Wed, 13 Nov 2024 01:47:12 -0600 "David C. Rankin" <drankinatty@gmail.com> :
On 11/13/24 1:39 AM, jdd@dodin.org wrote:
Le 13/11/2024 à 03:19, Jeffrey Taylor via openSUSE Users a écrit :
I backup to Amazon Web Services S3. A few dollars a month for off-site backup.
I tempted some time ago to subscribe to a very cheap online backup system, cheap because not immediately available as recovery
but the test period showed that bandwith was not usable. It would have needed more than a year to upload my 5TB data.
so I use pcloud, a swiss cloud where I could have 2TB data for 350€ life time, one payment only. Of course life of me or the company... At first seing the web site seems pretty expensive, but if you subscribe they advertisements they do quarterly discount. The maximum for an account is 10TB. Nextcloud like with some changes
but, of course, no system is problem free, so the need to have several.
upload speed is acceptable but one can't expect more than 100Gb a day as average
in french, but deepl is your friend :-)
jdd
I am really, really, really, really jaded on using commercial anything.
Seconded
With the daily list of companies pwned and data dumped on the dark web, it's just like rolling dice. Yes, AWS is supposed to use best-practices, but given the number of attacks I have coming from their VMs, they don't. Then there is the whole VM leakage side-attack thing to worry about. I've gotten to the point where I basically believe data out of your direct physical control is data subject to compromise.
And just today "data breach - Amazon confirms employee data exposed in leak linked to MOVEit vulnerability" https://go.reg.cx/tdml/dfd67/675cca7f/caf7f115/4f0R -- Yikes...
(a few other companies or sites supposedly employing "best-practices" in the spotlight during the past few months: npm typosquatting (not a direct npm chain compromise, but a risk to any user that doesn't spot the subtle name differences), Columbus Ohio prosecutors database, United Healthcare, Gryphon Healthcare, Pypi supply chain, HIPAA patient consent forms (Servicebridge), Flight Aware, National Public Data (that hurt a lot of folks in the US due to SS# being the primary key in much of that data - from the late 90's when everything was SS# associated)) (all articles from The Register)
Best-Practices, Privacy-Policies? We live in the epoch of TCM (total credibility meltdown) when everyone is lying about everything all the time. I know of no country that has even a semblance of the laws that I would want to see in place AND enforced. With 10tb of data I wouldn't even consider anything other than periodically making backups on WD gold spinners and physically stashing them in secure (DIY) EM-hardened places known only to myself and as few others as possible. I don't know who has access to the bandwidth required, I certainly don't. I do have an OT yet related question to house gurus here. Other than transient EMP phenomenon the earth has on several occasions flipped its magnetic poles. Not only that, but each time the event followed long periods of back-and-forth upsets. How would such a flip affect magnetic media (or everything electric for that matter)? -- Data-Denial is the name of the game. Other than friends, family or civil authority (and even for the latter only to the extent necessary for necessary identification), criminalize the storage of anyone else's data except momentarily in the case of personal data in verifiably volatile fashion to complete a transaction. In the case of all identity abuse including the above avenues, make the contributing data source criminally complicit before the law regardless of the employed methods, privacy-policies or other similar double-speak parading as safeguards.