I share this concern about SMS-based second-factor, though it’s not a showstopper for me. SMS isn’t routinely interceptable, though it can be, and I think you’re in a small minority of people who would be unable to recover their phone number. Nonetheless, SMS is weak relative to other means!
B2 lets you disable SMS as a backup and switch entirely to TOTP.
I can’t say that I am. At the worst case, if somebody was able to somehow get the username and password I use for the account, all that they would get from it are the names of the computers I use to back up to B2 and be able to download some blobs of pseudo-random data.
They could delete it all. For those of us with slow connections (all too common in the US), that could be a year or three of uploading time.
Thanks. I did look for something like that in their help, but only found sms. BB is now back in the running.
I wish that Arq had filters, or that Chronosync did their own encryption. I might have to daisy chain them to get the most important stuff up first.
That’s fine with me. As I said, I have backups in at least two other locations for everything (locally on an always-on Mac mini, and on OneDrive, and iTunes Match for my iTunes music and iCloud Photo Library for photos.) If B2 was ever that unreliable, I wouldn’t want to stay on the platform anyway, and I’d just switch to Google Cloud Platform or AWS or Wasabi and keep on going. And it took about a week to upload a full backup for me. I’ve already switched from AWS to Google Cloud Platform to B2 over the last few years.
How to use iCloud Drive for Archive: If you have a free user left on your family account, you can create a user like FleishmanArchive who only has a cloud presence. Then use Safari to sign into that account and upload archives from your home computer. You can put a pretty high level of security on this account with two-factor sign-in, encryption and email notification of sign-ons. It is great for archiving - but not for backup. Upload and download are included in the storage price and as fast as one can expect. The folder structure and interface is as ‘mac’ like as possible. One limitation is that 5 GB is the max upload file size - so if you are using folder compression, you need to take that into account. With smaller SSD as built in-storage and no current macs supporting multiple HDs, the issue is really deciding what to keep on the computer and what to archive. I think the arguments of home versus cloud for backup usually favor home, but for archive purposes, they definitely favor cloud.
I’m using OneDrive with Arq. I need an office subscription for my job and this gets you 1TB of storage “for free”.
Quite a few of my friends didn’t know that or just forgot these 1 TB…
It works quite well with Arq on OSX, I only had a few errors during the last 2 years. Arq on Windows seems to have more problems with OneDrive, at least in my experience. I use it there to backup stuff from inside Windows10 in vmware fusion.
I’m still also running a Retrospect job in vmware which gets stored in a shared folder on my Mac in the OneDrive-Folder, so I get a second “indirect” cloud backup for the Windows-stuff.
Sorry if this is a stupid question. But can somebody please explain why we would want to do this, rather than just using the unlimited Backblaze plan offered to Tidbits members? I was thinking of switching to that in August when my CrashPlan expires. Is there anything in this “roll your own” system that offers me something more that I need? I am backing up one MacBook Pro with external drives. And I also have a Time Machine and Carbon Copy Clone daily backup. Thanks.
Not a stupid question. At least for me, I am backing up three computers to B2 for a little more than $3/month, plus the cost of Arq, which (I just looked it up) is a total of $60 since 2013. So, about $50/year for three computers.
@glennf , thanks for this great article! My discounted CrashPlan for Business 12-month promo will be ending soon, and I was about to resume work on Plan B.
Let me point out 3 areas I feel you omitted:
You recommend Arq, but Arq is not what has been at the top of the recommendation list of Joe Kissell, the ostensible God of Backups 
So I think some explanation is in order. Have specs changed? Or are your criteria different?
Backblaze has its own client, and the elephant in the room is why use Arq rather than the one-stop-shop Backblaze client+storage solution? My hunch is that the answer is in some of the Arq features that you have called out, but that’s not clear. So we’d like you to explicitly tell us why (if?) Arq is superior to the Backblaze client in those ways.
Last I checked, Wasabi storage was cheaper. At least one commenter also mentioned Wasabi, too. But I don’t see any justification regarding why you choose B2 over Wasabi.
Thanks in advance!!
Dave
Following Chronsync’s advice, I made a backup to a local encrypted disk image (in fact, several backups of different folders for ease) and then backed those up to B2. That deals with the encryption issue, and it’s easy to do.
Thanks for your response. In my case, with one computer and maybe a total of 1 TB of data to store, the Backblaze full plan costs $50/year for everything. Am I right that in my situation it makes sense to just go that way rather than do something separate with Backblaze B2 and Arq? I check B2 storage pricing, and 1 TB (at $0.005/GB) alone comes to $5/month.
I have used Arq for some months now. I wonder if any of you more experienced with it have some advice on what you check to see if all is well right before doing a major upgrade of the OS?
I’m with you on just using Backblaze’s standard backup solution and somewhat puzzled that this wasn’t addressed. The Why Build Your Own Solution? section acknowledges the existence of other cloud backups, but only mentions two actual potential benefits: cost and local encryption. But a regular Backblaze backup account is unlimited storage for $5 a month and uses local encryption.
To be clear, a perfectly valid reason could be “Because I feel safer controlling it myself and I like to get my hands dirty.” But it would be good to see this addressed.
Backblaze encrypts locally but requires entering your encryption password — not just your account password — on the Backblaze web site to restore. Backblaze claims that the exposure of the password is short and therefore low risk. Others might feel that the JavaScript on the web site can be tampered with by an attacker in a way that tampering with a native client on the end host cannot. Thus some feel that a solution that does not require entering the encryption key anywhere other than a local client - and never on a web site - is a safer solution. Arq (and CrashPlan for Small Business) both make this possible.
Backblaze ‘normal’ backup doesn’t let you backup remotely mounted volumes, or servers. So anyone with even a simple fileserver needs to use something that will permit one or the other.
Sean, thanks for your post.
I may be missing something here, but I’d like to make a point. I don’t think it matters whether a password is being entered on a desktop client vs. a web browser, per se. As long as the web site is using HTTPS, the password cannot be captured in transit. So the only risk is whether or not you trust the owner of the web site.
Now, if the desktop client is made by the same people who own the cloud service, like Backblaze+B2 or Crashplan, then entering a password on a client might be something you distrust just as much as entering it into their corresponding web site, because they may know your password and therefore have access to your data.
So the third case is entering a password only in a client that does all encrypting/decrypting locally and which you trust and which is not affiliated with the cloud provider who only sees encrypted data written to and from its disks, then you may reasonably feel you have the greatest security.
The latter case MAY be why Glenn likes the Arq + B2 best, but again I’m speculating because I don’t feel like this was clearly articulated.
Has anyone used Arq’s adopt a backup feature? If possible I’d like to backup a clone of my primary drive from a faster connection at a friend’s house, then ‘adopt’ it at home, to get more stuff uploaded quicker.
Another reason why Arq ‘wins’ over regular Backblaze–BB doesn’t want to be an ‘archive’ as opposed to a backup. If an external drive isn’t seen for 30 days, it’s backup is deleted unless you make arrangements in advance with BackBlaze. This can bite the unwary if they leave town for a long trip, or possibly in a major disaster. Arq is happy to archive as much as you want, and it isn’t going to delete anything behind your back.
Yes, sounds right.
One other thing about Backblaze is that I used to use Arq as a secondary backup for only important files, as I had a family Crashplan account. At least with Arq, the app will continue to work for a long while even if the developers stop supporting it. Having been “burned” by Crashplan, I decided it was best for me to just use Arq for everything rather than depend on a backup service like Backblaze staying in business long-term. (Well,I also do local Time Machine for one of the computers and Carbon Copy Cloner for two of them).
I’d say that something like Backblaze is probably easier to set up than Arq is.
