Yesterday was my last day on Facebook. Today I deleted my account.
I may write more later, but fundamentally I don’t trust Facebook with my data or their motives.
I have similar concerns with Google as well and I don’t use GMail (I use FastMail), I don’t use Google Search (I use DuckDuckGo), and I don’t use an Android device (I use an iPhone).
Facebook (similar to Google) has repeatedly demonstrated they want to ingest all possible information they can about me, my family, my friends, my coworkers, and my acquaintances…damn the consequences.
They do this in overt and obvious ways, such as on the Facebook site itself when I provide them information, as well as offsite via the use of embedded “Like” buttons across the web. I used Firefox’s ‘Facebook Container’ and EFF’s ‘Privacy Badger’ plugins in an attempt to segregate Facebook from the rest of my online digital presence.
Facebook also does this in more covert ways, such as creating social graphs to see how people are related and interact with each other, scanning photos to identify people (even people who aren’t users of Facebook), and even creating ‘shadow profiles’ for people who don’t have accounts .
Facebook desires to be at the intersection of every kind of interaction they can be — social groups, personal communication, advertisement, sales, currency, etc — and to profit off it…to profit off of me.
This is a dangerous desire, in my opinion, and one I do not want to be involved in or exploited to achieve.
I also don’t like what Facebook does to my brain in terms of the intermittent reinforcement (similar to what happens at casinos) with new posts and updates from friends as well as the comparing (and glamorizing) of idealized existences.
I also hate the polarization that occurs with Facebook, and is in part driven by Facebook. Through their algorithms, Facebook encourages echo chambers and the spread of (dis)information thereof.
This is incredibly scary in our current socialgeopolitical climate…we seem to have lost the ability to have rational debate…something that is very urgently needed.
But know that I’d still love to keep in touch, so please call, text, email, or visit the blogs: andrewferguson.net (more tech and politics) and andrewandrachel.com (more life events and pictures…you’ll need to create a login because it’s private, you can also get email updates if you want too!)
Having a backup of your data is important, and for me it’s taken several different forms over the years — morphing as my needs have changed, as I’ve gotten better at doing backups, and as my curiosity has compelled me.
For various reasons that will become clear, I’ve iterated through yet another backup system/strategy which I think would be useful to share.
The Backup System That Was
The most recently incarnation of my backup strategy was centered around CrashPlan and looked something like this:
Atlas is my NAS and where a bulk of the data I care about is located. It backs up its data to CrashPlan Cloud.
Andrew and Rachel are the laptops we have. I also care about that data and they also backup to CrashPlan Cloud. Additionally, they also backup to Atlas using CrashPlan’s handy peer-to-peer system.
Brother and Mom are extended family member’s laptops that just backup to CrashPlan Cloud
Fremont is the web server (decommissioned recently though), it used to backup to CrashPlan as well.
This all worked great because CrashPlan offered a (frankly) unbelievably good CrashPlan+ Family Plan deal that allowed up ten computers and “unlimited” data — which CrashPlan took to mean somewhere around 20TB of total backups1 — for $150/year. In terms of pure data storage cost this was $0.000625/GB/month2, which is an order of magnitude less than Amazon Glacier’s cost of $0.004/GB/month3.
And then one year ago CrashPlan announced:
we have shifted our business strategy to focus on the enterprise and small business segments. This means that over the next 14 months we will be exiting the consumer market and you must choose another option for data backup before your subscription expires.
… To allow you time to transition to a new backup solution, we’ve extended your subscription (at no cost to you) by 60 days. Your new subscription expiration date is 09/28/2018.
Important Things In A Backup System
First a quick refresher on how to backup. Arguably the best method is the 3-2-1-bang strategy: “three total copies of your data of which two are local but on different mediums (read: devices), and at least one copy offsite.” Bang represents inevitable scenario where you have to use your backup.
This can be as simple as backing up your computer to two external hard drives — one you keep at home and backup to weekly and one you leave at a friends house and backup to monthly.
Of course, it can also be more complex.
Replacing CrashPlan was hard because it has so many features for its price point, especially:
…these would become my core requirements, in addition to also needing to understand how the backup software works (because of this I strongly prefer open-source).
I also had additional considerations I needed to keep in mind:
How much data I needed to backup:
Atlas: While I have 12TB of usable space (of which I’m using 10TB), I only had about 7TB of data to backup.
This could impact all devices in the region (~ 1000 km radius)
How much touch-time did I want to put in to maintain the system:
As little as possible (< 10 hours/year)
The New Backup System
There’s no single key to the system and this is probably the way it should be. Instead, it’s a series of smaller, modular elements that work together and can be replaced as needed.
My biggest concern was cost, and the primary driver for cost was going to be where to store the backups.
Where to put the data?
I did look at off-the-shelf options and my first consideration was just staying with CrashPlan and moving to their Small Business plan, but at $120/device/year I was looking at $360/year just to backup Atlas, Andrew, and Rachel.
Carbonite, a CrashPlan competitor but also who CrashPlan has partnered with to transition their home users to, has a “Safe” plan for $72/device/year, but it was a non-starter because they don’t support Linux, have a 30 day limit on file restoration, and do silly things like not automatically backing up files over 4GB and not backing up video files.
I decided I could live with Backblaze Backups to handle the off-site copies for the laptops, at least for now. I was back to the drawing board for Atlas though.
The most challenging part was how to create a cost-effective solution for highly-recent off-site data backup. I looked at various cloud storage options4, setting up a server at a friends house (high initial costs, hands-on maintenance would be challenging, not enough bandwidth), and using external hard drives (recentness would be too prolonged in backups).
I was dreading how much data I had as it looked like backing up to the cloud was going to be the only viable option, even if it was expensive.
In an attempt to reduce my overall amount of data hoarding, I looked at the different kinds of data I had and noticed that only a relatively small amount changed on a regular basis — 2.20% within the last year, and 4.70% within the last three years.
The majority5 was “archive data” that I still want to have immediate (read-only) access to, but was not going to change, either because they are the digital originals (e.g. DV, RAW, PDF) or other files I keep for historic reasons — by the way, if I’ve ever worked on a project for you and you want a copy because you lost yours there’s a good chance I still have it.
Since archive data wasn’t changing, recentness would not be an issue and I could easily store external hard drives offsite. The significantly smaller amount of active data I could now backup in the cloud for a reasonable cost.
Backblazes B2 has the lowest overall costs for cloud storage: $0.005/GB/month with a retrieval fee of $0.01/GB6.
Assuming I’m only backing up the active data (~300GB) and I have a 20% data change rate over a year (i.e. 20% of the data will change over the year which I will also need to backup) results in roughly $21.60/year worth of costs. Combined with two external WD 8TB hard drives for rotating through off-site storage and the back-of-the-envelope calculations were now in the ballpark of just $85/year when amortized over five years.
How to put the data?
I looked at, tested, and eventually passed on several different programs:
duplicacy…doesn’t support restoring files directly to a directory outside of the repository7
To be clear: these are all very good programs and in another scenario I would likely use one of them.
Also, deduplication was probably the biggest issue for me, not so much because I thought I had a lot of files that were identical (or even parts of files) — I don’t — but because I knew I was going to be re-organizing lots of files and when you move a file to a different folder the backup program (without deduplication capability) doesn’t know that it’s the same file8.
I eventually settled on Duplicati — not to be confused with duplicity or duplicacy — because it ticks all right boxes for me:
open source (with a good track record and actively maintained)
client side (e.g. does not require a server-side software)
supports B2 and local storage destinations
multiple retention policies
encryption (including ability to use asymmetric keys with GPG!)
The default settings appear to be pretty good and I didn’t change anything except for:
Adding SSL encryption for the web-based interface
Duplicati uses a web-based interface9 that is only designed to be used on the local computer — it’s not designed to be run on a server and have then access the GUI remotely through a browser. Because it was only designed to be accessed from localhost, it sends passwords in the clear, which is a concern but one that has already been filed as an issue and can be mitigated with using HTTPS.
Unfortunately, the OMV Duplicati plugin doesn’t support enabling HTTPS as one of its options.
Note: the recipient can either be an email address (e.g. firstname.lastname@example.org) or it can be a GPG Key ID (e.g. 9C7F1D46).
The last piece of the puzzle was how to manage my local backups for the laptops. I’m currently using Arq and TimeMachine to make nightly backups to Atlas on a trial basis.
The resulting setup actually ends up being very similar to what I had with CrashPlan, with the exception of adding two rotating external drives which brings me into compliance with the “3 total copies” rule — something that was lacking.
Each external hard drive will spend a year off-site (as the off-site copy) and then a year on-site where it will serve as the “second” copy of the data (first is the “live” version, second is the on-site backup, and third is the the off-site backup).
Overall, this system should be usable for at the least the next five years — at least in terms of data capacity and wear/tear. Total costs should be under $285/year. However, I’m going to work on getting that down even more over the next year by looking at alternatives to the relatively high per-device cost for Backblaze Backup which only makes sense if a device is backing up close to 1TB of data — which I’m not.
“While there is no current limitation for CrashPlan Unlimited subscribers on the amount of User Data backed up to the Public Cloud, Code 42 reserves the right in the future, in its sole discretion, to set commercially reasonable data storage limits (i.e. 20 TB) on all CrashPlan+ Family accounts.” Source↩
my actual usage was closer to 8TB, so my actual rate was ~$0.0015/GB/month…still an amazingly good deal ↩
which also has additional costs associated with retrieval processing that could run up to near $2000 if you actually had to restore 20TB worth of data ↩
very expensive – on the order of $500 to $2500/year for 10 TB ↩
95.30% had not been modified within the last three years ↩
Guys! I bought a 3D printer! It hasn’t even arrived yet, but I already feel like I should have done this ages ago! I ended up going with the Wanhao i3 v2.1 Duplicator. It’s an upgraded version of the v2.0, which is effectively the same model that MonoPrice rebrands and sells as the Maker Select 3D Printer v2.
All around it seems to hit the sweet spot between price and capability. For me, the big selling points are:
Sufficient large build envelope: 200 mm x 200 mm x 180 mm
Sufficient build resolution: 0.1 mm, but can go down to 0.05 mm!
Multiple-material filament capabilities
Good community support
Easy to make your improvements/repairs
I had to pay a bit of a premium since I’m in the UK, but I think it will be worth it. Printer arrives tomorrow, and I hope to have a report out soon thereafter.0
Jeffrey Goldberg at Agilebits, who make 1Password, has a great primer on why law enforcement back doors are bad for security architecture. The entire article is worth a read, presents a solid yet easily understood technical discussion — but I think it really can be distilled down to this:
Just because something would be useful for law enforcement doesn’t mean that they should have it. There is no doubt that law enforcement would be able to catch more criminals if they weren’t bound by various rules. If they could search any place or anybody any time they wished (instead of being bound by various rules about when they can), they would clearly be able to solve and prevent more crimes. That is just one of many examples of where we deny to law enforcement tools that would obviously be useful to them.
Quite simply, non-tyrannical societies don’t give every power to law enforcement that law enforcement would find useful. Instead we make choices based on a whole complex array of factors. Obviously the value of some power is one factor that plays a role in such a decision, and so it is important to hear from law enforcement about what they would find useful. But that isn’t where the conversation ends, it is where it begins.
Whenever that conversation does takes place, it is essential that all the participants understand the nature of the technology: There are some things that we simply can’t do without deeply undermining the security of the systems that we all rely on to keep us safe.
This is one of those niche games that probably only applies to enginerds1, but if you — like me — are one of those people be prepared to lose yourself in this game as you deposit silicon and metal to make real life circuits.
Конструктор is Russian for designer or contractor.0
Just after 10pm on Monday, I attempted to migrate my calendar from Google Calendar to Fastmail Calendar1.
I did this by exporting my existing calendar from Google (per https://support.google.com/calendar/answer/37111?hl=en) and then re-importing it back into Fastmail using Apple’s Calendar App. During this re-importing process, it appears that the Fastmail system regenerated the event requests and emailed all the participants of the events; although I initially suspected Apple’s Calendar app.
My wife, who was sitting next to me, was the first to let me know something was awry when she received over 400 emails from me.
After aborting last nights attempt, I tried again to import the data again Tuesday morning by using FastMail’s “Subscribe to a public calendar” feature (https://www.fastmail.fm/help/calendar/publiccalendar.html), which should not have resulted in emails being sent but still did.
In total, 109 people were affected by this issue and up to 2904 emails were sent (1452 from each incident).
The good news (if there is such a thing) is that 45% of those affected only received a single email (well, two emails), and 78% of those affected received less than 10 emails (20 emails across both incidents).
Unfortunately, emails were also sent to people even when I was not the original organizer of the event. This accounted for over half the emails that were sent.
I have opened a ticket with Fastmail (Calendar import emailing participants (Ticket Id: 479473)). Fastmail has been prompt and the issue is, in theory, resolved. However, in the future I plan on scrubbing the calendar file of email address to prevent this issue from occurring again.
For those curious, here’s how I extracted2 the number of those affected from the ICS file: