Online Backup application and Cloud storage service
Paid • Proprietary
Mac
Windows
...
What is BackBlaze?
Online backup for $7 month unlimited space. Backblaze backup encrypts and uploads all your data – no questions asked. No picking files. No digging through folders. Your data is backed up online to our datacenters, so nothing can touch it. Restore from the web or get a DVD or USB drive sent via FedEx. Files change and Backblaze backs them up. By default, Backblaze simply backs up all the time so you dont have to remember. But if you wish, you can schedule Backblaze to backup at a convenient time or only when you click "Backup Now". Unlike Carbonite, Backblaze also backs up external USB and Firewire drives.
Cheap and unlimited online backup for computer. Allow access-backed up files from phone and website. Option to buy hard drive filled with backed up files and shipped it to you to skip downloading files yourself. The downside is that they do not back up folders that belongs to apps installation, so all those settings and configuration files won't be backed up by them. They also won't backup files they claim are "typically non-user data" such as .ISO files, so all those digital CDs & DVDs images/copy won't be backed up too. These are one of the few fine prints for their "unlimited" claim.
Anamon
The file type exclusions are defaults, but you can change them in settings if you do explicitly want them backed up. This was actually my reason for dropping CrashPlan, who introduced a lengthy list of default exclusions last year. The reason why I use a cloud backup service is because I don't want to have to worry and micromanage my backups. I'm not in the mood to permanently check if some obscure application I use happens to save my user data in files with an .rbf or .tib extension! And file extensions are an extremely poor way to identify file types, anyway. All file extension and file size exclusions in Backblaze can be removed so that everything is backed up. The only fixed exclusions that you can't remove are the default folders you mentioned (default locations for Windows installation, recycle bin, program files, installation caches, etc.). The list is available here: https://help.backblaze.com/hc/en-us/articles/217664948-How-do-I-exclude-folders-file-types-or-file-sizes- Current-day Windows applications store their configuration in user directories, so those should still be backed up.
Reply written about 1 year ago
Show entire comment and 1 reply ▾
0
Anamon
★
★
★
★
★
• Top negative commentover 4 years ago • 2 replies
Long story short: for all of Backblaze's marketing talk about security and end-to-end encryption, that is only the case if you never need to restore anything from your backup! Which is, of course, not the point of doing backups.
The idea behind end-to-end encryption is this: you use a private key to encrypt your files locally, before sending them to Backblaze servers. They only ever store the encrypted data, and, since they don't know your private key, have no reasonable way to decrypt it – neither would any malicious attacker that in some way or another gains access to your backups. If you request back your files, you get the encrypted version, that only you can decrypt again with your private key, which is supposed to never leave your computer and control. Never sharing your private encryption key with anyone is the whole point of end-to-end encryption.
Backblaze pretends to uphold this while backing up your data. You enter your private key in the client, your data is encrypted locally before transmission. That is, as long as you trust that that's really what their closed-source client is doing behind the scenes.
I have been happy with this – until I actually needed to restore files from a hard drive that died. In short: there doesn't seem to be a way to restore your files without first sending your private encryption key to Backblaze, letting them decrypt your data on their servers, and send the restore to you. Backblaze claim to have years of experience in implementing security. And then they do that! Sharing your private key with anyone is the absolute biggest "no-no" in information security. It should never, ever be done. But this is exactly what Backblaze requires you to do if you want to retrieve your backed up files.
You have the option of either downloading a backup as a ZIP file, or having it delievered to you on a USB drive or hard disk. In the ZIP method, you request your backup through the web interface. You supply your private key, select what to restore, then wait for Backblaze to prepare an unencryped, not even password-protected, ZIP archive of your files on their servers for you to download. If you choose the USB method, you still have to supply your private key. They will decrypt your data, and actually re-encrypt it on the USB drive for some semblance of security in transit of the drive to you, but it will be with a separate encryption key that is displayed to you in your account. Hence, Backblaze still handles your data on their servers in unencryped form.
All of this turns the entire concept of end-to-end encryption into a fake, a completely pointless exercise. Because you'll have to undo the entire security effort the moment you want to get back any of your files. And why would you set up a backup solution if you never intended to retrieve any files from it?
This may sound harsh, and since I don't store any really sensitive data with them I'm kind of fine with still using their service – the price is good, the servers fast, the client nice. But I really hope they'll step up their game and actually follow through on their promises of security and encryption. Looking at their marketing talk on the website now, it all seems like one big lie. I believed in the lie for more than two years, because only when you get to the point of needing to restore files, you realise that none of it was true.
If you care about encryption, CrashPlan is probably the better choice for now. Their servers may be slower, their client harder to use, and generally less stable and performant (Java! Ugh! Who still uses Java for productive software?) but they seem more concerned about letting actions and processes follow their promises. Technically, you still need to trust a closed-source client, so for the really security-aware it's still not an option. But their solution seems much clearer and thought-through. For reference and comparison, here are CrashPlan's promises on private key encryption: "Encryption key exists only on source computer. Your custom key is never cached at any remote location. The custom key is held in memory for the purpose of restoring files; it is never written to disk. The custom key is flushed from memory once files are restored."
All of these promises are fundamental for encryption to make any sense at all. Backblaze breaks all of them. If CrashPlan at some point does the switch to a native client, which they've promised for many years now, Backblaze will have a very tough stand. And if they actually made their client open-source to make independent security audits possible, that would pretty much enable them to beat all of their competitors. Let's see how things develop on both sides.
[Edited by Anamon, January 07 2018]
ImNotARobot
I really appreciate your review highlighting Backblaze's security practices. Are there any better alternatives in the current year?
Reply written over 1 year ago
Anamon
@ImNotARobot: Unfortunately not that I know of. Despite my two-star review, I'm still a customer and have my private backups there. I keep checking out the competition occasionally, but the value-for-money with Backblaze is still so good that for now I just put up with the fact that their encryption concept is a joke. For my personal backup, I can live with it, until someone comes along that does it right, for a similar price. I stand by my two-star rating, despite the fact that I really like the company (nice people, great support), because it's such a fundamental (and unnecessary) technical flaw and borderline false advertising. But all the competitor's I've tried so far are getting stuff wrong that would get them a one-star rating from me.
1TB = 5$ / mo. But you can use smaller amounts of data. For example for regular backups whole WordPress database and site, I need around 40GB (by last 3 years of using the service) and my price tag is 1.2$ yearly.
Is it cheaper for me to store data somewhere else? No, I do not think so. 120 cents for 40GB of data per YEAR, I do not think, that I can find something cheaper.
But here is a big BUT! If I wanna to download all of my data or restore frequently from my b2 storage, my bills will be next:
As you see, a price for downloading backups 3x more then a price for storing data. I realized it, when I tried to take all my backups from them (which is not easy to do, if you wanna download whole bucket). And I realized that I must to pay them some money ( I have backups of several terrabytes also there too).
Here is example:
As you see on the image above, if I willing to download all my data, I will forced to pay them 51$ Instead of 17$. Imagine that you have not 3TB but for example 10TB of data.
Summary: I have NOTHING against this service, I just wish to warn people about this service, that there are not really hidden costs, but what to expect. If you back up a lot of your data and store it online, it's great. But if you need access to your files and download them - it's not really cost effective.
Much cheaper will be to use any cloud storage.
For example something like sync, or any other alternative.
Show entire comment ▾
0
insidesystem
★
★
★
★
★
• Positive comment • over 2 years ago • 0 replies
This guys NOT cheap if you will use it for something like downloading later. As for site for storing their data -- they're pretty okay. But if you plan to use it as file storage with frequent downloads of data - you can easily get a check for 20-30-40$ depends on the amount of data that you wish to download. A whole business model based on an uploading data and storing here, and if you want to download your files back if really shit happen (for example big backup) - you will be forced to pay a lot of money. Is it good for me? No. Can I recommend them? To be clear for backups - yes. But for backups which will be rarely used.
Also, there are better alternatives with the same pricing and without asking money for traffic as they do.
Show entire comment ▾
0
generally
★
★
★
★
★
• Negative comment • about 4 years ago • 1 reply
So...
2x4TB, 2x2TB, 4x1TB and some SDDs as network connected drives. BB?
Cons
no individual files / folders backup / just drives backup
it's either the C:\ (no un-select) or everything else is a problem (usb hdd did not back up).
(private) no network drives is a problem / local only and "unlimited amount of files" just do not rhyme, so... ridiculous marketing. (Compare Business Plan 1 x 4TB hdd will cost you 20€$/$+ per month, that's the true pricing of BB)
no customized install
some of the preferences and adjustments for backups are online, which is inconvenient
NAS backup to pricey
So, pricing, limited tech is what one would get. Also you should read up what will be backed up (personal backup), it's not that much
Pros
bootdrive restore is an amazing option if it works (I could predict that multiple bootups will be a problem if it's not a partition backup);
options to backup right from the NAS and other backup solutions
Fazit:
gonna save for additional drives and make a local backup
generally
update: trying to be friends with BB on Mac
your system drive backup can not be deactivated
there are a lot of exclusions (Applications among them)
Backblaze does not allow backing up the Applications folder. (what else to I need to back up? my user folder only?)
Backblaze does not allow backing up the net folder. Net and NAS same thing? Plug everything as USB drive?
Wirecutter recommends Backblaze in the guide "The Best Online Cloud Backup Service."
https://www.nytimes.com/wirecutter/reviews/best-online-backup-service/#our-pick-backblaze
Cheap and unlimited online backup for computer.
Allow access-backed up files from phone and website.
Option to buy hard drive filled with backed up files and shipped it to you to skip downloading files yourself.
The downside is that they do not back up folders that belongs to apps installation, so all those settings and configuration files won't be backed up by them. They also won't backup files they claim are "typically non-user data" such as .ISO files, so all those digital CDs & DVDs images/copy won't be backed up too. These are one of the few fine prints for their "unlimited" claim.
The file type exclusions are defaults, but you can change them in settings if you do explicitly want them backed up. This was actually my reason for dropping CrashPlan, who introduced a lengthy list of default exclusions last year. The reason why I use a cloud backup service is because I don't want to have to worry and micromanage my backups. I'm not in the mood to permanently check if some obscure application I use happens to save my user data in files with an
.rbfor.tibextension! And file extensions are an extremely poor way to identify file types, anyway.All file extension and file size exclusions in Backblaze can be removed so that everything is backed up. The only fixed exclusions that you can't remove are the default folders you mentioned (default locations for Windows installation, recycle bin, program files, installation caches, etc.). The list is available here:
https://help.backblaze.com/hc/en-us/articles/217664948-How-do-I-exclude-folders-file-types-or-file-sizes-
Current-day Windows applications store their configuration in user directories, so those should still be backed up.
Reply written about 1 year ago
Long story short: for all of Backblaze's marketing talk about security and end-to-end encryption, that is only the case if you never need to restore anything from your backup! Which is, of course, not the point of doing backups.
The idea behind end-to-end encryption is this: you use a private key to encrypt your files locally, before sending them to Backblaze servers. They only ever store the encrypted data, and, since they don't know your private key, have no reasonable way to decrypt it – neither would any malicious attacker that in some way or another gains access to your backups. If you request back your files, you get the encrypted version, that only you can decrypt again with your private key, which is supposed to never leave your computer and control. Never sharing your private encryption key with anyone is the whole point of end-to-end encryption.
Backblaze pretends to uphold this while backing up your data. You enter your private key in the client, your data is encrypted locally before transmission. That is, as long as you trust that that's really what their closed-source client is doing behind the scenes.
I have been happy with this – until I actually needed to restore files from a hard drive that died. In short: there doesn't seem to be a way to restore your files without first sending your private encryption key to Backblaze, letting them decrypt your data on their servers, and send the restore to you. Backblaze claim to have years of experience in implementing security. And then they do that! Sharing your private key with anyone is the absolute biggest "no-no" in information security. It should never, ever be done. But this is exactly what Backblaze requires you to do if you want to retrieve your backed up files.
You have the option of either downloading a backup as a ZIP file, or having it delievered to you on a USB drive or hard disk. In the ZIP method, you request your backup through the web interface. You supply your private key, select what to restore, then wait for Backblaze to prepare an unencryped, not even password-protected, ZIP archive of your files on their servers for you to download. If you choose the USB method, you still have to supply your private key. They will decrypt your data, and actually re-encrypt it on the USB drive for some semblance of security in transit of the drive to you, but it will be with a separate encryption key that is displayed to you in your account. Hence, Backblaze still handles your data on their servers in unencryped form.
All of this turns the entire concept of end-to-end encryption into a fake, a completely pointless exercise. Because you'll have to undo the entire security effort the moment you want to get back any of your files. And why would you set up a backup solution if you never intended to retrieve any files from it?
This may sound harsh, and since I don't store any really sensitive data with them I'm kind of fine with still using their service – the price is good, the servers fast, the client nice. But I really hope they'll step up their game and actually follow through on their promises of security and encryption. Looking at their marketing talk on the website now, it all seems like one big lie. I believed in the lie for more than two years, because only when you get to the point of needing to restore files, you realise that none of it was true.
If you care about encryption, CrashPlan is probably the better choice for now. Their servers may be slower, their client harder to use, and generally less stable and performant (Java! Ugh! Who still uses Java for productive software?) but they seem more concerned about letting actions and processes follow their promises. Technically, you still need to trust a closed-source client, so for the really security-aware it's still not an option. But their solution seems much clearer and thought-through. For reference and comparison, here are CrashPlan's promises on private key encryption: "Encryption key exists only on source computer. Your custom key is never cached at any remote location. The custom key is held in memory for the purpose of restoring files; it is never written to disk. The custom key is flushed from memory once files are restored."
All of these promises are fundamental for encryption to make any sense at all. Backblaze breaks all of them. If CrashPlan at some point does the switch to a native client, which they've promised for many years now, Backblaze will have a very tough stand. And if they actually made their client open-source to make independent security audits possible, that would pretty much enable them to beat all of their competitors. Let's see how things develop on both sides.
[Edited by Anamon, January 07 2018]
I really appreciate your review highlighting Backblaze's security practices. Are there any better alternatives in the current year?
Reply written over 1 year ago
@ImNotARobot:
Unfortunately not that I know of. Despite my two-star review, I'm still a customer and have my private backups there. I keep checking out the competition occasionally, but the value-for-money with Backblaze is still so good that for now I just put up with the fact that their encryption concept is a joke. For my personal backup, I can live with it, until someone comes along that does it right, for a similar price. I stand by my two-star rating, despite the fact that I really like the company (nice people, great support), because it's such a fundamental (and unnecessary) technical flaw and borderline false advertising. But all the competitor's I've tried so far are getting stuff wrong that would get them a one-star rating from me.
Reply written about 1 year ago
Great prices and great service.
For storing data they're pretty not bad.
https://www.backblaze.com/b2/cloud-storage-pricing.html
1TB = 5$ / mo.
But you can use smaller amounts of data.
For example for regular backups whole WordPress database and site, I need around 40GB (by last 3 years of using the service) and my price tag is 1.2$ yearly.
Is it cheaper for me to store data somewhere else?
No, I do not think so. 120 cents for 40GB of data per YEAR, I do not think, that I can find something cheaper.
But here is a big BUT!
If I wanna to download all of my data or restore frequently from my b2 storage, my bills will be next:
As you see, a price for downloading backups 3x more then a price for storing data.
I realized it, when I tried to take all my backups from them (which is not easy to do, if you wanna download whole bucket). And I realized that I must to pay them some money ( I have backups of several terrabytes also there too).
Here is example:
As you see on the image above, if I willing to download all my data, I will forced to pay them 51$
Instead of 17$. Imagine that you have not 3TB but for example 10TB of data.
Summary:
I have NOTHING against this service, I just wish to warn people about this service, that there are not really hidden costs, but what to expect. If you back up a lot of your data and store it online, it's great. But if you need access to your files and download them - it's not really cost effective.
Much cheaper will be to use any cloud storage.
For example something like sync, or any other alternative.
This guys NOT cheap if you will use it for something like downloading later.
As for site for storing their data -- they're pretty okay.
But if you plan to use it as file storage with frequent downloads of data - you can easily get a check for 20-30-40$ depends on the amount of data that you wish to download.
A whole business model based on an uploading data and storing here, and if you want to download your files back if really shit happen (for example big backup) - you will be forced to pay a lot of money.
Is it good for me? No.
Can I recommend them? To be clear for backups - yes. But for backups which will be rarely used.
Also, there are better alternatives with the same pricing and without asking money for traffic as they do.
So...
Cons
So, pricing, limited tech is what one would get. Also you should read up what will be backed up (personal backup), it's not that much
Pros
Fazit:
update: trying to be friends with BB on Mac
Reply written over 2 years ago