hoakley June 26, 2021 Macs, Technology

When your backups vanish

This week backups relying on the services have hit the headlines: earlier in the week, some were horrified to discover Apple’s policy for deleting old iCloud backups of its devices, and in the last couple of days, users of WD’s My Book Live devices have found their local backups have been completely removed. These might appear unrelated, but bear a common lesson.

iCloud backups

One of the most convenient ways for those with iOS or iPadOS devices to back them up is iCloud. One of the strangest policies that Apple has, though, is that old iCloud backups can be automatically deleted. This isn’t exactly made clear either: most of Apple’s documentation on these iCloud backups doesn’t mention this limitation, and the only reference I can find is here, where Apple writes: “iCloud backups are available for 180 days after you disable or stop using iCloud Backup.” That seems out of place in a paragraph headed “Delete backups and turn off iCloud Backup for your device”.

The meaning is that, if you had backed up your iPhone or iPad to iCloud before last Christmas, but not since, your old backup should now have vanished automatically even though you may have ample free space in iCloud. However, if you had made that previous backup and one earlier this month, both should still be there ready to be accessed.

This happens nowhere else in iCloud: you can leave all manner of files in your iCloud Drive or document folders, and those will be left there as long as you have sufficient free space.

I can’t for the life of me comprehend why Apple has this policy, but it’s another reflection on the fact that cloud services only rent you the storage, and can impose what policies they like, including the removal of files such as backups. I hope Apple reviews that policy and either provides a cogent reason for doing this, or rectifies its behaviour.

NAS backups

The other backup problem is even worse: if you still use Western Digital My Book Live networked storage (NAS), the chances are that over the last few days, all your backups on that storage system will have been erased. What happened here is more complicated, doesn’t involve cloud storage, and may well be even more disastrous.

One of the features of My Book Live storage is that its users can remotely access files stored there, through Western Digital’s cloud service. Although these models lost support six years ago, it appears that many are still in active use, and storing Time Machine and other backups as well as shared folders.

At some time in the last few days, My Book Live users started noticing that their devices underwent a factory reset and loss of all the stored files, which was apparently initiated by a remote connection. This was first reported by Bleeping Computer, and by Ars Technica. Western Digital attributes this to attack of the devices by malicious software, and continues to investigate. It appears that, when WD dropped distributing further software updates for My Book Live products in 2015, they were left with a vulnerability (CVE-2018-18472) which was published three years later, in 2018, but nothing has been done to mitigate that.

Lesson learned

In both cases, those worst affected by the loss of backups are those who have entrusted those backups to just one destination: iOS/iPadOS devices to iCloud, and local backups to ageing My Book Live storage. While neither should have resulted in such data loss, and both Apple and Western Digital need to investigate and act in their users’ best interests, no one should ever rely on a single backup set, nor a single method of making backups.

Maybe I’ve gone a little over the top, but I use four different tools to maintain my backups here: Time Machine (to local APFS), Carbon Copy Cloner 6 (to local APFS), ChronoSync (to local APFS), and manual copying to iCloud. If I had the bandwidth, I’d also like to use another cloud service to keep more backups off-site. I also keep fallback Macs at the ready.

If you put all your eggs in one basket, don’t be surprised when something happens to that basket and you’re left with no eggs. Please reconsider your backup strategy and ensure that your risks are wisely spread.

53Comments

Add yours

1

EcleX on June 26, 2021 at 7:25 am

Thanks for the useful article. Keeping backups that are not always connected to the Mac or other device may be critical in case of malware that encrypts or deletes all connected disks. Besides Time Machine, I have found that both SuperDuper and Carbon Copy Cloner are great.

LikeLiked by 2 people
- 2
  
  performa475 on June 26, 2021 at 7:53 am
  
  It’s good practice to have at least one backup drive that is not permanently connected. I only plug in my Carbon Copy Cloner produced backup drive when I actually want to take a backup. Hence I’m not too worried about leaving my TM backup drive plugged in semi-permanently.
  
  LikeLiked by 2 people
  - 3
    
    hoakley on June 26, 2021 at 8:42 am
    
    Thank you.
    What I’m trying to say here is that following good or best practice doesn’t necessarily address your backup needs. Every user needs to think about the risks, and arrive at a backup policy which addresses them. Vendors like to sell us instant solutions, and too many are content to trust the marketing claims rather than think out a good solution.
    Howard.
    
    LikeLike
  - 4
    
    Jerry Fritschle on June 26, 2021 at 9:24 pm
    
    Along these lines, CCC gives the option to unmount the destination when not in use.
    
    LikeLiked by 1 person
    - 5
      
      hoakley on June 26, 2021 at 10:31 pm
      
      Thank you: yes, that’s an important feature.
      Howard.
      
      LikeLike
- 6
  
  hoakley on June 26, 2021 at 8:37 am
  
  Thank you.
  I think that’s a red herring, as shown well in both these cases, in which the backup store wasn’t always connected: iCloud backups are quite independent, and the My Book Live is an independent device altogether.
  Of course, if you have off-site backups they also aren’t connected to your Mac. But what’s important (again, as shown here) is that users don’t grab one ‘solution’ and think it addresses all the issues. You must work out a coherent backup policy derived from a risk assessment, and if you don’t you will lose important data, whether or not it’s connected to your Mac at the time.
  Howard.
  
  LikeLiked by 1 person
7

Michele Galvagno on June 26, 2021 at 7:25 am

Thanks for reporting this, I had read about the WD but didn’t know about iCloud. I have never been able to access multiple iCloud backups for my iOS/iPadOS devices as newer ones were overwriting old ones, at least for the same device. Is there something I’m missing here? I heavily use iCloud for syncing but I’ve set up several CCC tasks to copy the “MobileDocuments” folder (where locally downloaded iCloud files live on the Mac) to a local backup. One can never be safe enough…

LikeLiked by 1 person
- 8
  
  hoakley on June 26, 2021 at 8:39 am
  
  Thank you. I’m sorry, I don’t whether iOS/iPadOS devices overwrite old backups: that doesn’t sound at all useful!
  Howard.
  
  LikeLike
9

fds on June 26, 2021 at 7:28 am

I’d assume Apple removing seemingly abandoned backups is a privacy feature, protection against authorities asking for a copy of all that private stash of data you might no longer remember was left stored there.

LikeLiked by 1 person
- 10
  
  hoakley on June 26, 2021 at 8:40 am
  
  Thank you.
  That would, if true, be completely absurd, given that the vast majority of users will never have law-enforcement agencies asking for their old backups. Surely that should be an opt-in, not a lock-in?
  Howard.
  
  LikeLike
11

Walt on June 26, 2021 at 9:39 am

Just another example of why one should think twice about taking advantage of a vendors remote cloud service to access the vendors storage device. The last example before this one was the Qnap Qlocker ransomware fiasco back in April 2021.

LikeLiked by 1 person
- 12
  
  hoakley on June 26, 2021 at 9:43 am
  
  Thank you.
  I routinely disable all remote access. But for some it is just so attractive.
  Howard.
  
  LikeLiked by 1 person
13

blackxacto on June 26, 2021 at 2:34 pm

I backup to two independent RAID disks, a TimeMachine Hard Drive, a Buffalo Drive and an external SSD drive. None of these backups worked when trying to migrate to Big Sur. I had no Apple Store on any of these external backups when migrated to Big Sur. I had to completely wipe and clean install everything. No migration. So I am not sure of the value of local backup any longer, however, maybe it was one time. I am still backing up everything just incase.

LikeLiked by 1 person
- 14
  
  hoakley on June 26, 2021 at 10:30 pm
  
  Thank you. Yes, I recall your troubles. I’m not sure that I understand when you write “I had no Apple Store on any of these external backups”, In Big Sur, the App Store app isn’t backed up, as it’s on the System volume.
  Howard.
  
  LikeLike
15

Lestertwice on June 26, 2021 at 3:13 pm

Slightly off topic, I have to thank you for bringing my attention to Backblaze in an old article. Now I’m a satisfied customer.

LikeLiked by 1 person
16

Peter Hopcroft on June 26, 2021 at 9:51 pm

Yes, backups, a lively topic. Thanks for the information.

Can you please answer a question I’ve had for a long time about Mac backups ? If I have my Documents folder stored on iCloud Drive and have “Optimise Mac storage” turned off and if I only write to Documents from my Mac, then will Documents ever have placeholder files, as opposed to the actual files ? I would like to use an app like Chronosync to backup Documents to an external drive but worry that my backups will have placeholder files.

LikeLiked by 1 person
- 17
  
  hoakley on June 26, 2021 at 10:38 pm
  
  If all the files held in iCloud are stored locally, then there are no stub/placeholder files, as all the files haven’t been evicted to iCloud. The only way that you’ll get placeholder/stubs files is when local files are evicted to iCloud to save space.
  Howard.
  
  LikeLike
  - 18
    
    Peter Hopcroft on June 27, 2021 at 3:22 am
    
    Thank you, and Joey Jay.
    
    LikeLiked by 1 person
19

Joey Jay on June 26, 2021 at 10:37 pm

Important article, thank you.

When it comes to backup, there is no such thing as “over the top.”

I would like to recommend that you further diversify your backups. Manually backing up to iCloud is not a good way to recover if you lose your entire house to fire. I recommend a very good online backup service called Backblaze. It runs automatically and backs up an unlimited amount of data to their cloud, fully encrypted if you wish. I am puzzled as to why Apple doesn’t offer iCloud Backup for macOS as it does with iOS. It would also be nice to be able to use Time Machine on iOS to run local backups of those devices.

I believe it is essential to store full APFS backups in a secondary location. If you don’t have a relative or friend’s house locally to do this, I found a simple and effective solution. Find a backup buddy, preferable in another state. Every week you mail each other a backup drive. When you get yours back, update it and mail it out again in a week. Keep 2 in constant rotation and you will always have a drive floating around out there, coming back to you like a boomerang of relief should you suffer a catastrophic loss.

LikeLiked by 1 person
- 20
  
  hoakley on June 26, 2021 at 10:44 pm
  
  Thank you.
  Although some users have found Backblaze excellent, others haven’t had the same success, so I avoid endorsing any specific cloud provider.
  Off-site backups are usually a very important part of a backup policy. However, they also raise questions of data protection and privacy. This is why every Mac user needs to assess their risks, develop a backup policy to address them, implement it soundly, and then check that it all works. Skip any step, or invest in a single service instead of spreading your risk, and you’ll some day regret it.
  Howard.
  
  LikeLiked by 1 person
  - 21
    
    Joey Jay on June 26, 2021 at 10:49 pm
    
    Agreed! Lost 5 years of work on a curated ripped music collection when I carry-on bag fell over with a drive in it. When I got back home to recover from a backup drive, a freak static electricity discharge caused the entire drive to fail mechanically and no service was able to recover anything from it.
    
    As for security, I would advise anyone take the obvious and easy step of turn owning on FileVault encryption for both Time Machine and manual APFS back-ups.
    
    LikeLiked by 1 person
22

bwillius on June 27, 2021 at 3:06 am

Ouch. Multiple backups are a must have. I’m using TimeMachine, Carbon Copy Cloner and Acronis.

I had TimeMachine take days for a backup. SuperDuper (which I used before CCC) failed to do backups.

Online backups are hard. Crashplan at some point simply stopped with the backup. Support told me that I had too many files. Backblaze wanted to tell me what I could back up or not. When I needed to restore some data from Arq the last backup was 9 days old. And Acronis isn’t totally reliable either.

iCloud is a joke and not a backup.

I now get daily emails from CCC and hourly emails from Acronis to check that the backup is done.

LikeLiked by 2 people
- 23
  
  Dakotamoons on June 27, 2021 at 1:47 pm
  
  Also using multiple backup hardware, software, and off-site storage. Time Machine, CCC, and Synology for my NAS. My Synology off-site backups are extremely fast, and immediately available. A possible option if you happen to be running a Synology NAS.
  
  LikeLiked by 1 person
  - 24
    
    Dakotamoons on June 27, 2021 at 1:49 pm
    
    Sorry, I keep hitting the Return key too soon. My question to you was, after testing various off-site backup vendors have you found any that you can recommend? TIA, John
    
    LikeLiked by 1 person
    - 25
      
      hoakley on June 27, 2021 at 3:39 pm
      
      One of the big issues that cloud services don’t like to talk about is support for extended attributes (xattrs). Some do, most don’t. Back up to a destination which doesn’t support them fully and when you restore a lot of metadata has been irretrievably lost.
      Howard.
      
      LikeLike
- 26
  
  hoakley on June 27, 2021 at 3:36 pm
  
  Thank you.
  As a matter of interest, to investigate rumours of the unreliability of iCloud, I have a long-term experiment running with almost 100 files kept in iCloud, whose integrity I verify periodically. None of them has changed in around 2 years, and all remain completely intact.
  It’s certainly not suitable for substantial backups, but for keeping critically important documents it’s cheap, readily accessible, and convenient to use from any part of the world. Except maybe China.
  Howard.
  
  LikeLike
27

Dakotamoons on June 27, 2021 at 12:54 pm

I would like to address one specific issue touched on briefly, but not in detail re ” You must work out a coherent backup policy derived from a risk assessment, and if you don’t you will lose important data, whether or not it’s connected to your Mac at the time.”

RANSOMEWARE.

I’ve implemented the fundamental 3-2-1 strategy, x10, on steroids, fully automated, using various brands and formats with external storage with CCC and Synology’s Hyperbackups, additionally “rotating” the target drives as needed. BUT, to go even one step further I’ve perfected a system of using digital electronic timers to power on and power off a few extra external drives to mimmic physically un-cabling them, as simply ejecting or unmounting will not remove most external storage from the terminal command diskutil list and thereby can be easily mounted and encrypted.

LikeLiked by 1 person
- 28
  
  Dakotamoons on June 27, 2021 at 1:05 pm
  
  . . . . sorry, I hit the “Return” key too soon.
  
  As I was saying, I’ve set up external spinning hard drives that run on 120v power supplies that are attached to electronic timers. Both CCC and Synology’s HyperBacup have the ability to “eject” the target automatically after completing the backup task.
  
  So, the timer for the external drive(s) is set to be normally powered “off” so that it can not be detected.
  
  The timer’s start time turns on the power to the drive which then automatically mounts the drive. Then the backup software runs the backup task. Then, as the final action of the task, the drive is properly ejected.
  
  Because the drive has been properly ejected, then the timer cut the power (at an estimated time period after starting, say an hour, or however long the backup normally would take plus a little extra) drive, thus achieving the same goal as “manually” ejecting and uncabling the drive.
  
  This way if a ransomeware attack is successful and seeks out all connected storage on you LAN it won’t find these hidden drives, yet, the backup process remains fully automated. The key takeaway point here is that the process is fully automated. As we all know, the weakest link is almost always the human.
  
  Of course, I’m still running Synology’s C2 Business Cloud off-site nightly backups over a VPN connection.
  
  LikeLiked by 2 people
  - 29
    
    bwillius on June 27, 2021 at 2:10 pm
    
    Well, I kicked Crashplan and Arq to the curb. I’m still using Acronis which should also protect me from ransomeware. As long as I do daily checks that the emails come I should be fine.
    
    LikeLiked by 2 people
    - 30
      
      Dakotamoons on June 27, 2021 at 2:23 pm
      
      I’ve looked everywhere on Acronis’ web site for small office and business accounts, but no mention of the ability to copy from any “external” storage. Any idea if this feature even exists? I don’t see it. TIA, John
      
      LikeLiked by 1 person
  - 31
    
    Joey Jay on June 27, 2021 at 3:12 pm
    
    Your creative use of timers to power drives on and off is brilliant, but I’d be concerned that one of these days a backup doesn’t finish as soon as you’d expect, resulting in a power loss during a write sequence… potentially destroying the entire partition table of the drive.
    
    LikeLiked by 1 person
- 32
  
  hoakley on June 27, 2021 at 3:32 pm
  
  Thank you.
  Obviously, it’s up to everyone to make their own risk assessment, but currently I’d rate the risk of ransomware on recent versions of macOS, particularly Big Sur, as so close to zero that it can’t be distinguished.
  It’s quite a few years since the last attempt at macOS ransomware, and that was a pretty miserable failure. Since then Apple has gone leaps and bounds in terms of securing the system, to the point where, in Big Sur, it’s almost inconceivable that the system can be tampered with in any way. Furthermore, the internal disks of T2 and M1 Macs have a secure controller which performs its own encryption and decryption. Making ransomware for Big Sur is not easy, so the financial returns would need to be great, and assured.
  The pattern of ransomware attacks on other systems has also changed. Gone are the many attacks on ordinary users, which were never going to be commercially successful. Instead, attacks are now made on corporate systems, particularly those controlling utilities and the like. As hardly Macs are used in such environments, the chances of an attack on macOS now look vanishingly small.
  That could all change, but by any risk assessment the likelihood of natural disaster such as fire, flood, etc. is very much greater, and theft perhaps greatest of all, depending on where the Mac is.
  Howard.
  
  LikeLike
33

Joey Jay on June 27, 2021 at 3:16 pm

No comprehensive discussion about BACKUPS would be complete without mentioning RESTORES.

If you suffer a complete data loss, good luck trying to get back up and running quickly if your only resource is to download all your data from an online backup service. In my case, that would literally take MONTHS.

I’d advise only choosing a backup service that offers to send you actual drives containing a copy of all your data (encrypted of course) as part of their service. Some even allow you to SEND them your data the same way so the initial backup doesn’t have to take place online… typically a very lengthy process.

LikeLiked by 2 people
- 34
  
  Dakotamoons on June 27, 2021 at 3:28 pm
  
  WORDS TO LIVE BY. So true. I’m just to the point now of doing some trial restore testing just for this exact reason. Joey Jay is not exaggerating when he mentions ” In my case, that would literally take MONTHS.” I completely concur. As such, myself included, need to get that time frame WAY down to a week or a few days.
  
  I have a fairly good backup plan in place that should provide the pieces I’ll need to set up a new machine even if the victim of a successful ransomware attack. A little outdated, but here’s secure link to one of my servers to a spreadsheet I made up as a reminder checklist to keep track of all the carious storage and backup schemes:
  
  Any suggestions gratefully appreciated.
  
  All the best, John
  
  LikeLiked by 2 people
  - 35
    
    Joey Jay on June 27, 2021 at 3:52 pm
    
    John, this is an incredibly comprehensive backup plan and well-documented.
    
    Due to the size of my total dataset, 80TB+, and my use-case scenarios (speedy access to data for video editing) I use a different strategy.
    
    I have a Synology NAS as you do. I have several Mac workstations around the house and also in another house out of state.
    
    I need local data drives directly attached to each workstation for performance reasons, otherwise I would store all data over the network on my NAS. But that’s way too slow.
    
    So I use Time Machine to back up all the workstation drives to the Synology NAS. I then use Backblaze’s app in Synology NAS to back up the entire NAS to their cloud. This is a business-level service, pricier than their desktop backup service. In essence, this allows me to back up my accumulated Time Machine backups to the cloud… a backup of backups.
    
    My local workstation storage uses Other World Computing’s PCI-E Thunderbolt 3 expansion chassis to house a U.2 shuttle containing four 8TB NVME memory sticks. So I get 32TB in one little shuttle that I can move between computers. The performance of this setup is several times faster than even the internal SSD provided by Apple in their M1 Macs… which is why I boot macOS from these shuttles as well.
    
    To offer even more redundancy, I set up the Synology NAS systems in the two separate locations to SYNC WITH EACH OTHER over the Internet. What this provides for is two copies of the Time Machine backups at both locations… from both locations. This way I have speedy local access to redundant Time Machine backups in two locations. If one location goes up in flames, I know I have a full copy in the other location at all times. If BOTH locations go up in flames (national power grid attack, asteroid impact, foreign adversary hack of network infrastructure, Sunstorm) I have the Backblaze backup as a final defense. (Hopefully they have a data center with offline redundancy and a minimum of 3” thick concrete walls at a high elevation far from any major fault lines.)
    
    LikeLiked by 2 people
    - 36
      
      hoakley on June 27, 2021 at 10:38 pm
      
      Thank you.
      Howard.
      
      LikeLike
    - 37
      
      Dakotamoons on June 28, 2021 at 12:56 pm
      
      Outstanding strategy Joey Jay! Wow. Very well thought out. I think I’ll implement something similar as I have the capacity on my NAS in terms of including it in my Time Machine rotation. Anything odd that I need to deal with here? I currently have just one SSD for each desktop connected to Time Machine, and never let TM run automatically, rather I’ll initiate a TM run manually every few days or so. TIA, John
      
      LikeLiked by 1 person
    - 38
      
      Joey Jay on June 28, 2021 at 2:49 pm
      
      The best feature of Time Machine is that it’s built into macOS already on every system AND that it runs automatically. The weakest link in a backup chain is the human. You don’t want to lose data because your backup didn’t run when you: forgot, fell ill, had to travel without notice, or got hit by an unforeseen event toward the end of an idle cycle. You’re already automating your drive power on and off, so this seems like a no-brainer.
      
      As you probably know, Time Machine backups use their own file system organized into a special container, and not all NAS setups will support it. Thankfully, Synology does, and there are specific settings in the Control Panel that allow it to work properly.
      
      Then there is Internet and local Intranet traffic you may want to take a look at. I have been tinkering with a variety of various Internet connections and local Ethernet hardware at both locations. The Intranets all run on Ubiquity’s UniFi system. Their equipment is state-of-the-art and is used in small businesses to manage networks. You get a nice big graphical interface of every node, every device, every router, every switch, every access point in a nice, detailed control panel.
      
      I have been experimenting with several Internet connections at both locations… multihoming (combining more than one Internet connection together) is proving a challenge. Ubiquiti routers can do this, but devices can get confused if their packets are coming in from different parts of the world at once. The Hulu app on Apple TVs, for example, won’t work for security reasons when it senses this. So I’m going to have to set up manual routing tables for it. Other issues come up because of speed discrepancies. When you combine HughesNet satellite Internet (very slow) with Frontier Fiber (very fast) the router tries to distribute packets evenly between them and ends up waiting for the slower source. So I’m tinkering with only allowing the satellite connection to be used when the other connections are down. I also have AT&T DSL and SpaceX’s new satellite service in lower orbit, Starlink. I am probably going to use the DSL line as a separate network to CONTROL the main network. So if the main network goes down, I can get in on the DSL line and reset power to anything individually using HomeKit power switches.
      
      Keep an eye on your bandwidth. Time Machine can suck it up, especially if running on multiple machines at once. The Synology NAS when syncing Time Machine files over the Internet also sucks bandwidth, especially if your backups are encrypted. Because Synology can’t see inside those files, it will want to sync the entire thing anytime a small change is made. So those sync actions need to be limited as to when they run and for how long.
      
      Who said designing and managing a backup strategy couldn’t be fun?
      
      LikeLiked by 2 people
    - 39
      
      hoakley on June 28, 2021 at 8:32 pm
      
      Thank you.
      I’m fascinated to hear that some NAS don’t support the sparsebundles used by network TM. I can’t imagine how that can’t work – as far as the local file system is concerned, the sparsebundle is just a couple of fairly plain files and a folder containing a large number of band files. How could any NAS not cope with that?
      (And which can’t – so I can steer well clear of them!)
      Howard.
      
      LikeLike
    - 40
      
      Joey Jay on June 28, 2021 at 9:08 pm
      
      The requirements for NAS support of Time Machine are here:
      
      https://developer.apple.com/library/archive/releasenotes/NetworkingInternetWeb/Time_Machine_SMB_Spec/index.html
      
      The “advertising with Bonjour” part is what some NAS devices don’t bother to do, since that’s a macOS feature and most of the world is Windows.
      
      Regarding retention of Time Machine backups, I guess I feel misled by the statement in Time Machine options that says, “The oldest backups are deleted when your disk becomes full.”
      
      LikeLiked by 1 person
    - 41
      
      hoakley on June 28, 2021 at 10:04 pm
      
      I’m sorry, I must have misunderstood when you wrote: “Time Machine backups use their own file system organized into a special container, and not all NAS setups will support it”.
      I thought the “it” referred to the special container, which is a sparsebundle. Yes, there are some SMB and networking foibles, and some NAS apparently still don’t support SMB to Mac at all, which I find a little surprising, given how long AFP has been deprecated.
      Howard.
      
      LikeLike
    - 42
      
      hoakley on June 28, 2021 at 8:35 pm
      
      I’m concerned that you’re running TM manually “every few days or so”. TM was never designed to do that: it’s optimised to make small backups at hourly intervals. If used to make very large backups infrequently, it won’t perform at all well.
      Howard.
      
      LikeLiked by 1 person
- 43
  
  hoakley on June 27, 2021 at 3:41 pm
  
  Thank you – and not just mentioning restores, but practising them every once in a while. Even if you can’t attempt a full restore, performing periodic tests in which you restore files and folders from each of your backups is essential.
  Howard.
  
  LikeLiked by 2 people
  - 44
    
    Dakotamoons on June 27, 2021 at 3:44 pm
    
    Again, a big “Yes” on the practicing. Same as with a bootable clone, but more involved. No one ever thinks anything will ever happen to them. ……until it does.
    
    LikeLiked by 1 person
45

Dakotamoons on June 28, 2021 at 3:36 pm

Reply to Joey Jay (the “reply” link is missing for some reason, so this reply may fall outside of your post, sorry).

Again, a huge thank you for the in depth details of your setup. Very compelling.

Re the Time Machine settings, I guess it’s really a pet peeve of mine in general (going back decades now) to turn of all “auto-backups” in decades-old apps that would simply “overwrite” a live file, of course just at the wrong moment causing you to loose a valid file. I then got in the habit of versioning my own file backups by simply versioning them with a suffix such as _0022, _0023, _0024, etc., manually. I suppose that’s where my now counter-productive habits, and your reminder, that I probably should let Time Machine go ahead and run automatically 24/7/365 as there always will be the one or two times per year I might need a tiny piece of something only minutes old.

After now feeling as confidant about my security and backups as I need to, the one lingering culprit remains, although I believe I’ve outsmarted it. Ransomeware. The key here is kind of the opposite of frequent backups that are not versioned or accessible, i.e., physically air-gapped. I think I’m almost there now, but really love hearing how others strategize in general and thank you for taking the time and effort to post your detailed reports. Much appreciated.

LikeLiked by 1 person
- 46
  
  Joey Jay on June 28, 2021 at 8:29 pm
  
  Another great thing about Time Machine is that the backups are INCREMENTAL and stay that way until you fill up your backup drive. This means you can recover any file you want no matter when you deleted it, provided you can go “back in time” far enough to get it from your Time Machine backup. So no worries there. Time Machine will only delete a backup when you configure it to do so based on your disk capacity. That’s what’s great about using a Synology NAS for backup. Massive amounts of storage. RAIDed against hardware failure. Backed up to the cloud for redundancy. Hard to go wrong. Ransomware can only encrypt what it can see. But that means everything on your machine and everything connected to your network, including your NAS. That’s another reason cloud backup is an essential component to any strategy. The problem with iCloud is the iCloud Drive is mounted on your desktop and appears as just another drive. Ransomware can easily see and target everything on it.
  
  LikeLiked by 2 people
  - 47
    
    hoakley on June 28, 2021 at 8:39 pm
    
    Forgive me: Time Machine does weed backups more aggressively than you state, even when there’s no pressure on space. It keeps hourly backups for a few days, then progressively thins them to one a week, and so on down to one a month in the more distant past. That’s normal behaviour, and part of its routine housekeeping performed with every new backup.
    Howard.
    
    LikeLiked by 1 person
  - 48
    
    Dakotamoons on June 29, 2021 at 12:24 pm
    
    Yes, ” Ransomware can only encrypt what it can see. But that means everything on your machine and everything connected to your network, including your NAS. That’s another reason cloud backup is an essential component to any strategy.”
    
    EXACTLY. Thus the importance of “isolated” external storage, or, as you mention off-site backups, etc. This is so important and often overlooked.
    
    I know I mentioned this before, but simply ejecting or unmounting connected external storage will not remove it from the diskutil list terminal command which can then simply load and encrypt. You must AIR GAP to truly isolate. I use timers to automate all of this, in addition to even more manual redundant backus.
    
    LikeLiked by 1 person
    - 49
      
      hoakley on June 29, 2021 at 7:21 pm
      
      Well, ransomware can only encrypt what it can write to, which is a bit tougher than just being able to see something. If it only has read access, then it’s stuffed.
      Howard.
      
      LikeLiked by 1 person
  - 50
    
    Dakotamoons on June 30, 2021 at 2:25 pm
    
    Re Joey Jay, sorry, my replies don’t always fall within the hierarchy.
    
    Have you tried the “Enter Time Machine” process to test what’s actually on your TM NAS connection to see what’s there? And can you maneuver around the NAS TM files the same way you can on local non-NAS storage? I wonder about possible conflicts or any sort? Your plan is tempting. Just curious how long you’ve been including your NAS in the TM rotation scheme, days, weeks, months, etc.?
    
    LikeLiked by 1 person
    - 51
      
      Joey Jay on June 30, 2021 at 2:58 pm
      
      This site is good enough to deserve true bulletin board software written in PHP instead of the default (and very rudimentary) WordPress comments system. I hope Howard is planning on making the jump!
      
      I must admit that I have only rarely used the Time Machine restore interface, as I mostly have used those backups to restore an entire system to a different machine. On the occasions I have used it, when I accidentally deleted things, it has saved my ass. It works slower over a network, obviously. There are many network backup options available if that (and usability) are your primary concerns. CarbonCopyCloner is highly regarded and I use it occasionally.
      
      LikeLiked by 2 people
    - 52
      
      hoakley on June 30, 2021 at 4:47 pm
      
      Thank you.
      This is a blog where you’re most welcome to discuss matters of relevance. I spent many years moderating discussion and bulletin boards, including those on Compuserve. Never again!
      Howard.
      
      LikeLike
53

Michael Tsai - Blog - Remote Wiping of WD My Book Live Drives on June 29, 2021 at 7:44 pm

[…] Howard Oakley: […]

LikeLike