Results 1 to 8 of 8

Thread: Offsite backup

  1. #1
    Senior Member
    Join Date
    Jul 2006
    Location
    Raleigh NC, USA
    Posts
    3,628

    Offsite backup

    If you've owned a computer for any length of time at all, you've probably filled it up with photos, music, and files you don't really want to lose. And like most people, you don't have a backup.

    The recent natural disasters here in the US (earthquakes, tornados and wildfires, oh my!) have finally prompted me to start backing my data up to a location off my property so that I can do a total restore in case my place burns down. Here's how I'm doing it.

    I went out and bought a 3TB drive (about $140 after tax) to hold my data. I'll put a copy of all my data on it, and leave it at the office. I'll bring it home every now and again for refreshing. I could have bought 2 of them and alternated them, as well.

    Leaving it at the office means it would be outside my direct control and I don't want someone snooping around in my files. So I partitioned the drive into a small 100GB partition, and the rest (~2.5 TB after converting to binary) I'll use for my data.

    On the small partition I put downloaded copies of Truecrypt (www.truecrypt.org), which is a very strong encryption program (used by humanitarian workers to protect data from totalitarian governments). This way I'll have a copy of the program on the drive to reinstall from scratch.

    I went ahead and installed Truecrypt on my Mac (works on Windows too), and walked through it's encrypted volume creation process. You have 2 choices when creating the encrypted volume - you can convert the entire partition into an encrypted volume, or create a very large file and use it as your volume. Because the multi-terabyte drives are new, Truecrypt can't support them for an encrypted volume yet, so I had to create an encrypted file to fill the 2.5 TB partition.

    You will need to pick a passphrase to use for the volume. You'll want a sentence that you can remember that is longer than 25 characters but less than 64 characters. Just using "password" isn't very secure, as it's only 8 characters, and could be broken in just a few seconds because it's a dictionary word. If you use a sentence, the time to break the encryption goes up significantly (as in: centuries to break). So use a sentence or phrase that you will remember. Project Gutenberg (www.gutenberg.org) has a lot of classic literature to help you pick something memorable.

    Truecrypt needs a source of random data in order to create a good encryption key, so when it asks, move your mouse around a lot, in fits and starts. Then click the create button, and it will start writing out the storage file. On my 2.5 TB drive, this process took 37 hours.

    When it completes, Truecrypt will mount the drive, and you'll have another drive letter (on Windows) or volume (Mac) that you can copy your files to. Leave Truecrypt running until you're done.

    When you are finished, unmount the virtual drive using Truecrypt. Then dismount the 2.5 TB drive (eject it) using the operating system, and take it to your off-site location (office, safety-deposit box, friend's house, etc). Since the data is encrypted, the worst that could happen is the drive itself could be stolen, but the data on it will not be able to be read.

    Be aware that Truecrypt and having encrypted data is illegal in some Western countries (UK, France, Italy, South Korea) as well as the usual developing countries (China, Ukraine, etc). Also, you cannot boot from a Truecrypt volume, so you can't protect an entire laptop -- only the data you place in the Truecrypt volume.

    When you want to refresh the data on the drive, bring it home and run Truecrypt, mounting the encrypted volume (you will need to supply your passphrase). Truecrypt will then present you will a virtual drive that you can copy your new and updated files to.

    Truecrypt will work on a memory key too. So if you want to experiment with an old 2 GB thumb drive, you can do this before spending money on an external drive.

    Chip H.

    Former owner: 2012 Honda Civic LX, 2006 Honda Ridgeline RTL, 2000 Honda CR-V EX, 2003 MINI Cooper S, 1992 Honda Accord LX, 1999 Mercedes ML-320, 1995 VW Jetta GLX, 1991 Mercury Capri XR2, 1981 Mercury Zephyr, 1975 Chevrolet Impala

  2. #2
    Administrator Ken's Avatar
    Join Date
    Jan 2008
    Location
    Lincolnshire, United Kingdom.
    Posts
    3,416
    Quote Originally Posted by chiph View Post

    'Be aware that Truecrypt and having encrypted data is illegal in some Western countries (UK, France, Italy, South Korea) as well as the usual developing countries (China, Ukraine, etc). Also, you cannot boot from a Truecrypt volume, so you can't protect an entire laptop -- only the data you place in the Truecrypt volume.'


    Chip H.
    Hey, Chip. I think the situation in the UK is not quite so black and white. It is not illegal to hold encrypted data. If, however, an appropriate Law Enforcement Agency obtains a formal authorisation (Section 49?) then the encrypted data must be decrypted for examination or the LEA must be provided with the decryption key. It is, I think, illegal though to transmit encrypted data by wireless/radio telephony.

    Ken.
    Die dulci fruimini!
    Ken.
    Wolds Bikers, Lincolnshire, England.

  3. #3
    Senior Member
    Join Date
    Jul 2006
    Location
    Raleigh NC, USA
    Posts
    3,628
    The difference is in the US, the order to turn over the keys has to come from a judge. While in the UK, any senior police officer can demand them.

    It is, I think, illegal though to transmit encrypted data by wireless/radio telephony.
    Makes doing eCommerce over WiFi a challenge.

    Chip H.

    Former owner: 2012 Honda Civic LX, 2006 Honda Ridgeline RTL, 2000 Honda CR-V EX, 2003 MINI Cooper S, 1992 Honda Accord LX, 1999 Mercedes ML-320, 1995 VW Jetta GLX, 1991 Mercury Capri XR2, 1981 Mercury Zephyr, 1975 Chevrolet Impala

  4. #4
    Ridin Dirty dom's Avatar
    Join Date
    Nov 2008
    Location
    Front Royal, VA
    Posts
    1,606
    I have a few external hard drives that I carry around sometimes, but I find the most useful way of backing up stuff is on a server. That way I can get to all my stuff on any machine connected to the internet. Small stuff I keep backed up on my smart phone.

    "Tutto nello Stato, niente al di fuori dello Stato, nulla contro lo Stato "
    -Mussolini
    All within the state, nothing outside the state, nothing against the state.

  5. #5
    Senior Member
    Join Date
    Jul 2006
    Location
    Raleigh NC, USA
    Posts
    3,628
    I have local backups, for when I mess stuff up and need to restore. This was to address more of a "what if the place burns down while I'm away" scenario.

    I have over 800 CDs in storage back in North Carolina, and re-ripping them so I could listen to them in Texas would take a moving van and months of time. And I can't see the insurance company paying for digital downloads.

    Chip H.

    Former owner: 2012 Honda Civic LX, 2006 Honda Ridgeline RTL, 2000 Honda CR-V EX, 2003 MINI Cooper S, 1992 Honda Accord LX, 1999 Mercedes ML-320, 1995 VW Jetta GLX, 1991 Mercury Capri XR2, 1981 Mercury Zephyr, 1975 Chevrolet Impala

  6. #6
    Administrator Ken's Avatar
    Join Date
    Jan 2008
    Location
    Lincolnshire, United Kingdom.
    Posts
    3,416
    Quote Originally Posted by chiph View Post
    Makes doing eCommerce over WiFi a challenge.

    Chip H.
    Interesting point. On, say, an ebay transaction where does the encryption of my data start? at my end or theirs? I've never really given it much thought, Hm?, I wonder if?, what if? - 'stop it, I'm getting paranoid' 'No I'm not, they're out to rob me!'

    Ken.
    Die dulci fruimini!
    Ken.
    Wolds Bikers, Lincolnshire, England.

  7. #7
    Senior Member
    Join Date
    Jul 2006
    Location
    Raleigh NC, USA
    Posts
    3,628
    When you use a https connection (SSL - look for the lock icon), the encryption starts at your machine. So you're technically in violation of the law.

    So, how could bad guys (government or private enterprise) snoop on your shopping session? A couple of ways:

    They could infect your machine with a virus that reports back what you do. Since the virus is in control of the machine, the encryption doesn't help. This is by far the most common way this happens.

    Or, they could take over one of the companies that issue security certificates, and issue themselves a certificate that has the same name as the site you're wanting to visit securely (ebay, google, etc). Your browser then treats it as legitimate, as it was issued from a company it trusts. The bad guys can then get in the middle of your secure conversation and snoop.

    The last one is going to become more frequent in the future - the latest update from the major browser makers was to address a real instance of this happening - a Dutch company named DigiNotar was compromised, and the bad guys issued certs to themselves in the name of many well-known companies. This means that every site that DigiNotar sold certs to now have to renew them (probably with someone else!) and ordinary users have to apply the patches.

    https://blog.torproject.org/blog/dig...age-disclosure

    There are suggestions this was done by an Iranian.

    Chip H.

    Former owner: 2012 Honda Civic LX, 2006 Honda Ridgeline RTL, 2000 Honda CR-V EX, 2003 MINI Cooper S, 1992 Honda Accord LX, 1999 Mercedes ML-320, 1995 VW Jetta GLX, 1991 Mercury Capri XR2, 1981 Mercury Zephyr, 1975 Chevrolet Impala

  8. #8
    Senior Member
    Join Date
    Jul 2006
    Location
    Minneapolis
    Posts
    1,429
    As a software developer this is how it works (or aleast used to work - hell they change these laws everyday).

    Any software encryption program sold in the US must have a common key. This goes for ZIP, Windows, passwords, etc, etc.

Similar Threads

  1. Maggot Feds To Demand..Backup Cameras.
    By Mase in forum The Maggots...
    Replies: 2
    Last Post: 12-05-2010, 10:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •