More about encrypted backup

Richard Bejtlich linked to my last post here and several people have emailed me to suggest existing services or utilities which I might want to use. I have considered all of these; for a variety of reasons none of them satisfy my needs.

The first suggestion I received (from several different people) was Mozy Remote Backup. There are a few reasons I don't want to use this:

The next suggestion I received (again, multiple times) was duplicity. This inspires rather more confidence than Mozy, but still has one critical limitation: It operates within the traditional model of "full backup + incremental backups" instead of a snapshotted model. This means that you can't delete a backup without making all the incremental backups taken after that point useless; I wouldn't be able to, for example, have hourly backups for the past week, daily backups for the past month, weekly backups for the past year, and monthly backups beyond that. It also slows down the process of recovering from the backups, since you would have to download the full backup and all of the incremental backups thereafter instead of simply restoring the latest snapshot directly.

The third popular suggestion I received was Box Backup. The "Programmers(sic) Notes" included are a bit difficult to understand; it sounds like boxbackup does use some very complicated magic with its "encrypted rsync" to allow some old bits of files to be removed, but I'm not sure if this includes intermediate versions of backed-up files or only the versions which are the oldest at the time. The later possibility is fine if you only really care about having a backup of the most recent version of everything, but it's not useful if you want (as I do) lots of recent backups but far less frequent older backups. Box Backup also leaks more information than I'm comfortable with; it allows the 0wner of the system on which the backups are being stored to identify

I'm probably far more paranoid about such things than most people; but I would not want an attacker to say "hey, Colin just updated /lib/ on his server; there must be a new OpenSSL security vulnerability"; even worse, if I used Box Backup, such an attacker could likely figure out which files I had recently modified in /usr/src in order to narrow down his search for whatever unannounced bug I had just patched.

UPDATE: See my more recent post for a clarification about Box Backup.

In short, I'm still not aware of any utilities of services which satisfy my backup wants. Any other suggestions? Please let me know.

Posted at 2006-09-14 04:50 | Permanent link | Comments
blog comments powered by Disqus

Recent posts

Monthly Archives

Yearly Archives