Crashplan doesn’t support backing up NAS on Windows but does for Windows and Linux. Interesting....
That being said, I think if I had a NAS, I would want a solution that runs directly on the NAS instead of depending on a host computer.
Yeah, you could totally do that using a VM on the NAS. The only downside is that it'd be charged as an additional device, assuming you still wanted to back up your main workstation.
Crashplan supports NAS backups on Macs and Linux.
Did you ever have to restore a significant amount of data with CrashPlan? Its been more than a month since a 3tb drive died on me and I'v only got 1/3 of it restored so far. I don't see any local bottlenecks. Its restore-or-upload, so recent data in unsecured as well. :(
CrashPlan does supports client side encryption, making Blackblaze not really an option for me.
> supports client side encryption, making Blackblaze not really an option for me
Just to be clear, Backblaze Personal Backup encrypts all files on the client side, period. Now by default, Backblaze has the ability to decrypt those files, but you can set a "Private Encryption Key" and then if you forget that private encryption key nobody (including you, any Backblaze employees, the NSA) will EVER read those files, they are gone.
Some people point out that you have to supply your private encryption key in order to prepare a restore, and at that moment you have to hand it over to Backblaze (for 10 seconds). But look at the work flow and think about it:
1) If you never prepare a restore, your files are uncrackable by the NSA or Backblaze, period, end of story.
2) If Backblaze's datacenter is hacked for the 3 years before you prepare a restore, nobody can read your files because it simply isn't possible, you have never provided the private encryption key to Backblaze. This is most evident for any "zero day security breach" where the world goes haywire for 24 hours and hackers gain entry into all systems everywhere. If you avoid preparing a restore in those 24 hours, your data was safe before the hack, safe during the hack, and safe after it is all cleaned up and the systems are locked down again.
3) Ok, the day comes that you need a restore -> you hand over your private encryption keys, and our servers NEVER write that to disk! They keep it in RAM, which is pretty dang hard to hack. The restore is prepared, you download it, then you can manually delete the restore! Yes, technically this opened up a 10 second or more window of vulnerability where you were only protected by our hardened systems and all of our OTHER security measures. No human ever looked at your files. The systems are all automated and billions of files are flowing around. Honestly, you're pretty safe.
4) If you have something on your computer that you will go DIRECTLY TO JAIL if it is ever discovered, then I'd highly encourage you to encrypt that in a little encrypted file at rest on your computer anyway (regardless whether or not you use Backblaze). I mean, the FBI caught that guy that ran "The Silk Road" by distracting him in the library and sliding his laptop away from him before he could close it. As long as your file is pre-encrypted "at rest" on your laptop, Backblaze can back it up and no matter what even if you prepare a restore safely. Meanwhile we can keep all your photos and music and not illegal or overly private stuff backed up conveniently for you.
Seems like my memory was reduced to "have to give you the key". I'll be more precise in the future.
I used to have my drives encrypted back when TrueCrypt was still a thing. From what I understand I'd lose a bunch of features, like de-duplication or the ability to restore individual files without having to download the entire state of the encrypted container. But maybe my knowledge is outdated... I'd love to read how to set up good local encryption that doesn't conflict with the backup.
Only having to trust Backblaze in the moment of restore is better than no encryption. But when that drive died a month ago I certainly wasn't in the state of mind to make optimal decisions. Setting myself up for such a situation doesn't seem that great, though more routine might have helped. Actually, routine would mean sending my key to Backblaze more often as well.
I'd entrust you to pretty much "archive" my entire digital live. Getting jailed now is less of an issue, but I do worry about two or three regime changes down the line. Especially with demagogues and dictators on the rise seemingly everywhere. People with other backgrounds likely worry less about something like that. But here in germany, especially east germany, we kind of have a messy past in that regard. Right now I do not trust US intelligence to ignore an as awesome treasure trove as countless personal backups. I also do not expect individuals at Backblaze to risk their freedom/livelihood by violating NSL's, if received. I certainly would not.
But yes, at the same time I'd highly value a company taking the extra effort to require me to only trust in what is running on my hardware. And thus I could theoretically audit. Bonus points for making an audit as easy as possible, by e.g. choosing open source or an easy to reverse engineer tech without relying on obfuscation. Though I'd understand this not fitting into / being part of Backblaze's businesses plan.
May I ask why Backblaze doesn't offer client-side decryption? Is it just the design you've chosen and a change not worth the effort? Maybe to somehow prevent abuse? Or it saves a bit of traffic, like in case the encrypted blocks contain additional data that don't need to be restored?
