Backups

1.1 Restic

Windows, macOS, Linux.

*Choose this if… You don’t have a compelling reason to choose something else and don’t mind some effort in setting up the software.

It took me a while to decide Restic was a contender because its marketing is limp. However, a helpful ycombinator post explains some upsides and points out how simple it is. It looks to be a sharp and simple tool. I like those. It’s also easy to install and minimal, which I find refreshing.

1.2 BorgBackup

*Choose this if… You are backing up to a local drive or your own SSH box rather than a cloud bucket, and want mature, fast, deduplicating encrypted backups.

Linux and macOS (on Windows only via WSL). BorgBackup is Restic’s main rival, and the live successor to the discontinued Attic. It deduplicates, compresses and encrypts, and is solid for pushing to a local disk or a server we control over SSH. Against Restic it lacks native cloud-storage backends, so we bolt on rclone or a host like BorgBase, and each machine wants its own repository. Borg 2.0 is in beta; the 1.2/1.4 line is the current stable one.

1.3 Tarsnap

*Choose this if… You want to spend no effort at all on setup but would still like a reputably paranoid service at a competitive price.

Linux, macOS, BSD, etc. tarsnap is another unixy one. The client source code is public (although not open) but not the server code. Comes with a server for USD0.25/GB/month:

Tarsnap is a secure, efficient online backup service…

Tarsnap runs on UNIX-like operating systems (BSD, Linux, macOS X, Cygwin, etc)

NB all its data is stored in the USA, which is… probably ok security-wise, if you trust their encryption design and server implementation and such? But also it means we can’t reduce bandwidth costs by using a local server, and it possibly exposes us to the wacky US legal system shutting things down if they decide to suddenly classify something we’re doing as fishy.

1.4 Duplicity

*Choose this if… You want a simple no-frills backup system for macOS or Linux. This is the default backup system of Ubuntu, so it might already be running.

Duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.

Development has since moved to GitLab, which is more current than the old nongnu.org page; it is still shipping releases. It comes with a friendly front-end called Déjà Dup. For advanced usage, you might want to use duplicity directly. There are many how-tos which are less opaque than the manual, e.g. by Daniel Hynk.

1.5 duplicati

Choose this if… You want paranoid backup that also works on Windows natively, possibly at the cost of being tedious on other platforms. Windows, macOS, Linux.

Duplicati works with standard protocols like FTP, SSH, WebDAV as well as popular services like Microsoft OneDrive, Amazon Cloud Drive / S3, Google Drive, box.com, Mega, hubiC and many others.

Features:

• Backup files and folders with strong AES-256 encryption. Save space with incremental backups and data deduplication.
• Run backups on any machine through the web-based interface or via command line interface.
• Duplicati has a built-in scheduler and auto-updater.

The full list of backends is lengthy. Looks OK but it has hefty installation requirements, being built on .NET, and I got bored trying to install .NET on macOS so this project fizzled out.

2.1 Portable spinning drives suck

I have been running a rotation of 5TB external mini HDDs — mostly Western Digital — and they have been abysmal. These should be good for backups — slow but reliable and cheap. They spontaneously disconnect and corrupt data. This persists across maybe four or five drives over a couple of years, and across four laptops (Apple and Linux), so it is not one bad unit or one bad machine. Sometimes the cable dies. A third-party reputable brand-name USB-C cable seems to help a little (in fact the USB-A connectors they come with often seem to not work at all?). Often they end up in a state where they appear to mount but cannot be read or formatted. I tried rotating through different file systems on the Mac. I have tried HFS+, APFS and NTFS; NTFS held on longest but needed fiddly macOS drivers and was slow.

AFAICT this is because spinning rust magnetic drives are soft-deprecated. A 5TB bus-powered spinning drive sits at the limit of what USB can feed it — a USB 3 port budgets only 900mA / 4.5W, barely enough at spin-up — so it browns out and drops the connection leading to all kinds of weird corruption. The flimsy USB 3.0 Micro-B plug, chosen for cheapness over robustness, and firmware that naps the disk probably do not help. As such, I have not been unlucky so much as buying the same flawed product on repeat.

Mitigations proposed by strangers on the internet include:

• A mains-powered USB hub between the Mac and the drive, so the disk gets its own stable power feed rather than coaxing juice out of the laptop’s port budget.
• Disable disk sleep: sudo pmset -a disksleep 0 as per WD’s documentation plus turn off Power Nap and “put hard disks to sleep when possible”.
• Pick the filesystem for backups, not compatibility: APFS for a Mac-only drive (it journals and tracks ownership; exFAT does neither and corrupts more readily), exFAT only for shuttling files to Windows, NTFS via Paragon’s driver. None of them survives a power loss mid-write regardless.
• Replace the cable before it dies, and keep a spare. Internet lore decrees that the micro USB 3.0 connectors are suspect.

2.2 SSDs are too expensive

SSDs would solve most of this: abandon spinning portable drives entirely for an SSD with a USB-C port on the drive itself and there are no moving parts, no power starvation, and no cursed Micro-B socket to fail. SSDs are smaller. 5TB portable SSDs barely exist as a consumer item, but 4TB does. The move is either a sealed 4TB unit (Samsung T9, SanDisk Extreme, Crucial) or a DIY build: a bare 4TB M.2 NVMe drive in a USB-C enclosure. Either way, brand matters — just on different axes, and cheap is not the same as no-name. For the bare SSD it is the flash memory inside (the “NAND”) and the chip that manages it (the “controller”). The flash comes in grades by how many bits are crammed into each cell: TLC (three bits) is the sensible-quality tier; QLC (four bits) is cheaper, denser, and worse at holding data — so you want a reputable TLC drive, not a suspiciously cheap QLC one of dubious provenance. For the enclosure it is the bridge chipset and build: a flaky bridge causes exactly the dropouts and corruption I am trying to escape, so go with a known brand (UGREEN, OWC, Sabrent) over the cheapest Temu box. What does not matter for backups is speed: a USB 3.2 Gen 2 enclosure at 10Gbps is plenty, no need to pay for a 40Gbps Thunderbolt one, since reliability and power behaviour are what count here and raw throughput is not.

One caveat for third-party SSDs on macOS: USB SSDs only get TRIM if the vendor ships a driver, which affects long-term health — see TRIM and SSDs. And one specific to cold storage: SSDs hold data as charge that leaks when unpowered, and the JEDEC retention spec for client drives is only 52 weeks at 30°C — worse for QLC than TLC-flavoured drives, so check which you have. So a shelved backup SSD wants TLC NAND and a reminder to plug it in every few months to refresh the charge.

The catch is money. A 4TB SSD runs ~$1000 right now, thanks to the memory-price armageddon — AI datacentre demand has pushed SSD prices to oxygen-deprived altitudes. For a few months in 2025 the same drive cost less than a third of that, so maybe it will again some day, but for now cursed spinning drives are all I can afford.