While backups are more of a security than privacy topic, i suggest to add the topic of backups to the knowledge base as well as recommendations for backup tools.
My reasoning for this suggestion is:
People who are new often don’t differentiate between privacy and security and subsequently come her for both. They might be prompted to think topics where privacy and security intersect is all they need to know and therefor won’t implement a backup strategy.
Although backups fall under the topic of security, there still can be privacy considerations, think of the questions “Should I use cloud storage as backup target?” or “Do commercial backup solutions phone home?” for example .
I also think it’s important because many of the more private options of things people want to do require some degree of self-hosting. If folks choose that option, they should know that backups are important to maintain the same level of confidence in the persistence of their data as they had on mainstream services like Google Drive.
I do think we need to discuss where the back up is going to be? Ie local, and cloud. The reason for this is because it’s not feasible to backup a lot of data to the cloud if your internet connection isn’t particularly fast.
I think if we discuss cloud products we must only recommend solutions which use E2EE and have been audited.
At the moment I personally use syncthing to my server and then do ZFS snapshots from there. Most people probably don’t have a NAS with ZFS so we should include some options that aren’t dependent on a RAID array like that.
I’m quite fond of rsync, because I think it can be an issue if your important data is locked up in some proprietary image format.
Borg is the most mature option (written in Python). As a result, it has a lot of different tools, applications and integrations (both CLI and a GUI such as Vorta). It’s slower than other backup programs but it does the job really well and applies a lot of compression. The main downsides are due to its maturity, there are a lot of tools and parts that exist for it which can be overwhelming, and it’s not really designed for cloud backups and requires extra tooling for that. If you’re used to working with borg and have always relied on it, this is no issue, but if you’re new and looking for something simple and more user-friendly with minimal setup and configuration, the better options are below.
Restic is another really mature and reliable option and it’s very popular (written in Go) and maintained by two German developers. It’s designed to be fast and efficient and now has compression (it didn’t before). It’s designed for cloud backups too and works with any provider, and also uses rclone as a backend. It is CLI only and has no GUI. It aims to be minimal and non-opinionated, so it doesn’t take care of scheduling backups for you and you can just do that with a cron job or similar. Due to its very large userbase, it has extensive resources online. Its security and encryption is also great, as a Go cryptographic expert took a look at it and decided to use it for his personal backups. It also has an explicit threat model which is really interesting.
Kopia is also written in Go and maintained by a Polish developer. It’s very good and impressive and I believe the fastest tool overall. Like Restic, it’s also simple and easy to set up and use. It has both a CLI and GUI. It supports the popular cloud providers but it’s not integrated with Rclone and you have to install it separately, and once you pair them up it’ll take care of using rclone. It can also schedule and do automatic backups. If a GUI is essential, I would say this is the best program overall for simplicity and can take care of everything for you. The main downside however is it’s relatively newer and modern and not as battle-tested as the other options, so you may run into occasional issues, although they are probably edge cases.
Personally, I’ve opted for restic for its simplicity, minimalism, efficiency and reliability, and I like Go and mainly do cloud backups. It’s the best option for me since I don’t care about a GUI and scheduling the backups myself is no issue, otherwise I would have definitely gone with Kopia. It’s also available in the official APT and RPM repositories by default and you don’t need to add keys/repos first.
There are a lot of backup/deduplication programs and tools out there, but these three pretty much do everything they can and better in most cases. You can look up some detailed comparisons on Reddit or HN which I would’ve linked to but I just wanted to do a quick write-up off the top of my head.