I have a 56 TB local Unraid NAS that is parity protected against single drive failure, and while I think a single drive failing and being parity recovered covers data loss 95% of the time, I’m always concerned about two drives failing or a site-/system-wide disaster that takes out the whole NAS.

For other larger local hosters who are smarter and more prepared, what do you do? Do you sync it off site? How do you deal with cost and bandwidth needs if so? What other backup strategies do you use?

(Sorry if this standard scenario has been discussed - searching didn’t turn up anything.)

      • MentalEdge@sopuli.xyzEnglish
        11·
        21 hours ago

        You can do that with B2. Just use an application to upload that encrypts as it uploads.

        The only way to achieve the same on the backup plan (because you have to use their desktop app) is to always have your entire system encrypted and never decrypt anything while the desktop app is performing a backup.

        Did you not read what I said? You use their app, which copies files from your system as-is. Ensuring it never grabs a cleartext file is not practical.

          • MentalEdge@sopuli.xyzEnglish
            11·
            20 hours ago

            Also doesn’t mean it is. Or in a way where only you can decrypt it.

            The chain of custody is unclear either way. You’re not in control.

              • MentalEdge@sopuli.xyzEnglish
                1·
                9 hours ago

                No shit. But encryption isn’t the same as zero-knowledge. Where by the time they handle the data in any way whatsoever, it’s already encrypted, by you.

                Do you not know what zero-knowledge means? Or are you so focused on my mentioning they’ll ship data to you physically that what I actually said went over your head?

                From the page you just linked:

                1. Implement encryption transparently so users don’t have to deal with it

                2. Allow users to change their password without re-encrypting their data

                3. In business environments, allow IT access to data without the user’s password

                It’s not zero-knowledge!

                  • MentalEdge@sopuli.xyzEnglish
                    11·
                    9 hours ago

                    Yeah. It’s almost like I literally said that in my second comment.

                    Which some people are ok with, but not what most of us would want.

                    What gap in my knowledge are you trying to fill here?

                    I didn’t even mention encryption in my second comment. Just that their backup plan isn’t zero-knowledge.