OFF: Online backups (was: Re: HW: Alien Autopsy)

Jonathan Jarrett jjarrett at CHIARK.GREENEND.ORG.UK
Wed Aug 5 11:54:58 EDT 2009 

On Thu, 30 Jul 2009, Paul Mather wrote:

> On Jul 30, 2009, at 5:45 AM, Jonathan Jarrett wrote:
>> 	I have to say that I would never want to trust my backup to an 
>> outside agency.
> That's a fair comment, although, truth be told, you already do.  For example, 
> you trust Seagate, Western Digital, Maxtor, and the likes not to produce 
> buggy firmware that will brick your drive suddenly.  (Seagate Barracuda 
> problems, anybody?:)  You are trusting them to be truthful about failure 
> rates and failure modes.  You also are trusting the outside agency that wrote 
> your backup software to produce something that actually backs up everything 
> needed to restore properly (permissions, ACLs, xattrs, flags, resource forks, 
> etc.).  You're also trusting them to document it properly so you can 
> understand its shortcomings and implement it properly.
>
> To be fair, these are quite rare events, but then so are large enterprise 
> storage vendors going bankrupt without any lead time whatsoever; network 
> outages in agencies with SLAs specifying five nines of availability; and so 
> on.

 	I have to concede those points, but I do so only reluctantly you 
understand ;-)

 	<snip>

> I'm involved with the MetaArchive initiative, which is an offshoot of the 
> LOCKSS (Lots of Copies Keeps Stuff Safe) project.  When they recently 
> announced they were moving the Properties Server into the Amazon Cloud I had 
> the exact same reaction as you did: do we have a non-cloud instance to use as 
> a backup?!?  Our migration into using cloud computing is measured, 
> deliberate, and gradual.  I would expect anyone using an online backup 
> solution to be wary, too, and to exercise due diligence.  But, I think we 
> should be realistic about the risks, and, to be honest, I think the risk of 
> making a hash of implementing a home-brew backup solution is as great as---or 
> greater than---using an online one.  (Hands up those that use "RAID" as a 
> backup solution.  [You do know it isn't, don't you?]  Hands up those who do 
> that have actually simulated a drive failure and replacement...)

 	Ah, it was LOCKSS that first woke me up to this, in fact, though 
by then I'd already seen it happen to a couple of sites that I assumed 
would come back, and never did.

 	My institution uses RAID as a primary backup and takes the whole 
setup to tape every weekend. This is going to have to change soon as we 
are currently pushing the limits of what can in fact be taken to a 
single tape drive in the course of a weekend...

 	The other problem with online backup, of course, is that you can't 
so easily guarantee it's not being read by others. The police can make you 
turn over your hard drives but it's a lot easier not to let you know 
they're looking at you if they can get at your backup agency under, for 
example, the UK's RIP Act. And that's just the ones with legal ways to do 
it.

> Hey, don't knock it.  Reciprocal agreements are one way to go: you back up my 
> data and I'll back up yours.  (Of course, make sure to use a backup client 
> that supports encryption to ensure privacy.)

 	Ha! If you knew my landlord you'd see why that's funny, but trust 
me, encryption is *on*. Yours,
 				Jon

-- 
       Jonathan Jarrett, Cambridge    jjarrett at chiark.greenend.org.uk
    =======================================================================
  "With Capitalism, man exploits man.  With Socialism, it is exactly opposite"
 	                 -Robert Anton Wilson

More information about the boc-l mailing list