
backup services.  (And, actually, you only pay for the storage and  
bandwidth you in fact consume: the rate is actually 300 picodollars  
per byte of bandwidth used and 300 picodollars per byte-month of  
storage.  This means that if you are only storing a few MiB of data  
[for address books, bookmarks, contacts, etc.] you'll only be deducted  
a fraction of a cent from your prepaid account total each month.)

> 	I am now uncomfortably aware that I don't really have much of my  
> stuff backed up anywhere *other* than online, though that online is  
> at least my landlord's machine.

Hey, don't knock it.  Reciprocal agreements are one way to go: you  
back up my data and I'll back up yours.  (Of course, make sure to use  
a backup client that supports encryption to ensure privacy.)

Cheers,

Paul.

More information about the boc-l mailing list