I have a 56 TB local Unraid NAS that is parity protected against single drive failure, and while I think a single drive failing and being parity recovered covers data loss 95% of the time, I’m always concerned about two drives failing or a site-/system-wide disaster that takes out the whole NAS.

For other larger local hosters who are smarter and more prepared, what do you do? Do you sync it off site? How do you deal with cost and bandwidth needs if so? What other backup strategies do you use?

(Sorry if this standard scenario has been discussed - searching didn’t turn up anything.)

  • MentalEdge@sopuli.xyzEnglish
    0·
    2 days ago

    Sure they can. How else do they enable providing access to the content without the user password?

    The data is secured against unauthorized access, but unlike zero-knowledge setups where the chain of custody is fully within user control, the user is not the only one authorized. And even if you are supposed to be, you cannot ensure that you actually are.

    OF-FUCKING-COURSE the physical drives, and network traffic are encrypted. That’s how you prevent unauthorized physical access or sniffing of data in-flight. That’s nothing special.

    But encryption is not some kind of magic thing that just automatically means anyone who shouldn’t have access to the data, doesn’t.

    For that to actually be the case, you need solid opsec and known chain of custody. Ways of doing things that means the data stays encrypted end-to-end.

    The personal backup plan doesn’t have that.

      • MentalEdge@sopuli.xyzEnglish
        0·
        1 day ago

        4

        Explain to me how they couldn’t. Without simply stating “it’s encrypted”.

        On the B2 plan you can use open source solutions like Kopia, and literally look at the code, to KNOW that data is encrypted on your system with keys only you have, before Backblaze ever sees it.

        Explain to me, how the personal plan using their closed source application achieves the same.

        Linking to a page where they say “it’s secure” is not sufficient. Elaborate. In detail. To at least an equal extent I already have.

        • FreedomAdvocate@lemmy.net.auEnglish
          11·
          5 hours ago

          So your whole point is that you shouldn’t trust one of the biggest cloud backup companies on the planet when they say that your data is encrypted, with no proof that they’re telling lies…and you’re asking me to prove that they’re telling the truth?

          The onus is on you to prove that they’re telling lies, not on me to prove what they say is true.

          They say this about computer backup on one of the pages I linked earlier:

          Computer Backup Encryption

          Data is encrypted on your computer—during transmission and while stored. Block unauthorized users from accessing your data by using a Personal Encryption Key (PEK) or use a 2048-bit public/private key to secure a symmetric AES-128 key. Data is transferred via HTTPS. Enhance your protection with two-factor verification via a TOTP (Time-based One Time Password).

          Is that all a lie? Based on what?

          • MentalEdge@sopuli.xyzEnglish
            1·
            4 hours ago

            No.

            I’m saying 99.999999999999999999999999999999999999999999999999999999% ≠ 100%

            For some people that’s close enough. For some of us it’s not.

            Prove otherwise. I dare you. I’m done putting in effort explaining the obvius to you. Your turn.