Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do you backup sensitive data?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you backup sensitive data?

SadySady Member
edited February 2015 in General

Hello,

I formatted my HDD during dual-boot of linux & windows & i was really worried about some of the data i had like say SSH keys but fortunately I've recovered that.

So want to check out how do you backup your sensitive & important data?

I've copied that all to a seperate HDD & kept that in safe, will you trust any online provider for keeping the stuff there like say google drive, onedrive or maybe xyz host?

«1

Comments

    • External Hard Disk.

    • CrashPlan (to their cloud and to a friend)

    Some very important ones are stored in my Dropbox anyway; so for those files there's this extra baclup.

  • NyrNyr Community Contributor, Veteran

    I keep full OS images duplicated locally and important data is uploaded to a remote location too.

    With encryption, you don't need to trust them. In the case of SSH keys, you can protect them too, so they are worthless without the password. Oh, and don't rely on your single HDD, it can fail during normal usage at any time.

  • @Devil said:

    • External Hard Disk.

    • CrashPlan (to their cloud and to a friend)

    Some very important ones are stored in my Dropbox anyway; so for those files there's this extra baclup.

    To be honest, I don't trust those Dropbox etc but Crashplan seems like a good idea, will try to implement that with my brother's PC & raspberry :)

  • @Nyr said:
    With encryption, you don't need to trust them. In the case of SSH keys, you can protect them too, so they are worthless without the password. Oh, and don't rely on your single HDD, it can fail during normal usage at any time.

    Wuhoo, Encryption seems like a best bet.

    Can you let me know which encryption you're using or which you suggest?

  • I have a raspberry Pi @ my house with a total of 1.5TB storage for everything and a PI @ My grandads which has around 500GB Storage (need to upgrade) to store important. Data are encrypted and Pis are hidden within the house.

  • All my passwords/small files are on SpiderOak.

    Big files on second disk, disconnected from the computer (so that it doesn't get burned on a power spike or anything like that).

  • NyrNyr Community Contributor, Veteran

    @Sady it depends on what do you want and what's your primary OS too. If you are on Windows, a TrueCrypt encrypted container is probably a good start.

  • @Sady said:

    Can you let me know which encryption you're using or which you suggest?

    GPG

  • I use an external hard disk and an online service, I encrypt sensitive data with AES256

  • Nyr said: a TrueCrypt encrypted container is probably a good start.

    which can be cracked in less than an hour unless it's a huge password

  • KuJoeKuJoe Member, Host Rep

    Right now all of the transfers are encrypted but I'm looking into doing more encryption on my LAN for added security.

    Thanked by 2mpkossen george
  • CrabCrab Member

    @TarZZ92 said:

    What's your definition for a huge password?

  • Chinese often trust foreign drives instead of native... Though they may be controlled by NSA, it's still better than being controlled by CN gov...

  • 4n0nx4n0nx Member

    I chose encryption during the Ubuntu installation and use EncFS for cloud storage, which is my own dedicated server. But I don't really have any sensitive data.. (〜 ̄▽ ̄)〜

  • TarZZ92 said: which can be cracked in less than an hour unless it's a huge password

    That applies to everything, not TC specific.

  • talking about passwords, i like to play with this :D

    https://howsecureismypassword.net/

    Thanked by 2MarkTurner geekalot
  • DevilDevil Member

    Sady said: I don't trust those Dropbox etc

    In that case you must not trust anything where everything you don't compile and install yourself in an secure environment (every step) with every kind of data being encrypted right on your machine.

    Try sth like dedup, duplicity etc.

    XIAOSpider97 said: it's still better than being controlled by CN gov...

    Nope. It's never better to be controlled by a foreign power.

  • @Devil said:
    In that case you must not trust anything where everything you don't compile and install yourself in an secure environment (every step) with every kind of data being encrypted right on your machine.

    We don't trust anything, including source code. It's a simple matter of convenience though. There's no logical reason to trust one massive specific provider who can legally be forced to give access to some "institution" when you have easy access to alternatives that you can control better. Is it possible that (say) OwnCloud is backdoored? Sure. Am I going to prefer it from Dropbox. Yes.

  • DevilDevil Member
    edited March 2015

    deadbeef said: ......

    What you are saying is there is no absolute security and I agree. But then you are also saying you think m% of trust is better than n% (if there can be such a thing). Well, whatever floats your boat. Good luck.

  • NyrNyr Community Contributor, Veteran

    @TarZZ92 said:
    which can be cracked in less than an hour unless it's a huge password

    So? Use a good password as the assistant practically forces you to.

  • Nyr said: So? Use a good password as the assistant practically forces you to.

    unless the user uses a good 30-50 character password it's useless.

  • Crab said: What's your definition for a huge password?

    30-50 characters

  • I have Thin client running under Debian 6 its very quiet no sound at all and low electricity usage so I keep it 24/7 Online for backup my servers.

  • I use a program on my Macs called Arq - http://www.haystacksoftware.com/arq/ - which encrypts + backs up folders you specify to S3/Google Drive/etc. I use it with SFTP and upload to 1 of my servers and then I rsync the encrypted files to other VPS/Dedis where I have unused space available.

    It's encrypted so at least it would make it challenging for someone to gain access to them, so a VPS is fine even with the risk of someone snooping.

    Your 'core' important stuff probably doesn't take up much room (SSH keys, gov't docs, etc) so it's really easy to spread multiple copies around. You can also double up the encryption and use something to encrypt locally (folder-level) and then encrypt again on upload.

  • NyrNyr Community Contributor, Veteran

    TarZZ92 said: unless the user uses a good 30-50 character password it's useless.

    You are wrong, but encryption can't fix stupidity anyway.

  • Nyr said: You are wrong.

    your opinion not fact.

  • @TarZZ92 said:
    30-50 characters

    How'd you come up with that silly number? :)

  • george said: How'd you come up with that silly number? :)

    silly?

    it's very easy to break anything up to 10.

    the more the better. i for one run my acronis backups in a container and so far i have been unable to break it with 50 characters. (elthough i've never tried the Elcomsoft stuff)

    https://code.google.com/p/truecrack/ is one.

  • 4n0nx4n0nx Member

    TarZZ92 said: silly?

    it's very easy to break anything up to 10.

    the more the better. i for one run my acronis backups in a container and so far i have been unable to break it with 50 characters. (elthough i've never tried the Elcomsoft stuff)

    https://code.google.com/p/truecrack/ is one.

    An 8 character password with only one unknown special character is already impossible to crack with that. That's ~75⁸ possible combinations (~1,000,000,000,000,000) on a regular keyboard. Good luck trying even 0.01 of them with 100,000 attempts every 30s.

  • 4n0nx said: An 8 character password with only one unknown special character is already impossible to crack with that. That's ~75⁸ possible combinations (~1,000,000,000,000,000) on a regular keyboard. Good luck trying even 0.01 of them with 100,000 attempts every 30s.

    with a massive amount of computing power it would make things alot quicker ^

Sign In or Register to comment.