My home computing environment now has encrypted off-site backups. I've had the system in place for many months now, but various things have kept it from being quite right. It now finally seems to be in good working order, so I thought I'd share it with you…
It all started with a long-time acquaintance of mine who had his house broken into, and everything stolen. Everything…including all his computers and backup media. My friend was between jobs at this point, and thus had absolutely no off-site backups of anything. Every digital (and film) photo he ever took—gone. 20 years worth of software he'd written—gone. Indeed, everything he'd written—gone.
Now I've always kept a copy of my digital photos on a Zip disk / CD / DVD somewhere outside my home. Unfortunately, external magnetic media with enough capacity to backup my home setup have been insanely expensive for a long time, and I just hadn't gotten around to doing anything about it. My friend's disaster was my call to action.
I purchased two Adaptec USB 2.0 IDE enclosures and two 400GB Seagate IDE drives. (I'm not happy about the potential for common-mode failures, but it is a backup system, after all.) Both have cryptoloop ext3 main filesystems, plus a small boot partition in case it is ever needed. A Dirvish setup update the current backup disk nightly. The other disk is stored off-site. Once a week or so, the off-site and live disks are swapped.
Needless to say, I feel quite a bit better.
Dirvish is quite good for my needs, and is maintained by a friend of mine. It's a bit tricky to set up, but it's quite easy to recover from—often a bane of backup systems. I should probably have used a compressed filesystem for the setup, but I can live with 400GB of backup space at this point, as it turns out.
I know cryptoloop is outdated and has some security issues, but it had big advantages for me. Cryptoloop is quite familiar to me, as compared with the alternatives. It is mountable by Linux boxes way back into the dark ages, so it will be recoverable. It was quite easy to encrypt a previously-unencrypted filesystem, although that's true for several of the alternatives. Finally, the integration with mount and other tools slightly eases deployment.
The cost of my setup was about $500. In addition to its protection against malice, it also serves as an effective, er, backup device in case of drive failure, reducing my need for RAID in my home setup. Along with the UPS setup I now have working, off-site backups are helping me to worry less about my precious bits.
(Off-Site Backups is also a Netrunner card.
I used to play a lot of Netrunner 7-10 years ago, until WotC killed it. I miss it.) (B)