I have a 56 TB local Unraid NAS that is parity protected against single drive failure, and while I think a single drive failing and being parity recovered covers data loss 95% of the time, I’m always concerned about two drives failing or a site-/system-wide disaster that takes out the whole NAS.

For other larger local hosters who are smarter and more prepared, what do you do? Do you sync it off site? How do you deal with cost and bandwidth needs if so? What other backup strategies do you use?

(Sorry if this standard scenario has been discussed - searching didn’t turn up anything.)

    • MentalEdge@sopuli.xyzEnglish
      11·
      12 hours ago

      You can do that with B2. Just use an application to upload that encrypts as it uploads.

      The only way to achieve the same on the backup plan (because you have to use their desktop app) is to always have your entire system encrypted and never decrypt anything while the desktop app is performing a backup.

      Did you not read what I said? You use their app, which copies files from your system as-is. Ensuring it never grabs a cleartext file is not practical.

        • MentalEdge@sopuli.xyzEnglish
          11·
          11 hours ago

          Also doesn’t mean it is. Or in a way where only you can decrypt it.

          The chain of custody is unclear either way. You’re not in control.

            • MentalEdge@sopuli.xyzEnglish
              1·
              10 minutes ago

              No shit. But encryption isn’t the same as zero-knowledge. Where by the time they handle the data in any way whatsoever, it’s already encrypted, by you.

              Do you not know what zero-knowledge means? Or are you so focused on my mentioning they’ll ship data to you physically that what I actually said went over your head?

              From the page you just linked:

              1. Implement encryption transparently so users don’t have to deal with it

              2. Allow users to change their password without re-encrypting their data

              3. In business environments, allow IT access to data without the user’s password

              It’s not zero-knowledge!

                • MentalEdge@sopuli.xyzEnglish
                  1·
                  18 minutes ago

                  Yeah. It’s almost like I literally said that in my second comment.

                  Which some people are ok with, but not what most of us would want.

                  What gap in my knowledge are you trying to fill here?

                  I didn’t even mention encryption in my second comment. Just that their backup plan isn’t zero-knowledge.