this post was submitted on 22 Nov 2023
1 points (100.0% liked)

Data Hoarder

24 readers
1 users here now

We are digital librarians. Among us are represented the various reasons to keep data -- legal requirements, competitive requirements, uncertainty of permanence of cloud services, distaste for transmitting your data externally (e.g. government or corporate espionage), cultural and familial archivists, internet collapse preppers, and people who do it themselves so they're sure it's done right. Everyone has their reasons for curating the data they have decided to keep (either forever or For A Damn Long Time (tm) ). Along the way we have sought out like-minded individuals to exchange strategies, war stories, and cautionary tales of failures.

founded 10 months ago
MODERATORS
[email protected]
1
Simple Encryption Solution for Safe Deposit Box Backup (alien.top)
submitted 10 months ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
 

I want to store my file backups offsite, but not in the cloud since I am not comfortable storing certain personal and financial information in the cloud. I've decided to use an existing safe deposit box to store a hard drive that I will back up every few months. I do not need to back it up often because the data I am storing would not change very often.

What concerns me is the possibility that the contents of the safe deposit box will be lost/stolen, so I would like to implement some form of encryption. I am only recreationally good with computers/technology, so this is one of the areas where I am not knowledgeable.

A few relative notes:

  • I would need something that I can do myself fairly easily, because I am new to it. But more importantly, it needs to be something my spouse (who is not great with technology) would be able to decrypt in the event I am not able to.
  • I do not back up entire computers, only files/folders.
  • I do not want to over-encrypt, but I am not sure a password protected folder or .dmg is sufficient.
  • I have a Mac (I really don't know if this is relevant nowadays, but thought I would mention)

Any help would be appreciated! Thanks!

top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 10 months ago

I have had APFS + encryption fail me once, where I wound up losing all data on the drive completely. It was just a copy of data so it wasn't a major loss, but it was something that concerned me.

As others have said, the simplest way is to just use APFS + encryption, copy the files, call it done.

However, what I do is format the external drive with ExFAT, and use Borg Backup with encryption. This ensures that I can pull the data off the drive, regardless of the data being on a Mac, Windows (with WSL2), or Linux. Borg Backup is an open source utility, and has a lot of presence, so it won't be going away anytime soon. The nice thing about Borg Backup is its deduplication, so if you back up a folder twice, the space used will be minimal.

Another idea is to use Cryptomator. This works on Linux, Mac, and Windows, and you create a vault (which is a folder with encrypted contents), mount that, and from there, copy your files into that. The nice thing about this method is that it works on all platforms (assuming you used ExFAT for the filesystem), and provides solid security.

If just Mac-only, the simplest will be using encryption with APFS, but making sure you have multiple copies on multiple drives, just in case.