WIRED:Unencrypted backups preserve valuable data at the risk of exposing it to malicious uses, writes DANNY O'BRIEN
BITS AND bytes vary in their price about as much as stocks and shares. Somewhere on this hard drive, for instance, I have a gigabyte or so of an iTunes movie that I don’t like much, but which cost me €5. If that disappeared in some mysterious filing accident, I supposed I’d be down a fiver: but I wouldn’t miss it, and I could always download it again.
On the other hand, I also have a few megabytes of pictures of my first-born as a baby; a fraction of the size but irreplaceable for me.
The music lover’s digital music archives could cost thousands of euro to recover, and what of valuable financial documents? Years of irreplaceable contact information? My appalling unfinished novel?
You can’t insure that range of subjective prices. So, instead of insurance, we have back-ups. Well, in theory we do. I know that I only started taking seriously the idea of backups the second – or perhaps the third – time I lost almost everything in a hard-drive crash.
I have on several times grimly counselled friends through retrieving their data, or else coming to terms with its loss. One time I remember finally advising someone to spend close to €500 on a data recovery company, rather than continue to go through the tailspin of anguish she was putting herself through. It felt very Pet Sematary, muttering “okay, I think I know this guy who might be able to bring your beloved cat back to life”, but it worked.
Once bitten, thrice copied. I now have not only my local backup, but a remote backup somewhere on the net, and another hidden in my office.
I’ve also learned the deeper lesson; never assume that your backups are actually working. It took a close shave, for instance, to discover that my remote backup wasn’t actually there (my account had expired and the reminder had gone to an old e-mail address).
I don’t go to the same extremes as a colleague, who would annually trash his hard-drive and restore from his backup, just to prove to himself (and mentally ensure) that he could. But I do drop in and peer around in the backups to see that my most important files are there.
Of course, the real problem that is emerging for me is that my most important files have another quality: they’re my most private files, too. I don’t mind you seeing my music collection (though the music industry might balk at you downloading it). But those one-off financial files are confidential and precious.
If you think about it, it makes perfect sense for that combination to belong together. If a file is private, there’s only going to be one copy of it. And if there’s only one copy of it, the chances are that it’s valuable – and highly vulnerable to being lost or deleted.
The more I copy that file, the safer it is from loss, but less private it potentially becomes. Keep one copy of, say, that dreadful novel on my laptop, and I’d probably notice if someone came by and snuck a look. With a copy on a USB drive at my office, another at home, and another on someone’s remote backup service online goodness knows where, I’m less sure that that data is confidential.
The answer to this challenge is, and always has been, straightforward: strong encryption. Encryption means that a stranger can only look at my files if they get hold of my backups and a copy of my decryption key.
Unfortunately, encryption is not used as much in backup as it really should be. I’ve yet to see a cheap, commercially available backup service that works on all the platforms I use, and securely encrypts my data.
In the end, I had to construct my own encrypted backup system – and, as anyone who builds either backup infrastructure or works in cryptography will confirm, you really don’t want enthusiastic amateur novelists working on this kind of thing.
The reason encryption isn’t just a baked-in option for backup systems like MacOS’s Time Machine, or Windows’ built-in backup, is because Apple and Microsoft understand that, for now at least, the last thing people want or expect when they’re restoring a lost file is a password prompt. But data security is important. And the more we entrust our confidential, and precious, memories and thoughts to our computers and other digital devices, the more we’ll realise this.
Most of us have now gone through enough bust hard-drives, broken motherboards, and soggy mobile phones to learn the importance of backing up data.
My suspicion is that we’re going to spend the next decade of the digital era learning the next lesson: that unencrypted backups preserve our valuable data at the risk of exposing it to malicious uses.
The irony is, just like backups themselves, you don’t really appreciate the protection of encryption until it’s too late.
Ask all those companies (and governments) who have leaked private, confidential information from mislaying a few backup disks here and there.
And ask yourself, when you next make your backup, whether a password prompt or two would really be too high a price to pay for your privacy.