I have a 56 TB local Unraid NAS that is parity protected against single drive failure, and while I think a single drive failing and being parity recovered covers data loss 95% of the time, I’m always concerned about two drives failing or a site-/system-wide disaster that takes out the whole NAS.

For other larger local hosters who are smarter and more prepared, what do you do? Do you sync it off site? How do you deal with cost and bandwidth needs if so? What other backup strategies do you use?

(Sorry if this standard scenario has been discussed - searching didn’t turn up anything.)

  • MentalEdge@sopuli.xyzEnglish
    3·
    1 day ago

    They only needed about 500GB.

    And personal is for desktop systems. You have to use Backblazes macOS/Windows desktop application, and the setup is not zero-knowledge on Backblazes part. They literally advertise being able to ship you your files on a physical device if need be.

    Which some people are ok with, but not what most of us would want.

          • MentalEdge@sopuli.xyzEnglish
            11·
            21 hours ago

            You can do that with B2. Just use an application to upload that encrypts as it uploads.

            The only way to achieve the same on the backup plan (because you have to use their desktop app) is to always have your entire system encrypted and never decrypt anything while the desktop app is performing a backup.

            Did you not read what I said? You use their app, which copies files from your system as-is. Ensuring it never grabs a cleartext file is not practical.

              • MentalEdge@sopuli.xyzEnglish
                11·
                20 hours ago

                Also doesn’t mean it is. Or in a way where only you can decrypt it.

                The chain of custody is unclear either way. You’re not in control.

                  • MentalEdge@sopuli.xyzEnglish
                    1·
                    9 hours ago

                    No shit. But encryption isn’t the same as zero-knowledge. Where by the time they handle the data in any way whatsoever, it’s already encrypted, by you.

                    Do you not know what zero-knowledge means? Or are you so focused on my mentioning they’ll ship data to you physically that what I actually said went over your head?

                    From the page you just linked:

                    1. Implement encryption transparently so users don’t have to deal with it

                    2. Allow users to change their password without re-encrypting their data

                    3. In business environments, allow IT access to data without the user’s password

                    It’s not zero-knowledge!