Experience with Carbonite? Other choices.
I'm considering Carbonite to back up images and other computer files. Advertising and websites always look good. Would appreciate any eperiences and if there are other choices that are available. Thanks!
Forum Discussion
- I just renewed my prescription for Carbonite. I had Carbonite for 5 years now and thankfully never had to recover data. I also have Carbonite on my iPhone and iPad that holds all my photos.
- Amazon Glacier is fantastically cheap and is designed for long-term archiving of data.
Gdetrailer wrote:
If you really, really believe that any encryption is 100% crack proof.. There ARE folks who can make you a great deal on some ocean front property in Arizona or if you would rather a large bridge in NY I am sure they will happen to have one of those..
I'm not following this. The post quoted said nothing about encryption being uncrackable? Just that there are encryption algorithms available that have not been breached?
And I'm also not following the hacking examples such as Target? The hacker obtained stolen contractor credentials, allegedly by an employee for the contractor opening an email attachment containing a keylogger? Had nothing to do with defeating encryption?
Even more recent examples of SSL breaches had nothing to do with defeating the encryption itself, but on the implementation of SSL protocols.
Weaker encryption schemes have been cracked, but these should not be used to secure data in the first place.- JoeTampa writes “NOT true. I have been working in the encryption field for 15 years and I can assure you that there are encryption algorithms that have no back doors, and crypto systems that do not as well. Many are open-source and peer reviewed; backdoors would be found.
There are crypto systems that have been alleged to have been intentionally weakened at the behest of the NSA, but there are others where no such tampering would be detected quickly. TrueCrypt is one of them.”
The Germans in WW2 “thought” their “Enigma” machine was uncrackable, it WAS cracked. The fact it was cracked was kept secret from the Germans which allowed the Allied Forces to gain important information which considerably shortened the war.
ENIGMA MACHINE
HOW ENIGMA WORKS
Take your “pick” on the Target data breach..
TARGET DATA BREACH SEARCH
TARGET DATA BREACH FAQs
"What impact did the breach have on PIN numbers?
On Dec. 27, 2013, we were able to confirm, through additional forensic work, that strongly encrypted PIN data was removed. We remain confident that PIN numbers are safe and secure. The PIN information was fully encrypted at the keypad, remained encrypted within our system, and remained encrypted when it was removed from our systems.
Why does Target think PIN data can’t be compromised?
Due to how the encryption process works, Target does not have access to nor does it store the encryption key within our system. The PIN information is encrypted within Target’s systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the “key” necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident."
Even though Target may not have the “keys” the EXTERNAL PAYMENT “PROCESSOR” DOES..
MORE BREACHES
ADP was “hacked” back in 2011..
HERE
Most recently big news..
CYBER ESPIONAGE
Westinghouse Electric had 700,000+ documents along with an unknown amount of internal company communications stolen.. Keeping in mind that many of those documents possibly contained designs and trade secrets for nearly half the nuclear power plant reactors.. :E
Ebay?
YEP, EBAY
How about 150 MILLION passwords hacked at Adobe?
ADODE HACKED
How about the top ten hacked sites in 2012?
TOP TEN BIG COMPANIES HACKED IN 2012
INCLUDING DROPBOX!
2013, MICROSOFT was hacked..
MS HACKED
Many companies may have been hacked and NEVER REPORTED IT
HACKING DISCLOSURES
For each hacked or compromised system that has been PUBLICALLY REPORTED there is most likely tens of thousands which have been hacked and never found out and or never reported..
It goes a lot like this..
What is built, can be disassembled.
Example..a house can be assembled and it can be disassembled.
A electronic circuit can be assembled and is can be disassembled (I have personally “disassembled” electronic circuits in order to repair them without the aid of actual schematic drawings, was it easy? No, but it is often done since many companies do not release that info).
Computer code can be assembled and it CAN be disassembled (reverse engineering)
First rule of computers, they are only as smart as the person who programmed it..
Computers do not and cannot TRULY generate “random numbers”, what computers generate is call Pseudo numbers. Meaning there IS a possibility at any given time a number string “generated” is duplicated this creates a potential FLAW.
To get around this FLAW issue complicated “algorithms” (mathematical equations) are created which are used to generate security “keys”. The problem with that is ANY mathematical equation CAN BE SOLVED provided one has a few “pieces” of the equation and some time on their hands.. The flip side is those who created the “algorithms” also hold the KNOWLEDGE on how to get around the encryption..
There is ALWAYS FLAWS in computer code and therefore will always be a potential for someone to reverse engineer the code and be able to extract enough info to crack the encryption.
Keep in mind that all of the companies above are PRIVATE NETWORKS with firewalls, antivirus protection..
If a company which is protecting trade secrets CAN’T prevent data breaches just how much safer do you REALLY think a PUBLIC Internet storage site is?
Folks today have gotten so used to the idea that everything is “secure”, they think nothing of posting everything and anything out on the Internet without ever realizing that once it goes outside of your PC it no longer is “private” and there is no security which is 100% fool proof when that happens.
For those who think offsite PUBLIC storage even encrypted via third party software is needed, think again.
Even with "encryption" you DO NOT KNOW where your data is stored, nor do you know WHO has your data. It could be in the USA but it could be in ANY COUNTRY..
For protection against fire you can get fire rated small safes, place a portable HD in that safe..
Surely you have a relative who doesn’t full time camp, even that is a good place to keep off site valuables..
Heck most folks SHOULD have some sort of fire resistant safe that they place important documents in like birth, wedding, titles, insurance papers, property deeds and so on in..
Now days they DO have fire rated safes which are also rated for protecting optical media and even hard drives in case of fire.
If you really, really believe that any encryption is 100% crack proof.. There ARE folks who can make you a great deal on some ocean front property in Arizona or if you would rather a large bridge in NY I am sure they will happen to have one of those.. - This is one of the reasons I don't use commercial encryption software as we don't know if a backdoor has been engineered, intentionally or by request through some "agency" action. And why I only use open source encryption as it does allow the possibility of community review.
TrueCrypt is currently undergoing an extensive independent audit by IsTrueCryptAuditedYet?. A partial report has indicated no backdoors found. But does have some medium level weaknesses.
It's best for now to use a stronger password for generating the key to avoid brute force attacks from systems designed to do so.
I personally tend to use only encrypted volumes, but aware that this does have security drawbacks in comparison to encrypting the entire system OS disk. For instance, it is possible that sensitive material could temporarily be stored unencrypted due to memory paging, or during hibernation to name a few. Gdetrailer wrote:
Each encryption method has some "master" or "backdoor" key.. If it is encrypted, someone already knows how to decrypt it.
NOT true. I have been working in the encryption field for 15 years and I can assure you that there are encryption algorithms that have no back doors, and crypto systems that do not as well. Many are open-source and peer reviewed; backdoors would be found.
There are crypto systems that have been alleged to have been intentionally weakened at the behest of the NSA, but there are others where no such tampering would be detected quickly. TrueCrypt is one of them.- While Carbonite may be cheaper and have a user interface that is a little more friendly, it didn't meet my needs for two reasons:
1. Most cloud backup services only allow you to back up to the cloud.
Mozy allows you to back up to a local hard drive at the same time you back up to the cloud. 30 days of backups are saved in the cloud and the last two versions of a file are stored on the local hard drive. This allows you to have a local backup that you can quickly and cheaply (depending on the service you have at your current campground) restore files and have an offsite cloud backup that you can use if anything happens to your local computer and hard drive. If you have Mozy set to backup locally and to the cloud and either your hard drive or the cloud is not available, it will back up to whatever is available. When the hard drive or cloud becomes available, it will back up the missing files during the next backup. Mozy keeps track of what is backed up where.
2. Carbonite will not back up an "exe" file and by default very large files. The large file default can be overridden, but the "exe" limitation can not. Their logic is that you can not use a backup of an application to restore it (you must reinstall it) so they feel there is no need to back up "exe" files. The problem is that most of us now download our applications (newer computers don't even come with a CD/DVD drive anymore.) When you download your application, you are asked if you want to purchase a CD/DVD installation disk for $10-$25. If we don't do this, the only way we have to reinstall the program is the "exe" install program that we downloaded. This install programs need to be backed up some place and I prefer my regular backup process. I have a folder called program updates that I place install programs in. Mozy allows you to backup any type of file. This leads to a potential higher cost though because Mozy no longer offers unlimited space like Carbonite does. Because you can either set what type of files you want to back up or set which files you want to backup, I can back up my "exe" instal programs without backing up "exe" application executables.
Like many of the backup programs, Mozy encrypts all of your files using state of the art encryption on your computer (using a key that you supply and only you know) before they are sent to the cloud. They cannot access you files even if they want to without knowing your key. Should Mozy ever go away (as some have suggested might be a problem), I still have my local backup with all of my files.
Like most other backup services, you can access your files on your phone and tablet using a Mozy app. The files are unencrypted using the key that you supply and only you know.
As others have mentioned, the first backup will be huge no matter what service you use. While it takes place in the background and over several days, it is a lot of data. Don't do it on a service that has a low data cap. Once you have the initial backup complete, the day to day backups are not a problem. The only place I turn them off is in Canada where it costs me to much to use my Verizon hotspot. I only back up there when I have WiFi.
Jim mlslcan wrote:
monkey44 wrote:
2oldman .....
SO, my question remains unanswered: What did we do with it before 'online storage' ... why is that suddenly 'unsafe' ... and in fact, how much of what we save online is really necessary in life. So, it's more about a waste of money than paranoid.
....
Many people used safety deposit boxes at banks to store "life's data" before online storage. So they made copies, had them certified and then stored them at the bank. The "cloud" is the new evolution of that process.
I have been in IT a long time and offsite storage of data backups has always been part of a good recovery plan. Starting in the days of tape storage there was always a copy moved offsite. Normally there were copies on site that was used first but in the case of fire (or one actual recovery I was part of a flood) the off site copy had to be brought in to recover the data.
Mike
Bank "safety boxes" UNLIKE Internet online storage now days IS vastly more "secure" and is pretty much 99.99% impossible for any unauthorized access to your contents.
Even the BANK it's self CAN NOT OPEN those boxes WITHOUT YOUR KEY.
No one breaking into the bank or "posing" as you can OPEN the box without causing MAJOR damage to the bank vault..
Internet online storage is a whole new frontier which has not been fully explored. Encryption methods CAN BE BROKEN, THAT IS A FACT.
Each encryption method has some "master" or "backdoor" key.. If it is encrypted, someone already knows how to decrypt it.
You are more than welcome to store your info online but you should always be aware that it IS PUBLIC and what is put into PUBLIC storage is no longer "private" and therefore CAN be "requested" by proper authorities at any time..
Many ISPs HAVE been "requested" by courts of law over the years to hand over info on folks downloading unauthorized music and video from "sharing" sites so don't think that your "data" is 100% "secure" and will continue on that way forever..
Don't get me wrong, "offsite" backups is a great idea but you don't "need" an online service to provide that.. Online is a easy way and they make it easier every day for a reason.monkey44 wrote:
2oldman .....
SO, my question remains unanswered: What did we do with it before 'online storage' ... why is that suddenly 'unsafe' ... and in fact, how much of what we save online is really necessary in life. So, it's more about a waste of money than paranoid.
....
Many people used safety deposit boxes at banks to store "life's data" before online storage. So they made copies, had them certified and then stored them at the bank. The "cloud" is the new evolution of that process.
I have been in IT a long time and offsite storage of data backups has always been part of a good recovery plan. Starting in the days of tape storage there was always a copy moved offsite. Normally there were copies on site that was used first but in the case of fire (or one actual recovery I was part of a flood) the off site copy had to be brought in to recover the data.
Now for my personal stuff I do use a local backup to a drive that is encrypted and uncompressed. Then I compress and encrypt a copy of that drive and store it in the cloud. I have had to change providers due to a company closing. But still had that local copy during the switch in providers.
Some people do not trust encryption. But if you chose a long password or key it can be next to impossible to decrypt. There was a case that made national news a few years ago where the criminal was eventually convicted but refused to give up his password even with the court ordering him to (contempt of court charges were minor compared to what he was facing). They offered a plea bargain as a carrot but he always refused. The FBI had was not able to decrypt his information in the 5 years that they had it up to the time of the case finally going to trail. I am not sure if they were ever able to or if they just stopped trying. That proves that if used properly encryption can protect your data but it is also possible to circumvent encryption if weak passwords are used. Also the encryption needs to occur before transferring the data.
Again it comes back to the risk that you are willing to assume and what you feel the main threat is. If your main threat is to protect your pictures and such from a dead hard drive or accidental deletion then a locally stored back up is enough. Offsite backups protect you from things like fire, theft (they break in and steal the laptop and the external ssd drive), floods, other natural disasters, etc.
Sorry for the long post.
Mike- I had Carbonite for years. Currently, I use Dropbox due to Carbonite not supporting Linux based computers. Had no problems with the service but why not get a 'personal' cloud device or use a free cloud service. Dropbox gives you free with option to purchase more space. I know Amazon, Dropbox and a few others offer some free space.
