undefined | Better HN

0 pointsbigiain6y ago0 comments

Do you rely on just one 3rd party like gitlab/bitbucket/github to keep your _only_ copy of your non-current projects?

That seems unwise. I don't have many local repos on this 128GB MacBookAir, but as well as BitBucket all the projects I have ever worked on are on other several machines and/or hard drives I have locally, and also zipped up in S3 buckets and on tarsnap.

Like they say, there's two kinds of people. People who've lost important data because they didn't back it up properly, and people who haven't yet.

0 comments

rovr1386y ago

> Through immediate independent investigations, all three companies observed that user accounts were compromised using legitimate credentials including passwords, app passwords, API keys, and personal access tokens.

Part of your backup strategy depends on external services. Not necessarily in your case, but people who only have their backups externally on a service could be affected.

> all the projects I have ever worked on are on other several machines and/or hard drives

And depending on your strategy, since they're so distributed it could mean they're outdated repos. If not, and they pull automatically, they could be affected.

Local backups also have issues. The disk might die, the data might be corrupted or any other myriad of things could happen.

> People who've lost important data because they didn't back it up properly, and people who haven't yet.

Is there such a thing as a perfect backup strategy?

bigiainOP6y ago

> Is there such a thing as a perfect backup strategy?

At work, there's "Can meet contractually agreed RPO and RTO with 99.99% certainty". Automate the standard setup, and sleep well at night. Perfect.

At home, there's "I've done enough that I think the next improvement is an unfeasibly large amount of extra time&money for an unreasonably small improvement".

I've, for myself at home, settled on Apple's Time Machine backing up my Macs (and their phone/ipad iTunes backups) to a raid 10 set, that raid 10 set rsynced to another one at the opposite end of the house, and a weekly backup of that stored on a single drive that only powers up for 6 hours every Sunday night then powers back down again - so if my whole network gets breached and cryptolockered (for example) I'll still have at most 7 day old data at home. I also push that weekly backup out to S3 and tarsnap for off-site in-case-my-house-burns-down, or I've set it all on fire and moved to Belize scenarios...

I've been running most of that for ~8 years now. I've called it "done", while not "perfect", its certainly good enough against "not-Mossad threat models". If Mossad or The NSA want to delete my backups, so be it - I'll go be a carpenter or a gardener or something.

j / k navigate · click thread line to collapse