Crashplan: Nope

So I finally got around to trying out the Crashplan demo. While it looks promising in the long term, the current version has some minor problems and one major problem that rule it out. In ascending order of importance:

The first problem is that you can specify a file pattern not to backup, but you can’t simply select the folders you want to exclude. Thus you can exclude all your MP3 files but not just the ones in a particular folder. This is Windows thinking. On the Mac, file names don’t even have any guaranteed pattern. Even on Windows, though, it’s likely there’ll be certain temporary directories you’d like to completely exclude, regardless of their contents. Crashplan needs much more powerful inclusion and exclusion filters.

Update: I figured out how to do this one. It wasn’t immediately obvious, but it is possible to exclude and include individual folders.

The second, more serious problem, is that by default, the password you use for your backups is the same as your Crashplan Central account password, which presumably they have access to. You have to specify that you want a different data encryption password. Furthermore, where to do this is not obvious. Only an obsessive compulsive backup fanatic like myself would have gone through each and every preference pane, and thus found this option. Crashplan needs a third party security audit that worries about usage, not merely how many bits are in their encryption scheme.

But the real deal breaker is that there’s currently no support for backing up to a local hard drive. I seem to be able to backup to an external drive attached to my wife’s computer, but not to my own. That’s a pretty serious omission. Online backup is a good thing, but it’s only a backup for a good local backup. In 99%+ of scenarios restoring from a local drive will be much faster than restoring over the network. Network backup is only for the rare fire/theft scenario when all local devices are toast. They say they plan to add this, but until they have, Crashplan is not a feasible backup solution. I guess I could run Time Machine to backup locally, and Crashplan to backup remotely; but just how many daemons do I want doing repeated scans of my hard drive?

The next release of Crashplan will have the ability to directly to an attached drive. Crashplan+ customers who purchased after November 1, 2007 will get this feature as a free upgrade.

Possibly the Crashplan Pro version can handle this, but that’s a pretty serious upgrade. It seems to want a dedicated server, certainly costs more, and is way more complex. I’m not sure I want to go that far.

Update: The initial test backup to Crashplan Central won’t even complete before the trial period runs out. It’s currently scheduled to finish in a little over 31 days. Speakeasy rates my upload speed (unscientifically) as 2576kbps. To really use this for remote backup, I’d need to increase the speed by at least a couple of orders of magnitude. Hmm, looks like I have the sending rate limited to 300kbps. Let me bump that up to 2 Mbps and see how it goes. OK, the expected time is now about 5 days. Not great, but almost plausible. My hard drive spun up noticeably when I switched. I’ll have to check and see if I still have enough bandwidth left for the VOIP line. OK, looks like I do.

2 Responses to “Crashplan: Nope”

  1. Matthew Says:

    Hi, Thanks for writeup! Couple of thoughts / comments:

    1. Any way we could have made it more obvious than unchecking a folder for you? Not everyone approaches UI the same way, I’m curious what you thought of trying first that did not work when trying to block a certain folder from being backed up.

    2. We do not store your password, or know what it is. We use a secure hash SHA-1 + salt to avoid rainbox table issues. That being said, there is a very good reason why we default to using using the same password to lock your 448bit key: What if you forget your password. Sure, uber geeks like you and I have keystores and never forget our 16 byte hexadecimal keys – but average folks forget all the time. It’s unreasonable to say, “I’m sorry, but your lifes photos and music cannot be restored because you forget the password.” For many, a password is enough. For the rest of us – use a private key / data password. Changing that is done by clicking settings/security. Is there somewhere more obvious you feel it should be? We tried to put it up front and close.

    3. Direct to disk – it is coming soon. Our goal was to make something easy that nobody else has – automatic off-site backup. There are many on-site direct to disk solutions – recommend you use superduper or time machine – bot great. (PS: We don’t scan, we detect changes in real time!)

    Thanks again! Any feedback is much appreciated.

  2. Ben Says:

    I know this is over two years old, but I have to say this is one of the laziest, most unhelpful software writeups I’ve ever come across.

Leave a Reply