[rdtsc]

Hmm, I guess like there is the "sufficiently smart compiler" falacy, there is now the "sufficently reliable hardware" falacy.

But on another level, I guess if hardware fails, then well, you buy more hardware, which is good for Apple. Presumably people who bought in the past from Apple won't turn around and buy an Acer or HP laptop. They'll still buy Apple.

[jakobegger]

If hardware fails silently, you won't buy more hardware. You'll just come across something odd and say, hmm, typical Apple-bugginess.

It would be much nicer if your computer said, “I've detected a bit flip, please restore this file from backup”

[rdtsc]

Even more fun. Data gets corrupted, and backups pick it up, and start overwriting good backups with it eventually.

[cyphar]

If your backup system involves overwriting old backups, it's not a backup system. It's a data loss system.

[rdtsc]

Unless you have infinite storage, you'll have to overwrite some backups at some point in the future.

[XorNot]

Storage is not that cheap yet.

[cyphar]

Making backups more granular means you remove sets of backups (or you collapse incremental backups). If a new backup causes corruption to back-propogate then it's not a backup.

[ptx]

What does this mean? How do you store an arbitrarily long sequence of changes on a medium of fixed size without overwriting? Eventually you will run out of disk and old data will have to be overwritten, which might have contained the only good copy of the corrupted file.

[sangnoir]

> If a new backup causes corruption to back-propogate then it's not a backup

I'll go further and say that even backup that forward-propagates corruption is not backup either - all the incremental backups from the moment of corruption are worthless. Bottomline: if your backup cannot be restored with integrity intact - it's not backup!

[philjohn]

It is, if you outsource the storage. Backblaze is $5 a month per computer for (virtually) unlimited storage. They keep old copies of files for 30 days.

[ptx]

To paraphrase:

>>>> If your data gets silently corrupted and you keep backing up that corrupted data, eventually there won't be any backups left that have the original uncorrupted data.

>>> You shouldn't delete old backups!

>> Storage is too expensive to keep old backups forever.

> Backblaze! ... will delete backups after 30 days.

Yes. So 30 days after your file was corrupted, you will only have corrupted copies left.

[legulere]

Even better: automatically restore the file from backup.

[ahl]

The failure mode of hardware is not all or nothing. A single sector in an HDD or a single page in an SSD can fail and the rest can be fine for years; both HDDs and SSDs have many spares for this expected condition.