I use B2 as the backend for my personal backups using restic (which I would highly recommend https://github.com/restic/restic). I don't have a ton of data to backup, so even with hourly backups (restic only backs up when there are changes) I have ~100GB and it runs me a whopping $0.60/month. I almost feel guilty when I get the bill. But the minute I need to pick a storage platform in a professional context I know what my first choice will be.
(I am _not_ affiliated with Backblaze in anyway. Just a happy user)
For $9/month you would get a lot more features from the backup service. The interesting ones being File Sharing and Extended Version History. So it depends if you want those, as well as a nice web UI. And at 1TB the numbers get closer, at 2TB it becomes cheaper to use the backup service.
The main thing for me is legacy. In my will it is a lot easier to explain how to get files from the standard backup plan, rather than install a tool from Github etc.
That’s $9 per computer, not directly comparable to raw storage to use however you want. I get there are ways around this (host a local centralized backup) but that then sort of destroys the turnkey part anyway.
The per computer thing made me move to iDrive but I will move back for the UX. I am going to do a hybrid where one computer is backed up with the majority of files, and for other computers use free Dropbox tiers.
Depending on which service from iDrive you use, the total lack of deduplication with its personal backup service was a complete no-go for me. If you can't dedupe, any changes to your folder names or locations provoke a whole new upload cycle, which is absurd.
any drive attached is stored. Ive been backing up 20tb and its a deal. unlimited and you just have to make the OS think the drive is us attached or internal
With rclone B2 has backup on delete, which you can expire after an arbitrary period.
I used to be a Backup customer until recently when it threw out errors on my macOS machine. The solution according to support was to remove my backup including version history. When I complained that was a problem, they suggested a second account, which they would refund the price for, after I made the switch.
Rclone give me more control, which I like. I use tmutil to create snapshots of what I backup, too. Very slick.
First make sure you understand how they handle encryption. The features and ease of use come at the cost of some security.
They generate a public/private key pair for the user. The client gets the public key and the server gets the private key. During backups the data is encrypted on the client with a symmetric key (which I believe is generated on the client). The encrypted data is sent to the server. The symmetric key is encrypted using the public key and also sent to the server.
On a restore they use the private key on the server to decrypt the encrypted symmetric key, use that key to decrypt the backup data, and then make the decrypted files available in a zip file that the user can download. The download is over HTTPS so is encrypted in transit.
If you don't like the idea of them having such access to your private key they do offer an option to add additional protection [1]:
> The user’s private key which is stored safely in our data center is protected by a password that is highly guarded. But for some users this is not good enough and we allow the user to secure this file with their own password. When this is done it is impossible to access the data without the user’s password. Unfortunately, this also means we can’t help the user if they ever forget this password so we don’t recommend it for most users.
If you do that then when you restore you have to enter that password on their site when requesting the restore, so their server can decrypt the private key.
They give some more detail in their "Security Question Round-up!" [2]:
> The answer shows a weak point in the Backblaze system. As you prepare a restore, you must type in your private passphrase into the restore server. This is not written to disk, but held in RAM and for the period of time of decrypting all your files, and they are then stored in "clear text" on our very highly secured servers until they are ZIPPED up and offered to you to be downloaded. At that moment you can download them (by HTTPS only), then you can "delete the restore zip" which means you close the window of time that your files are available in plain text.
> So to recap: if you never actually prepare a restore, we cannot possibly know what is in your files, but if you prepare a restore (let's say of a few files) then for the couple minutes they are being prepared and downloaded they are in "plain text" on a HIGHLY SECURE system in the Backblaze datacenter. At that moment, if a Backblaze employee were malicious enough and dedicated enough and was watching (which is actually pretty hard, we get thousands of restores every day so it would fly by quickly) they could see your filenames appear on the Linux servers right before they are ZIPPED up into a new bundle. A few minutes of exposure.
> We actually want to improve this to provide a password encrypted ZIP file for download, and then the FINAL improvement is to actually allow you to download the private encryption key, download the encrypted files, and provide the pass phrase in the privacy of your computer. We hope to add this functionality in the future.
While I completely agree: I don't believe this applies to Restic (or many other many-cloud-host backup software). It seems to be using the dumb S3 like API with an entirely local encryption, as do many others because that's kinda the only portable way to do encryption.
I have not dug into it in detail though, so I would encourage everyone to not believe this without verifying.
Yup. What can cause confusion is that Backblaze is offering multiple storage products. One is a cloud storage service similar to S3, and one is a computer backup service and accompanying client software.
• If you use the backup service, which is called Computer Backup, Backblaze supplies the client backup software. Computer Backup is $9/month/computer (with discounts if you pay in advance which can lower it to $5.25/month/computer if you pay 3 years in advance) and has file sharing and mobile apps.
It's meant to be an all-in-one easy to use backup service that you don't have to think much about.
• If you are using the S3-like service, which is called B2, Backblaze just provides storage and an API. If you want to use it for backup you have to supply the backup software, such as Restic. It is priced based on storage rather than number of computer, costing $6/TB/month.
There are no data transfer costs for uploads. Downloads are $0.01/GB but each month you get free up to 3x the total amount you have stored. You'd have to be having a really bad month if you had to restore your entire backup more than 3 times!
There are also charges for using some API calls. It looks like upload and delete calls are free, download calls are 2500 free per day then $0.0004 per 10000, and calls that manipulate data on the server like copying are 2500 free per day then $0.0004 per 1000 calls. That doesn't seem too bad. Downloading a million files in one day would be about $0.40.
But surely someone who is actually that concerned about security will have the files being backed up already encrypted before they're backed up to b2? That way no need for encryption b2 side, then decrypt them locally after pulling them back down again.
The numbers you are shared are mind-blowing to me. Can you confirm: Do you pay your bill (1) monthly and (2) by automated credit card payment? If yes, don't the credit card transaction fees paid by Backblaze exceed the amount!? This post has literally inspired me to sign-up. I have put off Internet backups for a long time!
It seems around 0.6€ is where they judge it worthwhile to create an invoice. I have even less data (because I only backup my server there, for my PC I use backblaze personal with payments every 2 years), and they charge me 0.6-0.85€ every 2 months.
Backblaze B2 is their generic object storage platform similar to S3. You pay what you use and it scales into petabytes. There's no minimums so if you're only using small amounts, you get a small bill at the end of the month. It's not backup software, just the underlying cloud storage platform.
B2 is not Cloud Backup, B2 is there S3 compatible storage that you pay by the GB
your links are to their "backup" service which is only for Windows and Mac computers, and is limited to their backup app which many people report having throttling and other issues, it is "unlimited" in the sense that it should only be used for a single computer, which is why they never support Linux on it, because they believe (probably correctly) that linux support would mean most people will install it to NAS devices and ruin the business model for everyone else
Historically that has been the case for all of the backup solutions that offered "unlimited" data for a fixed price monthly, I think BackBlaze is the only remaining vendor in the game that does
If Hetzner storage boxes work for you, that would be less than 4 euros per month with unlimited traffic. Next level up is 13 euros for 5TB. (It works fine with restic over ssh but also has options for samba, webdav etc in addition to borg server. Now that I am looking at the info page, it seems restic is listed now too but I am not sure if it's via rclone . https://www.hetzner.com/storage/storage-box )
Yes, big difference. With B2 you’re just getting the raw storage, so all backup and restore operations have to be done through restic.
With their personal computer backup offering, there’s a web interface that you can use to download individual files from your backups, share files, or even have them mail you a flash drive containing your full backups.
Restic is good for storing files on computers you don't control because the private key doesn't get exposed. It also has features for snapshots and testing backups. You can select a percentage to test so if you have a slow internet connection you can get some piece of mind without having to download all your backup data.
I mean reading that thread, the problem itself is certainly worrying but the response from B2 is pretty golden, that's some great customer/technical support.
(I am _not_ affiliated with Backblaze in anyway. Just a happy user)