Slashdot Mirror

These are more techie-oriented rather than for general desktop use (they don't have shiny GUI sync clients, and are aimed at Linux/BSD users), but two I'd recommend:

rsync.net. Remote ZFS filesystem you can scp files to, or access over ssh via a restricted shell that supports a range of backup tools. For encrypted backups, if you're on a unix machine, you can point duplicity at it. They've been around a long time, and have a warrant canary, though if you encrypt the files client-side with something like duplicity, they won't even have your data in the first place.

Tarsnap. Encrypted, deduplicating incremental backup. The encrypted blobs are stored on Amazon S3. Custom client that by design keeps them from ever seeing the unencrypted data.

These are more techie-oriented rather than for general desktop use (they don't have shiny GUI sync clients, and are aimed at Linux/BSD users), but two I'd recommend:

rsync.net. Remote ZFS filesystem you can scp files to, or access over ssh via a restricted shell that supports a range of backup tools. For encrypted backups, if you're on a unix machine, you can point duplicity at it. They've been around a long time, and have a warrant canary, though if you encrypt the files client-side with something like duplicity, they won't even have your data in the first place.

Tarsnap. Encrypted, deduplicating incremental backup. The encrypted blobs are stored on Amazon S3. Custom client that by design keeps them from ever seeing the unencrypted data.

rsync.net? It supports common protocols (ftp though https to rsync). You specify which location you want to store on at signup. It doesn't do encryption for you (storage encryption that is) but it sounds like you should be doing that yourself.

I love the rsync.net "solution" to this problem, the Warrant Canary:

http://www.rsync.net/resources/notices/canary.txt

Wonderful idea. Sure, we can't tell you if one of these secret letters is given to us, but, until we get one, we can tell you it hasn't come...with signed, date verifiable messages.

Of course, only works for relatively small companies that are not getting requests as a matter of course.

My storage provider maintains a warrant canary:

http://www.rsync.net/resources/notices/canary.txt ... and since my account is in Zurich, I check the local copy there.

the Warrant Canary:

http://www.rsync.net/resources/notices/canary.txt

That is freaking brilliant!

Credit where it's due: the canary scheme has been thought up by Jessamyn West -- see the Librarian.net section on the Wikipedia page.

the Warrant Canary:

http://www.rsync.net/resources/notices/canary.txt

That is freaking brilliant! I'm not in a related field, but am still kicking myself for not having thought of that myself.

So while I agree that everyone in the world should be wary of USA PATRIOT, it's not a given that non-US consumers have to avoid US providers across the board.

The Canary Warrant is not enough to make it safe to store data in the US, it just lets one know that they've been owned.

Not all providers are based in a single nation.

Amazon, for instance, has AWS locations around the world, although that probably doesn't help you much given their track record.

But rsync.net (I am the founder) has storage locations in Zurich and Hong Kong, in addition to the US. These sites are protected, just like the US sites, by the Warrant Canary:

http://www.rsync.net/resources/notices/canary.txt

So while I agree that everyone in the world should be wary of USA PATRIOT, it's not a given that non-US consumers have to avoid US providers across the board.

Rsync with another computer (desktop/laptop/server), an additional drive on your computer or with USB storage (thumb drive, hard drive etc). Rsync will update all changes with much less overhead than a complete recursive copy when updates are performed. This tutorial covers rsync use with Linux and MS/Windows. http://www.yolinux.com/TUTORIALS/Rsync.html One can also rsync to public storage like http://rsync.net/ or http://www.s3rsync.com/ as well.

First off, Congratulations! Including files related to my 4 year old, I've got about 100GB of media. I recommend the 3-2-1 Backup method: 3 copies of the data, on 2 different drives/media, 1 of them off-site. I do this by having a "primary" copy of the data on a machine at home, which I copy to a backup drive periodically. The primary also gets rsync'd nightly to a cheap eeePC with a 1 TB USB drive in a closet at my parents place. All this is running Linux, but you can manage with other OS's. Bonus #1: They get local access to the media via an SMB read-only share. Bonus #2: I gave them a writable share for THEIR data, which is rsync'd nightly to our place as a backup. You can do this with friends, etc. Being on the same ISP helps as the sync traffic can stay in the provider cloud. I've also used Amazon S3 (~US$13/month for 100GB of non-redundant storage) and I still use rsync.net for more limited critical documents (encrypted), though their price doesn't scale well for large, static data sets (they don't charge for bandwidth so relatively small but dynamic data is a good fit).

*sigh* rsync.net

I second LTO tapes if you really want an "archive". Also, storage is a concern, so you'll want to look at iron mountain or access co for offsite storage in a tape vault with Halon. Usually around $25 a month plus tapes and transport.. That being said, you can get a highly probable recoverability by having lots of copies of the data. So lots of drives in lots of locations work. Rsync.net has a really good online service (and it's cheap). I wouldn't recommend any other place since I've worked with rsync and know them to be a good company. But still, unless you have a physical copy on tape somewhere, there's no guarantee. It's all about making it improbable that you'll lose the data. After that, there's insurance ;)

I've had personal and business accounts at rsync.net going back over 5 years.

It's simple, it's straightforward, and it works out of the box with everything I use.

Oh, and there's this:

http://www.rsync.net/resources/notices/canary.txt

It's not the cheapest offering, but my employers' account @ 2TB is around 28 cents/GB, per month.

If you have an io.com shell account, we would like to gift you a lifetime free rsync.net account for the purposes of backing up, and parking, the contents of that shell account.

I have never had an io.com shell, but between rsync and tar+gpg+ftp you should be able to quickly and easily dump the contents of your shell to an rsync.net account.

Just email info@rsync.net and we'll set this up for you. FWIW, this is a continuation of our efforts to support the work being done by Jason Scott, the "Archive Team" and the safeguarding of digital history, generally.

From what I can tell adrive isn't anything like dropbox. It's ad supported for the free account and their client is an Adobe AIR application that only runs on Windows, Mac and Linux where as Dropbox runs on those, Android, iPhone/iPad and blackberry. It has an API to integrate it into your site / application and there are no ads at all.

If I weren't going to use dropbox I'd personally go back to http://www.rsync.net/ because their support is awesome, it's cheap and while it has no free option it sounds like an all around better deal than adrive

http://www.rsync.net/resources/notices/tos.html

I especially like:

"No form of data or meta-data concerning the behavior of our customers or the contents of their filesystems, or
even the customer data that we hold in our records for billing, will ever be divulged to any law enforcement
officer or agency without order served directly by a US court having jurisdiction. "

and:

"No consumer or personal information about our customers of any kind will be divulged to any party for any reason."

RSync.net, the online backup company, has been using a "warrant canary" for many years now:

Every week they update a special page with a PGP-signed dated article stating something like this:

http://www.rsync.net/resources/notices/canary.txt

The current message is here:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

2010-08-09

No warrants have ever been served to rsync.net, or rsync.net principals or employees.
No searches or seizures of any kind have ever been performed on rsync.net assets,
including:

ALL San Diego locations
ALL Denver locations
ALL Zurich locations
ALL Hong Kong locations

(from www.NewYorkTimes.com)

In Crackdown on Energy Use, China to Shut 2,000 Factories

By closing some steel mills, cement works and other energy-intensive factories, the government said it hoped to improve energy efficiency.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFMYFymBzwoLX1vgGwRAsgCAJ9HU6xDNuJot7PlS39/zGAfGEed+gCffWrJ
ltsbJAqoiTwyWbKFuP+UOt8=
=reux
-----END PGP SIGNATURE-----

Terje

"At each board meeting I tell them we have not been served by any (search warrants)," she said. "In any months that I don't tell them that, they'll know."

I wonder if this technique could be used in other ways.

An ISP could use automation to send its customers some sort of message once a day as long as

It's already been used for quite long time. Check out rsync.net http://www.rsync.net/philosophy.html "Warrant Canary". They've started this practice long ago. (Perhaps 2006 as stated in the page copyright..

http://www.rsync.net/resources/notices/canary.txt

rsync.net has been doing that for quite a while now.

For an online backup, I highly recommend rsync.net instead. Starts at .80 a GB, goes down rapidly in bulk. Designed for storage, not mail or something. More expensive than AWS but it goes down every month as disk prices drop. Plus other benefits. You're not going to beat cheap hard drives for bulk storage, but I like LTO4 a lot for archival backups. But of course it's all worthless if you have a fire in the server room or something.

I would like to do business with ISPs that have Warrant Canaries:

http://en.wikipedia.org/wiki/Warrant_canary

Like my offsite backup provider maintains:

http://www.rsync.net/resources/notices/canary.txt

However, in absence of this (I realize this is rare) your ISP should at the very least have a stated policy as to how they respond to warrants and "requests".

Turning off an entire block of IP space because some joker calls you on the phone is absolutely terrible. If you continue to do business with "serverloft" you deserve whatever you get.

People will use whatever's free, and probably say they have "nothing to hide!" The truly paranoid (which I say without intending any negative connotation) will run their own services. Unfortunately 90% of the email addresses you communicate with probably end in gmail.com, hotmail.com or yahoo.com anyway. That data is available on the other end, if in much more fragmented format.

I agree with your idea, but I honestly don't think the masses will go for it. If enough concerned people do, it could be worthwhile.

As a sidenote, your idea reminded me of rsync.net's privacy policies.

I guess they are technically not an ISP - they are my online/offsite backup provider ...

But they have maintained a "warrant canary" for years:

http://www.rsync.net/resources/notices/canary.txt

I don't know how effective it would really be if push really came to shove, although it's difficult to imagine a court upholding a LEA coercing them to make public false statements ... the point is, someone is pushing back.

Hmm, try one of these:
http://www.wuala.com/
http://www.rsync.net/

Hmmm. One great solution: http://www.rsync.net/
Their blurb:
"Business continuity and disaster recovery built on open standards and common sense.
- Simple backup/restore for Windows/Mac/Unix
- Encrypted backups, snapshots, IPV6, sshFS
- rsync, ftp/sftp/scp, rdiff-backup, WebDAV...
- Map as a drive letter or mount in the Finder
- Subversion/MySQL/Postgres/Exchange/SQL
Choose the only provider with geographic redundancy around the world.
Standard Offsite Filesystem: Full featured account, data stored in one backup location. $1.60GB/mo
Geo-Redundant Filesystem: Data is automatically replicated to a second, redundant location. $2.80GB/mo "

http://www.rsync.net/resources/notices/2007cb.html

Prior to that bounty, duplicity had not been updated or worked on for a few years, and thanks to the claimant of that bounty, Ken Loafman, there is not only a new, stable version, but a responsive community working on the project.

I use it every day, and now consider it indispensible.

For several years the project languished without a real maintainer and without an up to date, stable version, but because of this bounty:

http://www.rsync.net/resources/notices/2007cb.html

and because of the great work of Ken Loafman, there is a live and vibrant community of duplicity users and an up to date, stable version.

I personally use duplicity on my own server as well as on my remote rsync.net storage space.

BTW, this is not the first time that my provider, rsync.net, has gone out of their way to perform very useful, very pro-OSS work for the community ... as I say every chance I get, this says it all:

http://www.rsync.net/resources/notices/canary.txt

For several years the project languished without a real maintainer and without an up to date, stable version, but because of this bounty:

http://www.rsync.net/resources/notices/2007cb.html

and because of the great work of Ken Loafman, there is a live and vibrant community of duplicity users and an up to date, stable version.

I personally use duplicity on my own server as well as on my remote rsync.net storage space.

BTW, this is not the first time that my provider, rsync.net, has gone out of their way to perform very useful, very pro-OSS work for the community ... as I say every chance I get, this says it all:

http://www.rsync.net/resources/notices/canary.txt

using an illustration

there

And the data is stored "on multiple redundant servers across geographies for the safety of your data"
- where laws can vary and so privacy policies are plainly redundant.

One of the things that we really need is some system that implements a legal essential requirement for all databases to store data in encrypted format of at least so-and-so strength.
If not a legal requirement, at least a "competitive offering" by tools of economics.
This does not mean anything more than awareness actually, because there's no law against "unforeseen circumstances or acts of God or blah blah..." - far too many thing need to go right.
But a password and https isn't enough.

For example, see http://www.rsync.net/resources/notices/canary.txt

At the moment I'm using it as an offsite backup for my thesis, using a subversion repo to store everything. Works like a charm, and the support is really good.

(I don't work for them, just a happy customer)

http://www.rsync.net/resources/notices/2007cb.html

(vmware 6.x working on a modern FreeBSD release)

and:

http://blog.kozubik.com/john_kozubik/2007/12/bounty-posted-f.html

Both of these items are long overdue to be fixed - having a modern version of vmware working on FreeBSD is essential to many, many developers and engineers, and because so much of the web now requires a recent version of flash to _use at all_ it is imperative that there be a method to use flash9 on a native FreeBSD browser.

I encourage everyone that is interested in FreeBSD on the desktop to look into supporting these bounties.

My backup/storage provider doesn't.

This pretty much says it all:

http://www.rsync.net/philosophy.html

especially the "warrant canary", which is why I am essentially a lifetime customer of their organization and recommend them at any opportunity:

http://www.rsync.net/resources/notices/canary.txt

My backup/storage provider doesn't.

This pretty much says it all:

http://www.rsync.net/philosophy.html

especially the "warrant canary", which is why I am essentially a lifetime customer of their organization and recommend them at any opportunity:

http://www.rsync.net/resources/notices/canary.txt

I pay a (roughly) 20% premium price per gigabyte per month to have my offsite backups with a provider that gives me these things:

rsync.net corporate philosophy

rsync.net Warrant Canary

Not only do I pay a small premium for this stance on their part, but I rave about thier product and support all the time. This business model _does sell_ and it breeds _more sales over time_. Business owners need to know this, and we as consumers need to vote with our dollars to ensure that they do.

I pay a (roughly) 20% premium price per gigabyte per month to have my offsite backups with a provider that gives me these things:

rsync.net corporate philosophy

rsync.net Warrant Canary

Not only do I pay a small premium for this stance on their part, but I rave about thier product and support all the time. This business model _does sell_ and it breeds _more sales over time_. Business owners need to know this, and we as consumers need to vote with our dollars to ensure that they do.

duplicity:

http://duplicity.nongnu.org/

is a mash-up of (lib)rsync, tar, and GPG. Plaintext, normal filesystem on your end, and a big bunch of gibberish tarfiles on the remote end.

The remote end can be anything - it just needs to be accessible via plain-old scp/sftp (or ftp).

A new version of duplicity was just released and because of a bounty and ongoing funding provided by rsync.net:

http://www.rsync.net/resources/notices/2007cb.html

there is a permanent maintainer dedicated to the project now. I don't use it for all of my data, because one of the main selling points of rsync.net was the ability to just connect and browse with any old sftp/scp based client - and that won't work if the files are all gibberish tarballs, but for my "important" data, I do use duplicity and point it at a special directory.

... provider publishes a weekly statement indicating that no warrants (secret or otherwise) have been served on the hardware/premises, etc.

You can see it here:

http://www.rsync.net/resources/notices/canary.txt

As for offsite backups in general, I trumpet this service as loudly and as often as I can - it surprises me that the FOSS (and privacy/crypto) communities do not talk more about rsync.net - they do things the right way.

You won't ever be able to pick up the phone and talk to someone at google, and you certainly won't have a totally open, standards-based filesystem.

No fluff, no hype, just the best product and best service I have ever had, in any sphere.

If this doesn't convince you:

http://www.rsync.net/philosophy.html

this will:

http://www.rsync.net/resources/notices/canary.txt

and as I have been a customer of their parent co-location company, JohnCompanies, for _seven_ years now, I feel very good about their longevity and commitment to customers.

No fluff, no hype, just the best product and best service I have ever had, in any sphere.

If this doesn't convince you:

http://www.rsync.net/philosophy.html

this will:

http://www.rsync.net/resources/notices/canary.txt

and as I have been a customer of their parent co-location company, JohnCompanies, for _seven_ years now, I feel very good about their longevity and commitment to customers.

Not everyone took this practice lying down, you know ...

There are good people in the business community that pushed back, and probably put themselves out on a limb to do so. The rsync.net warrant canary is, by far, my favorite example:

http://www.rsync.net/resources/notices/canary.txt

I doubt it ever got tested, but the point is, it was there.

I am also a customer of rsync.net, and will be so forever. The cost is higher (although at the top end of their quantity discounts, its not ridiculous) and it is worth it, without question.

Does google or amazon give you this:

http://www.rsync.net/resources/notices/canary.txt

or even this:

http://www.rsync.net/philosophy.html

The bottom line is, I don't want people using my personal information, I don't want them parsing my data and usage patterns, and I don't want them bowing down to law enforcement as a matter of course. I just want a plain old unix filesystem that I can do whatever I want with, and a phone number to talk to a real person when I need to.

And I'll pay a lot for that.

I am also a customer of rsync.net, and will be so forever. The cost is higher (although at the top end of their quantity discounts, its not ridiculous) and it is worth it, without question.

Does google or amazon give you this:

http://www.rsync.net/resources/notices/canary.txt

or even this:

http://www.rsync.net/philosophy.html

The bottom line is, I don't want people using my personal information, I don't want them parsing my data and usage patterns, and I don't want them bowing down to law enforcement as a matter of course. I just want a plain old unix filesystem that I can do whatever I want with, and a phone number to talk to a real person when I need to.

And I'll pay a lot for that.

True - but if you want to use it as an online storage medium it still costs $99 whether you use all that other stuff or not (which I did not). Also, I did not find it very "love-able" ... having the iDisk enabled significantly slowed down my Open/Save dialog boxes from many programs (requiring strange workarounds to remedy). I gave it up for an rsync account which I find more pleasing to the touch.

Read this again:

rsync.net warrant canary

If they are served with a secret warrant, they simply stop updating the warrant canary...

Read this again:

rsync.net warrant canary

If they are served with a secret warrant, they simply stop updating the warrant canary...

http://www.rsync.net/resources/notices/canary.txt

In addition to a stated policy of "No data or meta-data concerning the behavior of our customers or filesystem contents will ever be divulged to any law enforcement agency without order served directly by a US court having jurisdiction. All such orders will be reported to our entire customer base."

You should read their philosophy page.

http://www.rsync.net/resources/notices/canary.txt

In addition to a stated policy of "No data or meta-data concerning the behavior of our customers or filesystem contents will ever be divulged to any law enforcement agency without order served directly by a US court having jurisdiction. All such orders will be reported to our entire customer base."

You should read their philosophy page.

This struck me, and reminded me of, the warrant canary that an offsite backup provider I do business with maintains:

http://www.rsync.net/resources/notices/canary.txt

In essence, Verizon says that there cannot be a law (or a contract) denying true statements of fact to third (or first) parties ... which is in essence what the warrant canary (and items like it) attempt.

It's a bit in reverse, though, since Verizon is sending information to the government, whereas the warrant canary sends information outwards to customers and the public ... but they both seem to be based on the same argument...

Although this isn't a perfect solution, one thing that potential NSL recipients can do is maintain a warrant canary.

Basically, they commit to updating a cryptographically signed statement that they have not received a secret warrant along with a current news item.

I'm not sure if warrant canaries have ever been tested, and if one failed (the service provider was forced to update it) you would never know.

http://www.rsync.net/resources/notices/canary.txt