[Fej]

Thank you very much for your analysis and explanation. I was a happy customer and would recommend them to almost anyone, up until a few minutes ago.

There was always a nagging voice in the back of my head - "their backup encryption can't possibly be good" - but I wanted to believe it since their deal is so good, in terms of storage per dollar, and it's hard for me to afford otherwise right now. I did a bit of digging not too far back and their help pages go into a small amount of detail but ultimately just say "trust us". I trusted them to throw away my encryption password after a session, which is terrible, of course. After reading all of your work, I cannot even countenance trusting them anymore.

Ironically the first thing that comes to my mind for offsite backup is Backblaze B2... if you do all the encryption before it leaves your machine, then it doesn't matter what they do, and their storage is cheap. Rclone or similar means that their client software need not be trusted. It's up to whether you tolerate their business practices.

You mentioned in another comment that you are still looking for cloud backup software which ticks all the boxes - why did you not go with Rclone? On the surface it looks great but I haven't tried it yet.

[csnover]

> Ironically the first thing that comes to my mind for offsite backup is Backblaze B2... if you do all the encryption before it leaves your machine, then it doesn't matter what they do, and their storage is cheap. Rclone or similar means that their client software need not be trusted. It's up to whether you tolerate their business practices.

Business practices aside, the problem I personally have is: seeing how they are dishonest about their client security, how much can I trust that they’re honest about their durability or server-side security? Encrypting blocks myself ensures confidentiality, but how do I trust that data aren’t being silently lost or corrupted at rest? They hand-wave about how 11-9s durability doesn’t matter[0] in the same way they hand-wave about how zero-knowledge data privacy doesn’t matter, while simultaneously mentioning that they have, in fact, experienced unrecoverable data corruption in the past[1].

> why did you not go with Rclone?

There’s a long tail of roll-your-own cloud backup tools like this that I didn’t really evaluate: Rclone, BorgBackup, restic, Duplicity, Tarsnap, etc. I just ran out of energy and really wanted to avoid something that required a bespoke setup. These tools might work for me, but they wouldn’t be something I could recommend to a non-technical user, and I’m not sure if any of them have daemons for performing continuous backup, so I’d have to figure out a separate solution for that which might be buggy.

In any case, it looks like rclone may have some of the same problems as Duplicacy and restic with using too much memory[2][3].

[0] https://www.backblaze.com/blog/cloud-storage-durability/

[1] “If a cosmic ray has thrown a bit, we ask your computer to retransmit that particular file. This rarely, rarely happens, but in our datacenter of quadrillions of trillions of files in 350 petabytes of customer data. It DOES occur once in a while.” https://help.backblaze.com/hc/en-us/articles/217664798-Secur...

[2] https://rclone.org/faq/#rclone-is-using-too-much-memory-or-a...

[3] https://github.com/restic/restic/issues/2446