Backups

While backups are more of a security than privacy topic, i suggest to add the topic of backups to the knowledge base as well as recommendations for backup tools.

My reasoning for this suggestion is:

  • People who are new often don’t differentiate between privacy and security and subsequently come her for both. They might be prompted to think topics where privacy and security intersect is all they need to know and therefor won’t implement a backup strategy.

  • Although backups fall under the topic of security, there still can be privacy considerations, think of the questions “Should I use cloud storage as backup target?” or “Do commercial backup solutions phone home?” for example .

3 Likes

I also think it’s important because many of the more private options of things people want to do require some degree of self-hosting. If folks choose that option, they should know that backups are important to maintain the same level of confidence in the persistence of their data as they had on mainstream services like Google Drive.

We want to add an article about this:

I do think we need to discuss where the back up is going to be? Ie local, and cloud. The reason for this is because it’s not feasible to backup a lot of data to the cloud if your internet connection isn’t particularly fast.

I think if we discuss cloud products we must only recommend solutions which use E2EE and have been audited.

At the moment I personally use syncthing to my server and then do ZFS snapshots from there. Most people probably don’t have a NAS with ZFS so we should include some options that aren’t dependent on a RAID array like that.

I’m quite fond of rsync, because I think it can be an issue if your important data is locked up in some proprietary image format.

Perhaps we could look at options such as:

2 Likes

I used to use Duplicati, but had issue with backing up to Nextcloud server (webdav). It worked great for local (network) backup though. So I switched to Kopia, and it is great piece of software.

3 Likes

From doing some quick research, the best three options seem to be Borg, Restic and Kopia.

1 Like

Could you elaborate on why?

The conclusion I came to is:

Borg is the most mature option (written in Python). As a result, it has a lot of different tools, applications and integrations (both CLI and a GUI such as Vorta). It’s slower than other backup programs but it does the job really well and applies a lot of compression. The main downsides are due to its maturity, there are a lot of tools and parts that exist for it which can be overwhelming, and it’s not really designed for cloud backups and requires extra tooling for that. If you’re used to working with borg and have always relied on it, this is no issue, but if you’re new and looking for something simple and more user-friendly with minimal setup and configuration, the better options are below.

Restic is another really mature and reliable option and it’s very popular (written in Go) and maintained by two German developers. It’s designed to be fast and efficient and now has compression (it didn’t before). It’s designed for cloud backups too and works with any provider, and also uses rclone as a backend. It is CLI only and has no GUI. It aims to be minimal and non-opinionated, so it doesn’t take care of scheduling backups for you and you can just do that with a cron job or similar. Due to its very large userbase, it has extensive resources online. Its security and encryption is also great, as a Go cryptographic expert took a look at it and decided to use it for his personal backups. It also has an explicit threat model which is really interesting.

Kopia is also written in Go and maintained by a Polish developer. It’s very good and impressive and I believe the fastest tool overall. Like Restic, it’s also simple and easy to set up and use. It has both a CLI and GUI. It supports the popular cloud providers but it’s not integrated with Rclone and you have to install it separately, and once you pair them up it’ll take care of using rclone. It can also schedule and do automatic backups. If a GUI is essential, I would say this is the best program overall for simplicity and can take care of everything for you. The main downside however is it’s relatively newer and modern and not as battle-tested as the other options, so you may run into occasional issues, although they are probably edge cases.

Personally, I’ve opted for restic for its simplicity, minimalism, efficiency and reliability, and I like Go and mainly do cloud backups. It’s the best option for me since I don’t care about a GUI and scheduling the backups myself is no issue, otherwise I would have definitely gone with Kopia. It’s also available in the official APT and RPM repositories by default and you don’t need to add keys/repos first.

There are a lot of backup/deduplication programs and tools out there, but these three pretty much do everything they can and better in most cases. You can look up some detailed comparisons on Reddit or HN which I would’ve linked to but I just wanted to do a quick write-up off the top of my head.

4 Likes

+1 for borgbackup.

Borg also has a great FOSS GUI app called Vorta.

I’d recommend against Duplicati, as it’s performance for restore operations and browsing backed up files is very poor, as myself and others have noticed.

2 Likes

Windows user minority here.
I was using Macrium Reflect to backup up my system disk, it’s fast, easy and you can setup a win boot usbkey to restore backups in case of system failing.
Now, the free version is being retired and I’m looking for a solid alternative, do you have any advice?

I’ve always used the built-in Windows File History and Windows Backup tools personally.

I want to do a backup on Windows but I don’t want to use tools like windows backup because it stores info on OneDrive.

What options do we have? I would like to store the backup image locally (of course on other drive) and encrypt it. I think these info can also be useful on Privacy Guides website.

When I previously wrote “Windows Backup” I was referring to Backup & Restore (which is still available in Windows 10/11) just to be clear.

To be honest, system-level backups also tend to be a bad idea in general though. You’re probably better off backing up your user data with File History and just installing the system and apps from scratch if you ever need to restore a device.

1 Like

Does this also hold true with iOS backups on Macs made in Finder? I’ve also enabled iCloud backup but figured that may not cover everything.

Computer iOS backups are not full system backups either, they only back up your local user data and “almost all of your device’s […] settings.” As far as I’m aware they back up the same data as iCloud backups. This is why you can’t use them to install old iOS versions for example.

2 Likes

re-opening this with an extra question: is there any backup option that allows you to actually the files? i am currently using kopia to backup some important folders to the cloud, but i realise thay it would be nice to be able to read the files from my phone, and all that kopia shows is a bunch or random folders and files. removing encryption would apparently not change this. any ideas?

@orelia
kopia, borg, and restic all have a mounting feature to let you explore a backup normally:

But as i know, none of them works on phone, as orelia mentioned.

@crossroads ah I overlooked the phone part, thanks

@orelia if you want a backup tool that allows plain file access you can use BackInTime, it uses rsync and filesystem hardlinks to create snapshots, but it can be fragile ime and lacks “modern” backup system features

thanks, apparently that won’t work on macos, though.

i’m starting to think that the easiest would be to simply copy the local folder onto the cloud storage and work from there, instead of keeping it local and having a backup on the cloud. since cloud is e2ee, that would work but i just don’t really like the idea of directly moving a working folder onto the cloud, call me old fashioned