I was looking for a convenient way to backup my my data and probably the stuff of my parent’s PC as well, because my mom does a lot of video editing of vacation videos and it would be a pity, if she would loose that data. So as a good son and ongoing computer scientist guy I looked for some hardware to build a NAS that would fit our needs: 3TB physical memory (tied together via software raid to 2TB) and some low-power mainboard and CPU and stuff. After some Google research I found that company CrashPlan and they offered a really cheap offer: Family Backup unlimited Plus, which means you can back up up to 10 PCs without any storage quota. The price is super low, if you make a contract for 4 years you have to pay about 9$ per month. In comparison: My NAS-system would pay off after 7 years (not including power costs or hardware failures). So we gave CrashPlan a try and got a license for one year. After 3 months now I am not satisfied and this is why:
##No separate PC / Container encryption CrashPlan stores your data encrypted. Per default this is done via a key, that is attached to your account and is distributed automatically by the software, which means, it is not secure, if you don’t trust the company. There is the possibility to use a passphrase to encrypt your data locally, before it is sent to the cloud. You have to put that passphrase on all your PCs you want to backup and the passphrase can’t be restored in any way (that’s a good thing).
You have the possibility to create different containers on each PC, which defines the policy which data to backup where. It would be reasonable to have different passphrases for different folders. And the worst thing: you can’t even have different passphrases for different computers. So the security of my data depends on the security of the parent’s system (and my parents have no idea about firewalls, anti-virus stuff and so on). That’s pretty bad!
##Small Upstream My initial backup took about 2 weeks (2 weeks 24/7 upload), because I wanted to back up all my pictures and music and stuff. My upstream is pretty good for ADSL: 10Mbit/s, but the CrashPlan software reduced that to around 1 Mbit/s. I mean…. why do I pay for a service, that performs worse than my own infrastructure?
##Shitty Software There were some problems the the background service on my parent’s PC. I was unable to start the application and the tray icon told me, that it could not connect to the background service. So I checked the windows-services Snapp-in and saw that the services was stopped. It always failed to start and even a delayed automatic start failed (according to windows log files). I could not find any log file of the CrashPlan service itself to get any idea what was going on :-/ The support was ok, but could not solve the problem. So I re-installed the software and everything was working as expected, but the worst thing: I did not had to re-enter the passphrase for the data encryption! That means, after you uninstall the client from your computer, the bad guys could still read the passphrase for your backups and access the data (including mine, because as I said, all computers have to share the same passphrase). I don’t want to investigate whether the passphrase lies bare as a TXT on your HDD…. The GUI of the client software itself is not very good, but that’s not a huge problem. Because normally you just configure your backups and leave the software alone for a long time.
Think twice before you let others do you backups.
blog comments powered by Disqus