The Backup Sulks: FileSlinger™ Backup Reminder 06-29-07

I have at least half a dozen possible backup topics sitting in my “Backup Info” Outlook folder, from an ill-considered attempt to enact a law requiring backups of RAM to the role backup tapes play in litigation to Chris Pirillo’s video about backing up onto your home network, not to mention Samsung’s hybrid drive, a drive bay called Drobo, and a software product called DriveClone. (I managed to get as far as downloading the demo, but haven’t tried it yet.) Not to mention the Great Outlook Backup Mystery Case a friend presented while I was on vacation, which I do intend to write about sometime, really.

The problem is, I don’t much feel like writing about any of them today.

Part of the reason for this case of the Backup Sulks is the fact that I’ve reached the moment of truth with my X drive. While it performed flawlessly through my entire vacation, it’s acting up now. I’m not sure whether it’s the drive itself or only the connectors in the case, but I’ve managed to rule out problems with my USB hub, FireWire cable, and the like. I tried connecting it various ways and couldn’t get it to stay in communication with the computer through a normal file backup run no matter what I did.

Looking at my Event Viewer for Wednesday, I see not just the sbp2port errors I’ve gotten occasionally since I first bought the disk (disconnecting and reconnecting usually fixed it), and the ntfs “delayed write failed” error that I get if the connection cuts out in the middle of a file operation, there’s a whole raft of ugly “disk” errors reading “An error was detected on device \Device\Harddisk2\D during a paging operation.”

Except—just to make this really alarming—Harddisk2\D is not my many-years-old and now widely-traveled external hard drive. It’s my second internal hard drive, and that makes it scarcely over a year old. (A year and a half, maybe; I got the computer in March 2006, but as it was the floor model, it was probably in the store for a few months before I bought it.)

Excuse me while I go run a disk-checking operation…

You can just about read War and Peace during a CHKDSK operation (don’t you love these old DOS names?), but at least the news was good: my D drive appears to be fine. It’s possible the errors came up because of attempts to copy my Outlook archive files from the D drive (where they normally live) to the X drive.

So, to resume the story of the X drive, once I realized I wasn’t going to be able to count on it, I edited my Replicator jobs so that they’d copy my data from the C and D drives over to the Z drive (that’s my personal partition on the Maxtor Shared Storage II network drive) instead of the X drive, and then ran the copy. Since I only have a 100-Megabit router, network copy is slower than copy by FireWire or USB 2.0 hi-speed, but it’s still pretty fast. (Will there ever be a USB 3.0? It’s been years now.)

The real down side to substituting Z for X is that since I have to log in to my Z drive, my shortcut to Replicator in the Startup folder isn’t all that useful. I can probably go into my Maxtor settings somewhere and arrange to log in automatically. After all, there isn’t that great a likelihood of someone coming in here and breaking into that partition through my laptop. Meanwhile, it’s not that much work to run Replicator manually after I’ve logged into the Z drive.

But I still need a portable external drive, and that means research and shopping. I started looking around to see what’s getting good reviews. The Ur-Guru has used several Western Digital Passport drives and just bought the new 160 GB model a few days ago. He particularly liked the shiny black exterior—until he realized it’s a fingerprint magnet.

It’s a serious possibility. There’s also a comparable 160 GB drive from Seagate, the FreeAgent Go. It’s also black, and comparably priced. Where the WD Passport comes with a synchronization program and Google Pack, the FreeAgent has something on it called Ceedo that essentially serves the same purpose as U3 on a USB stick. (You can buy Ceedo on its own and install it on any drive.) There’s also a real-time sync program.

So it wouldn’t seem there’s much to choose between the two drives. C|net’s reviewers give the WD a 7.0 out of 10 and the Seagate a 7.5, both respectable scores. They cost about the same amount (roughly half what I paid for my X drive four years ago, when 80 GB was the absolute upper limit on 2.5” drive capacity). The main difference I can see is that the Western Digital comes with a 3-year warranty and the Seagate with a 5-year warranty.

Stay tuned for my purchasing decision and its results, which should at least bring me out of the sulks.

Back Up Your Passwords: FileSlinger™ Backup Reminder 06-22-07

After reading last week’s backup reminder, Mike Van Horn wrote in to ask (or complain) about passwords:

Groan.

Passwords. Maybe this is a future topic for you, because it's closely related to backing up.

Why don't you poll your readers: How do people remember their passwords? Let alone user names.

If you do as the experts say, and use regularly changing random strings of characters, how can you possibly remember them? I can't. I have trouble typing them in correctly even if I'm looking at them -- esp. if as I type it produces only a string of little black balls on the monitor.

User names are just as bad, because there are so many different format rules: Just type in your name. All lower case. No spaces. 8 characters max. My name is already taken, so I have to add a few numbers.

For several years, I had one password and I used it for everything.

Then I came up with different passwords for each thing. I kept a list of the service, my user name, and the password I chose. I taped this list to my monitor, but it keeps getting longer and longer. And I'm still never changing them. This list is at the office, so if I need a password when using my home computer, I can't remember it.

Then I sign up for some new service or blog or whatever, write that new user name and password on a scrap of paper, then lose it before it gets added to the "master list." I've stopped using a number of internet services because I lost the password and it's just too much hassle to retrieve it.

Now I've entered my list into my computer, so it's accessible and editable any place I can get to my files. (No, hackers, it's not in a file named "Passwords.") But of course the computer must be on—and working, and it must be accessed from one of my computers.

I'm surely not the only password dunderhead.

How do others handle all this?

Passwords certainly qualify as critical data you don’t want to lose, though many websites will let you re-set them if you can answer a security question. Taping a list of passwords onto your computer monitor is certainly not the most secure way to store them.

Not only is using the same password for everything not a good idea, it just isn’t possible, for the reasons Mike outlined: different sites have different rules about what constitutes an acceptable password.

I do have a handful of passwords I can remember which I use for more than one thing, but remembering which password I’ve used for which site can be a challenge.

For years I’ve used a very basic, simple password storage program called “Password Prompter.” How basic? I first got it when I was using Windows 95. You enter a password to open the program, then create entries for your different logins and passwords. I just have Karen’s Replicator copy the whole directory in order to back it up.

There are dozens of password storage utilities out there. Some of them are even free. Access Manager Professional lets you back up your passwords to two separate locations, simultaneously. KeePass is a sophisticated open-source program which uses strong encryption, requires no installation, imports from other programs, and fits on a USB stick.

And speaking of USB sticks, I went out and bought a U3 flash drive so I could learn more about it. (You may remember that I mentioned this a few weeks ago.) I’ve been playing with it while writing this. There are actually a few different password management programs available for U3. I opted for the free SignUpShield, but I’m thinking I may just copy my trusty Password Prompter (which, like KeePass, requires no installation and takes up very little space) onto the memory stick instead. It will save re-entering passwords.

There are also backup programs for U3. The one I installed is called “Disk Hero.” And guess what it asks for as soon as you start it? Yes, a password. Once you enter that and an e-mail address, it sets up an account for you online and gives you options for what to back up. You can back up your whole U3 drive, just your data, or even files from the “guest PC” (the machine the U3 drive is connected to). The U3 version of the program comes with 2 GB free storage—more space than is on my U3 drive.

The point of having a U3 drive is to be able to duplicate the experience of working on your own computer by having your programs, contacts, etc with you. You can just about automate that by paying for the Migo software, but there are plenty of free programs which will let you store contacts and bookmarks and check your mail.

Given that there’s so much sensitive data on a U3 drive, it’s a good thing you can password-protect it! Use a strong password as the main key to the drive. That means nothing you can find in the dictionary: include numbers and characters like #, -, *.

I like to use Mycenaean Greek as a source for passwords, because Linear B is transliterated with hyphens between symbols. Even if you take the hyphens out, the spelling isn’t quite the same as for Classical or Modern Greek, and not very many people know Greek to begin with, so the likelihood anyone will guess these passwords is small.

Failing knowledge of obscure languages, you can use a password generator to give you a complex, random password. Then set yourself to memorize it.

Feel free to share your favorite password-management tips in the comments.

Hacking Your Backups: FileSlinger™ Backup Reminder 06-15-07

So here I am on vacation with my family (10 adults and 3 children, including me), dutifully connecting my X drive and letting Karen’s Replicator copy my files onto it every time I start the computer. Mozy tells me it last backed up my files 54 minutes ago, and SyncBack has continued to replicate everything important onto my D drive whenever the machine is idle (which is fairly often, since I am on vacation).

My father, my brother, and my cousin Jason also brought their laptops; it’s a good thing there’s Wireless-N in the house. (The less-good thing is that the cable connection is inexplicably sloooooowww.) There’s also a house desktop computer—which experienced a rather spectacular crash of a kind I hadn’t seen the day before yesterday. My cousin Amanda summoned me to rescue her when it happened. After several restarts, including one in safe mode, it booted normally, but I never did know what caused the problem. I don’t think any of the machine’s installation disks are here, either; or, at least, they were nowhere in sight.

I asked my brother how his homemade NAS box was working. He said “Fine, as far as I know.” He hasn’t had to restore anything from it, and mostly seems to ignore it. Which is what we all want to be able to do with our backups, though it’s not necessarily advisable.

In an interesting quirk of timing, my Google alerts found several references to the hazards of online backup at the same time my FileSlinger™ website went down. It appears that my hosting company, iPowerWeb, was hacked. The site came back up eventually, but with a blank home page. When I logged in to the control panel, I was prompted to change my password—again. I’d been using the same randomly-generated password for years and never been asked to change it before until a couple of weeks ago. (The service I use to send this e-zine, on the other hand, prompts me for a new password every month, which is a real pain in the anatomy and leads to using weaker passwords because they’re easier to remember.)

Once I’d done that and logged in, I found a strange thing in my public_html folder: first, an index.html file of 0K (meaning there was nothing in it, hence the blank page I was seeing when I entered the site address), and then a file called index.html.MAL_CODE.html.

“WTF?” I said to the Ur-Guru, who responded “Your site has been hacked.”

I then sent a message to iPowerWeb support asking whether my site had been hacked, and their response (change all your passwords immediately) strongly suggested that the answer was “Yes.”

So. I changed my passwords again, and then went over to Blogger to change it there so I could publish the blog. The Backup Blog appears not to have been touched, and the whole Author-izer subdomain was fine, too. As for the MAL_CODE file, it appears perfectly normal; I can’t see any difference between the code for that file and the HTML in the file I uploaded from my hard drive to replace the blank index.html file.

In any case, it’s a good reminder of why you need to have a copy of your website files on your hard drive. (It was also a reminder that there are some pages on the site which I haven’t finished updating, though in fact the whole site needs another major overhaul. Having a website is like having a lawn: it requires constant maintenance.)

Attacks on web hosts are one reason not to assume that everything you store online is safe. Sure, it has the advantage of being offsite and likely to remain safe if something happens to your computer at home (or, more likely, when you’re traveling with it). But that doesn’t mean they’re invulnerable.

Most popular online services are only a few years old, and there’s no telling whether the companies behind them will last. Some services become so popular that the computers running them break down under the strain of trying to handle so many demands. (That’s been happening to DreamHost, a popular low-cost, high-bandwidth web hosting company, which can’t keep up with its own growth.) And, of course, the more popular something is, the more attacks will be directed against it. (That’s why there are so many more Windows than Mac viruses.)

Back in March of 2006, blogger Jeremy Zawodny described anyone who relied on free beta services like Gmail for backup and didn’t keep more than one copy of crucial data as a (pardon his English) “dipshit.”

This seems a trifle harsh to me, but it’s true that blindly trusting someone else, even a large and theoretically reliable company like Google, Yahoo, or Hotmail/Microsoft to protect your critical data can be dangerous. It’s terrific that you can back up your data offsite for free using any number of services. Doing that is certainly better than not backing up at all.

But don’t think that having an online backup absolves you of the responsibility to make local backups. And don’t believe that your data is safe because it’s online instead of on your hard drive. The servers used by Flickr, Google, and the like are almost certainly physically safer than your own computer, locked into their cages in data centers bristling with fire protection and keycard security, but they can be hacked, and they’re just as vulnerable to drive failures as you are at home. And there’s no guarantee that they’re keeping backup copies of your data, so you need to do it yourself.

Further reading:
Tecosystems: Outsourcing your backup, or not?
Ian Murdock: Dipsh*ts Like Me
Gmail Horror Story

A Vacation from Backups? Not So Fast! FileSlinger™ Backup Reminder 06-08-07

I’m getting on a noon flight to the East Coast for the biennial Goetsch family vacation. This has made the past couple of days a bit crazed, and yesterday was particularly overwhelming. I had to finish a client project first thing in the morning, then go out to take care of a few things that absolutely had to be done before I left, then come back for two back-to-back phone conferences with clients, and then go out to work for a client on-site until dinnertime.

So I didn’t get a chance to write this reminder yesterday. I might have managed to squeeze it in there somewhere, but I was too distracted to think about what to say. I considered just pointing you over to the lengthy discussion of a hapless consultant’s attempts to retrieve hundreds of lost photos from a friend’s machine at ComputerWorld, but I kept getting interrupted when I tried to read it.

The Ur-Guru suggested I should write something entertaining, in honor of the impending vacation, such as “Ten Reasons Not to Back Up.” I was much too stressed out to attempt to be funny (not something I’m all that good at under the best of conditions), but he gave me a start:

1. If your office or home gets raided by what passes for some kind of enforcement these days, no incriminating evidence will be found.
2. Saving money on storage media like CD's and DVD's.
3. Some hacker probably has made a backup of all your important data anyway and you usually can buy it for a small fee which would balance out with the cost otherwise incurred by the backup process.
4. Never again have to say "the backups were unreadable". Since there were no backups, they can't be unreadable either. Save yourself the frustration.
5. Backing up is for people who prefer not to move forward.

You get the idea. :-)

But, as it happens, I did get presented with a backup-related situation. Good timing as far as this Reminder is concerned, if not so great otherwise. Indeed, it pointed out the real disadvantage of storing files on a friend’s computer as a backup method, particularly if you have to go get them in person.

I have a friend who is about to move out of the place she’s renting and put everything in storage for a little while. That includes her computer. She asked me to store her files for safekeeping. Since she mostly has Word docs and a couple of photos, and I have this big network drive, I said “Sure.”

On Wednesday she handed me a borrowed memory stick; I brought it home and copied the files onto my Z drive. This took all of about 5 minutes and was no problem. Later she came and picked up the memory stick so she could return it to the person she’d borrowed it from.

Yesterday I came home with ten minutes before my first phone conference and found two agitated messages on my answering machine. It was my friend, on her way to buy a memory stick of her own, wanting to know “how many megabytes it should be.”

So I called her back and said “512.” Not that it would hurt to have a bigger one, but she’s on a limited budget and she only had about 140 MB of files.

I then unplugged my phone, grabbed my headset, and dialed into my phone conference with Skype. (Among other things, it’s easier to record that way, and since I have a memory like a steel sieve, sometimes I need to go over and check on what we said.) We were about 20 minutes into it when my doorbell rang.

It was my friend, memory stick in hand—well, in package. I was not feeling very sociable, and of course I missed the most interesting topic of the entire business meeting when I went to answer the door. (Good thing I have that recording.) But when else was she going to do it? I’m about to leave town for a week, after all, and she’s moving today.

So after I put the headset back on, I sliced the new memory stick out of its package and stuck it into a free USB port. It turned out to be a U3 memory stick, so it had to go through a few extra hoops during the course of the Add New Hardware routine—which appeared at one point to think that it was a CD-ROM drive.

It kept asking me if I wanted to install the U3 software, and I kept refusing. It’s not my computer that the thing needs to emulate. Eventually it stopped asking and I was able to drag my friend’s files from the Z drive onto the memory stick. That only took about five minutes—during which the quality of my Skype connection notably declined, which you’d think I might have expected since it’s a network drive and using the same ethernet connection that ties me to the Internet.

Then I had to figure out how to eject the thing, because it didn’t show up in the usual “Safely Remove Hardware” dialogue. Of course, if I’d been less distracted, I might have noticed the large red “Eject” button in the U3 window sooner.

My friend asked me about U3, which the clerk at the store had recommended. I’d read about it sometime back, but my current memory stick doesn’t have U3 capacity, and I couldn’t remember very much about it. The idea is to put software (and things like bookmarks) on the memory stick, as well as your documents; you can find out more about it on the U3 website. But for me, since it was now past the time I was supposed to meet a client on WebEx, the idea was to get my friend out the door as fast as possible.

Now it’s time to get myself out the door. That means disconnecting and packing Enna, and disconnecting and packing my X drive. (I’ve already packed the webcam which will let the Ur-Guru join us on vacation.) I’ll only be down one backup method, since I should still be able to do my online backups, and of course the second internal drive travels with the computer. The network drive is definitely staying home.

The End of the Drive as We Know It? FileSlinger™ Backup Reminder 06-01-07

I’ve written more than a few columns about hard drive failures. The hard drive is one of the most vulnerable points on your computer (though perhaps less vulnerable than your power connector, if you have a laptop). Most of the internal workings of a computer are solid state: they have no moving parts. But hard drives not only have moving parts, they move terrifyingly fast.

The interior of a hard disk always reminds me of an old-fashioned record player—except that the fastest a record spins is 78 RPMs, and the average 3.5” (desktop-sized) hard disk spins at 7200 RPMs. Your car would be redlining if it reached that speed. I know manual transmissions are almost as rare as vinyl albums these days, but it’s just possible some of you have seen an analog tachometer before. If the car’s crankshaft is turning at 7200 RPMs, you’re going to burn out your engine.

If you think about it in those terms, it’s no surprise that hard drives wear out—especially since the arm on a hard disk doesn’t touch the platters at all—or, at least, it had better not, or the result will be a lot worse than dragging the needle across a record and leaving a scratch. Take it from me, high-speed accidents are not pretty.

Despite their fragility, hard drives have been our best option for data storage so far—at least when we need to read, write, and retrieve data quickly. Imagine how slow it would be if you had a tape drive inside your computer and had to rewind it in order to get to a document you’d saved yesterday. And tape is just as vulnerable to the problem of moving parts, at least if you’re re-using it on a regular basis.

Now, however, it looks as though flash drives are poised to replace hard drives. Almost everyone seems to own at least one gadget that relies on flash memory: a digital camera, a USB memory stick, an MP3 player. Flash memory requires no moving parts, and you can drop a flash drive without catastrophic consequences. (My cousin’s first-generation iPod Shuffle actually survived a trip through the washer and dryer none the worse for wear, which amazes me.)

The first time I wrote about flash memory, back in October of 2004, it was still pretty unreliable. The built-in memory in a PDA was prone to “flash” out of existence if the device was left uncharged. Even as memory sticks became more reliable, and larger, they still suffered from a limitation on the number of times they could be overwritten. That problem has been largely overcome, leaving the proportionately higher cost of flash memory the last real barrier to replacing hard drives with flash drives.

I’d been reading about this for a while, but it was still all theoretical. In his last “Technology and You” column for BusinessWeek, Steve Wildstrom actually test-drove a flash-based laptop from Dell. (Well, okay, he test-drove it first and then wrote the column, unlike some of us, who write our reviews in the middle of checking out the product.) His conclusions were interesting:

First, the flash drive is noticeably faster for reading and writing, particularly when it comes to lots of small files. When I heard that (I was listening to the podcast version), I thought immediately of PT and his Maxtor Shared Storage woes. A large flash drive sounds like it could be the solution to storage problems involving zillions of tiny files, which clog networks and transfer at a glacial pace.

Second, a move away from hard drives could mean a substantial change in the design of laptops, which will no longer need to make space for a traditional 2.5” (or even 1.8”) drive. Though, on second thought, I’m not sure how substantial it can be and still accommodate a keyboard, a screen, and an optical drive. I guess we’ll just have to find out.

Third, flash memory requires less power and produces less heat than a magnetic drive. That means longer battery life for your laptop. (It’s also a lot quieter.)

Fourth—and this is the bad news—Dell’s surcharge for providing a flash-based drive instead of a traditional hard drive is $500. You can buy a lot of hard drive for that kind of money.

So I think it will be a while yet before flash drives replace hard drives in most computers, even for the early-adopter types. Perhaps by the time I next buy a new laptop (which I envision as being at least two years from now), flash drives will be more common. But it’s going to take much longer before flash drives dominate enterprises or educational institutions, neither of which replaces anything until it breaks. And I have no idea whether you could create RAID storage with flash drives, or whether flash memory would be feasible for a server.

In any case, even if we do reach an era where drive failure is almost unheard-of, it won’t mean an end to the need for backups. The most common cause of data loss is human error, and that’s not likely to change just because of hardware improvements. Nor will flash drives do anything to keep out viruses or spyware, or to prevent your system from crashing at an inconvenient moment. So don’t think you’re about to be let off the hook!