If you want to know more about the people behind your backup, there is no better place to start than with Matthew Dornquast, Code42's CEO. Matthew spent some time earlier this year tackling questions from visitors to Lifehacker.com. As one might expect from a guy who geeks out about backup like nobody’s business, there are some really compelling answers here.
So jump in and prepare to learn more about backup than ever; below are excerpts from the interview.
Question: (abeyer) So you're saying we should back up stuff to a cloud because you own a cloud back up service? Now what protects my data on your servers and have you ever been hacked (company wise, not you couldn't care less about the latter)? Dropbox has been hacked, iCloud and others. What's your history and is there a way to corroborate it, since of course the CEO is going to have nothing but glowing reviews of his own product.
Matthew Dornquast: Great question. Actually, think of us as the "your cloud" company. And believe it or not, I'm happy to talk about shortcomings of our product too. Let's keep it real.
Since the very beginning (2007), CrashPlan has given you the option to exclusively store your data only in places you control or have access to; another computer you own, an attached hard drive, or a remote computer (e.g., office, friend, neighbor.)
The idea was you don't have to trust us.
This idea has served us well, and approximately 40% of our users do just that: say "You know what, thanks, but I'll build my own cloud."
The public cloud we offer (and charge for) is there as a convenience, if you decide to trust us. Now when you use our cloud, you don't have to trust us "that much" - the cryptography key that's used is something you can maintain strict control over. This means there is no way to access the data even if we're hacked.
I believe the best systems are built assuming failure. We built CrashPlan with that in mind. We assume failure at all levels, including security.
And if you do decide to use our cloud, I still personally recommend you maintain onsite backups or near offsite. That's why we provide multi-destination capabilities. E.g., back up to a local machine, one offsite, and to our cloud. That's triple protection, and I'm starting to feel a bit better about your data security.
Thing I wish our product did better: Bandwidth controls. It bugs me the user has to configure how much bandwidth is used. We should be adjusting that automatically for you - asking you to set it is lame.
Question: (sonofdad) Crashplan seems kind of resource-heavy compared to Jungledisk, which I also use. Also, I don't know why it needs to spend hours and hours backing up every time I change my file selection (don't know if I'm doing something wrong there). Any plans to improve on these things? Otherwise, it's a great service - thank you.
Matthew Dornquast: We do a lot more compression and de-duplication on end points than most products. However, the resources it uses are idle or free resources only. What I mean is, if your CPU or drive is needed for something you're doing, it does that first, not us. So while it uses resources, it shouldn't slow you down.
Changing file selection is something that requires an initial scan (only once) - but it wont actually back up everything again - it's only analyzing files to see what's new and unique. So it doesn't "do it over." You're safe there.
The one area we could improve upon in terms of resources is amount of memory needed on your computer to do the job for really large backup sets. We've addressed this in our next release; it's much, much better!
Question: (Jason S) Matthew — Crashplan's windows client software is a work of art. You guys have done a fantastic job packing substantial functionality into a simple, clear, highly usable interface. Somebody in your design or UI group deserves a bonus. That said, I have no interest in putting my data in your cloud (it's slow... privacy concerns... etc.). I would love to use Crashplan for local backups, but cannot get my head around paying $429/every 4 years just to "rent" your software when I'm not putting one byte in your cloud. Any plans to offer some sort of one-time software purchase for the folks who only want local backup?
Matthew Dornquast: Hi Jason,
We do offer that, actually: it's free.
This allows you to build your own private cloud. Only issue with this is a few advanced features are gone, and backups occur automatically only once per 24 hour period. Still, not too bad.
Question: (UppalS) Is there any plan for crashplan to also make bootable copies?
Matthew Dornquast: Not at this time. Bootable is useful, but can be problematic, too. The old "clean install" vs. "upgrade install" argument. For now, we're focused on applications and data—how can we do this better (while keeping costs down). We're the only ones I know of that provide you the ability to keep deleted files forever… along with thousands of versions of a given file… that's our main focus. Really protect that data… boot record…not a priority at this time. (Great products out there that do this for free.) Snap an image, back up the day-to-day with CrashPlan.
Question: (Peter) I've noticed that the encryption Crashplan uses is Blowfish. Any particular reason for this choice instead of AES? Most services seem to use AES nowadays. I don't know if one is better than the other, but I am curious about why you made this choice.
Matthew Dornquast: CrashPlan has been protecting information for a really long time. When we built it, Blowfish was faster, and AES wasn't a standard. We are using AES here and there in the communications protocol, but for consumers, it's still Blowfish. Expect us to change that over then next year or so. It's worth noting that Blowfish is still faster in most cases (if you exclude hardware acceleration found in some architectures) and has no known vulnerabilities. So we're able to encrypt faster/using less power than AES.
Question: (jclarkness) When businesses back up their data, do you think it is better to back up individual files or image the machine?
Matthew Dornquast: Great question. Data first, image second. The problem with images is they are cumbersome to restore—high availability is key. When your business (laptop) is down, getting to a few core files quickly is critical. Later, images can serve. So both are good; files if you get to chose only one.
Another challenge with images: They don't necessarily "boot" across various hardware platforms. (E.g., Device A's image won't work on Device B.)
Question: (lhunter) I've been using CrashPlan for about 4 months now and for the most part it seems to be the right balance system resource use and convenience. Unfortunately, I did have a hard drive crash, and even though CrashPlan had reported a 100% complete backup, there were many files that don't exist on the backup that I had. Fortunately, I have a local backup as well, but I'm feeling a little squeamish now that things aren't getting backup up that I thought were. Has anyone reported this problem in the past? And is my worry justified?
Matthew Dornquast: Yes, people report this - but when we dig in usually it's a gotcha. Backup sets priority, inclusions, exclusions, etc. The platform is super stable and hasn't had any known data issues for some time. I recommend you reach out to support if you're confident they should have been there - there are things we can check on our end to help out.
Question: (jklap) Due to the prevalence of transitioning from personally storing data to cloud storage, is it a legitimate concern that eventually the corporations will hold your data hostage and force you to pay to download your own files? This is the reason I feel it is important to keep my music, movies & pictures on my own computers in order to not rely 100% on cloud storage.
Matthew Dornquast: I totally agree. A huge part of storage is security and control. I don't think any product out there has "mastered" either as it relates to public cloud. That's the cool thing about tech, ship early, learn, adjust.
That's why we provide the capability to build your own private cloud—where you have complete control of the devices, keys, etc. No trust is required beyond trusting our software to not steal your personal data and forward it to us.
We believe in giving folks a choice: Public cloud storage? Private? Both? Why should we force you into our model? It's interesting to watch what people choose.
Private cloud utilization for consumers has been on a slight decline, but ~40% of our consumer installed base still builds private clouds… so you're not alone in asking this question. The trend has been towards public however… I expect we'll hit 80 (public)/20 (private) within the next 3 years.
Question: (JordanColburn) I just signed up for a free CrashPlan trial but I'm not sure it fits my needs well. It seems to work great for simple files like my music library, documents and photos, but my wife is a videographer and we deal with adding 10s to 100s of GBs of video every few weeks for large projects. We'd like to be able to have backups of these over the long haul, but is CrashPlan ideal for this use-case?
Matthew Dornquast: Heck yeah! Look, the largest paid user we have for our product has a whopping 44TB of data stored in our cloud. Yes, we lose money on that person. It's ok; I trust they're recommending us. At a minimum, it gives us bragging rights to show that we're REALLY UNLIMITED. Right?
Now, we were the first to offer cloud seeding and restore to your door.
So if you don't have enough bandwidth to do the up front upload, buy a seed and load us up with 2-4 TB (depends on compression/de-dupe), and continue differentially from there.
Since we have no limits, you might want to get Comcast or FIOS if it's available so uploads are faster.
You can do your own seeding, too. Back up to a locally attached storage array, move the array to remote office/friend, and backups will continue offsite automatically. For FREE if you want. :-)
Question: (linuxkid) So, how much of your infrastructure is based on free software? How much have you released as free software?
Matthew Dornquast: How much is difficult to quantify. We have a fully disclosed list of products used on our support wiki, and how we use them. We give back to the open source community in many ways: Patches, enhancements, employee time, and even cold hard cash.
After reviewing the list I mentioned above, I'm not sure if you'd say that was a little or a lot. My personal opinion is "not that much" - but I could see it argued the other way too; e.g., lines of code vs. value it provides.
We look forward to providing even more code / solutions to the open source community. My favorite way to give, however, is cash; it helps the project grow in the most "fair" way possible.
Question: (cloudedandconfused) So what's your take on online cloud storage with everyone seeming to get into the game? Who's doing it right or better than others and is security and someone stealing my data I'm storing out there on the cloud a real risk?
Matthew Dornquast: Competition is a good thing - also validating. We've been in the business of storing data for folks since 2007. I'm actually a huge fan of private and hybrid cloud storage. Private in that it can be stored on your own devices, no reason to trust us (our free product allows you to do this), and hybrid — where you can classify data as public (store in public cloud) or private (store in your cloud only). With that bias, I think we're doing an awesome job; I think companies that only allow their systems to be used are a bit selfish.
Question: (AndreAguiar) Any plans to offer up headless clients for NAS devices (such as a Drobo) and/or Raspberry Pi type devices? I strongly believe the #1 killer feature of Crashplan is to offer off site backup options to friends/family for free. Having the ability to throw Crashplan on a small footprint device and stick it in family members closet would be ideal (along with a Webgui to remotely monitor that client).
Matthew Dornquast: I personally own (and love) a Drobo. Raspberry Pi rocks.
Folks are doing this already - on a wide variety of devices. Some day we may officially throw our hat in and support a device, but for now, we like the community efforts and work to support them.
Question: (Greg) Long time listener, first time caller! And, I just bought a paid Crashplan account a few weeks ago.
How do you see tech advancements and innovation improving the backup industry? What will Crashplan look like in three to five years? Cheaper - $1/mo for unlimited? Faster?
Matthew Dornquast: It would be really cool if prices could drop, so far we see data increasing (in some cases out-pacing) at a rate faster than storage prices are dropping. So that's unlikely… which means we'll have to focus on features! We have folks voting on features in our forums - we watch that closely. I expect you'll see us tackling most of those over the next 3-5 years, so head on over; vote up your favorites!
Question: (Slots66) I use CrashPlan PRO and generally I like it a lot.
I had to reinstall windows and I wanted to do a fresh backup of the user directory, but it is taking days to do a 110 GB backup. Can I speed it up?
Matthew Dornquast: If it's the same data, you want to do the "Adopt computer" story. This allows you to have your new install attached to your old install's backup data. Saves a ton of time. There are steps to do this by hand you can follow - reach out to email@example.com (live chat is awesome) and they can walk you through the details. So the good news is you don't have to send it over again!
Question: (radruton) I have been using Crashplan for a few months now and my upload speeds seem to vary greatly. When I first started using the service I was getting .5mbps but it eventually got fixed and was then running at 4mbps. Currently I am only getting half of my upload speed at 2mbps. I have gone through all the speed up crashplan settings and haven't changed anything since I was getting 4 mbps. This is the only complaint I have with the service since its unlimited and works with Linux
Matthew Dornquast: Speed is something we're always looking to improve. One thing we could do a better job at is communicating realtime speed vs. effective.
Question: (justgregit84) This is more a feature request than anything else, but I would really appreciate if there was a way you could bundle CrashPlan for users who dualboot. I run OSX and Windows8 on the same computer, and really wished there were a better way to backup both drives, even though its the same computer. I am going to admit I maybe circumvent the system a little bit by running it on OSX and having that also backup the backups of my Windows drive, but would enjoy if there was a way to consider a dual booting computer as a single computer in subscription terms.
I realize this is probably technically not feasible, but I imagine I am one of many people who dual boots and would enjoy this ability. Regardless, I absolutely love the product, and think its still a terrific value. Thanks!
Matthew Dornquast: Hey thanks! My recommendation is to install it twice on each "OS." Buy our Family Plan or use our free product on the volume you use less.
Question: (mpcheung) Any plans for Crashplan to run natively on FreeNAS? I'm using the unsupported workaround to backup my FreeNAS system as a Windows mapped drive. It'd be great to not have an extra system running when backing up.
Matthew Dornquast: Yes - people have us there already. Google crashplan freenas. Lots of data.
Comment: (smorgasborg) I'm going to sign up for a plan using that service because computers are finicky beasts. You think you can plan for every contingency and then a stray piece of dust shorts out your power supply. That was NOT a fun day, let me tell you. Time to move to encrypted cloud backup!
Matthew Dornquast: Thank you!