Posted by Jarsto in Technology, Writing
October 8th, 2012 | No Comments »

I recently switched to SpiderOak as my new backup solution for a lot of things, including everything I write. In this blog I want to give you some of my reasons for doing backups as well as my reasons for choosing SpiderOak. If you’re considering getting SpiderOak yourself you might want to use my referral link. This means I get 1GB extra storage when you sign up, and so do you (so you start with 3GB free instead of the normal 2GB SpiderOak gives you).

I had plans for a more in depth series about this. And may end up doing some further articles for the blog later. But I figured it was about time I got at least a core article written, which is what you’re reading now. I hope it will be useful for at least some of you. And just in case anyone is worried about system compatibility. SpiderOak supports Windows (XP or newer), Mac OSX 10.5+, and Linux (5 official packages, can be ported to other distros).

Why I Have Backups – A Brief History

As to why you should do backups. That’s mainly something to discuss should I do something more on this subject later. My own reasons for being pretty focused on (some might say fanatical about) backups go back to late 2002 when, for the first time in my life (but not the last) a computer harddrive decided to crash on me, taking all my data with it.

I had – through sheer good luck – made a backup of my writing folder less than a week before. If I hadn’t made that one I’d have lost six months worth of writing (somewhere in the 100 to 200 hours range at least at that time).

After that I guess you could say I got serious about backups. The next HDD crash – a year or so later I think – barely caused a blip. I may have lost a day of work if that. But of course it did confirm that I needed to be serious about backups. CD-RWs and USB-drives were the main means I used at the time.

Later when I’d switched to Linux I discovered (and sort of fell in love with) cron, the scheduled execution system. I first set it to make backups on a different HDD in the same system each night. Then later added a script to upload an encrypted backup to some FTP space my ISP gives me every night. And that was more or less my setup, until a few months ago…

Why I Changed

I had a reasonably functional system as you can see above. So why change? Well there were a couple of downsides to the system I’d scripted myself. For one thing it just made big encrypted zip files of certain directories and uploaded those in a new version each night. Which at least once (fortunately not during any local failure) resulted in a damaged backup file when my internet connection cut out briefly in the middle of the night. And while I have bandwidth enough it was a bit cumbersome to upload that much data on a daily basis.

So after hearing good things about some online solutions I decided to look into them. The one probably most mentioned is DropBox – you’re likely to have heard of it if you’ve ever looked at making online backups and/or synchronising folders over the internet – but I didn’t look at that very long before I ran away screaming.

Well screaming is a slight exaggeration. But I wasn’t happy with what I was reading about DropBox. For one thing, although their website fudges the issue a bit, you should be aware before using DropBox that DropBox employees have the ability to decrypt your files. And since I’m what I like to term ‘constructively paranoid’ about data security that doesn’t sit well with me.

Why SpiderOak?

I won’t bore you with most of my research here. Suffice it do say I already knew a few things about computer cryptography and I learned a lot more during the course of this research. Instead let me share my basic requirements for a backup solution;

  • Use a modern encryption algorhythm AES or equivalent
  • 256 bit encryption or better
  • Secure contact initiation
  • Data doesn’t leave my computer unencrypted
  • I have the encryption keys, they don’t
  • Estimated time until broken 10+ years on everything

If any of the terminology above is unfamiliar feel free to ask in the comments. Or look at any subsequent articles if I’ve done them by the time you read this. The most important thing is the estimated time until broken. That’s in many ways the main system for judging any encryption: how long will it take before Moore’s Law means computers will be powerful enough that a sufficient cluster of them could break this encryption.

Another imporant point for time until broken is the encryption key/password you use. The longer this is. The more time it will take someone to get the right password in a ‘brute-force’ attack where they simply try all possible combinations of letters and numbers (and special characters). But passwords are of course always up to the user regardless of encryption.

Looking at these criteria, and the fact that any system I use has to work on Linux, there was only one option left, and it’s a great one: SpiderOak. SpiderOak provides that they call a zero-knowledge backup. Meaning they don’t know anything about what’s in you’re files, or your password. In fact they point out that if you forget your password (and you can’t remember it after seeing your password hint) there’s nothing they can do for you.

Final Thoughts

I hope the text above shows you why I ended up choosing SpiderOak and maybe convinces some of you to try it for yourselves. Because of my history with data-loss backups are a must for me, and I always hope to show others how to do them (and make them work) without their having to suffer similar losses first.

To end on a lighter note: another advantage of a good backup solution is being able to enjoy the startled looks on the faces of your friends when you tell them very little short of nuclear war could truly destroy your data…


Leave a Reply