Both Mozy and BB allow you to create your own key based on a password. Mozy is dead to me though, I've been loyal to BB for a long time and they continue to be transparent with their communications. I have a more recent blog post relating to leaving Mozy.

@nomad
TC is an interesting approach. You must have excellent discipline to keep only those files you would wish to archive in that TC file volume

I use Amazon S3. There are several functional free clients for Android that place nicely on the motorola (throttled) firmware [mmm class action], or throttlefree roms. There are some free 'doze clients that provide an FTP interface to S3.. or rely completely on XUL for cross platform. Amazon has a long history of pouring money into something until it works. These other l*feh*cker sanctioned services are in retrospect fly-by-night bandits.

@mike

client side encryption with BB appears promising: http://blog.backblaze.com/2008/11/12/how-to-make-strong-encryption-easy-to-use/

But can I avail myself of my symmetric 40 megabit/s fios connection fully?

.

hmmm

"We generate a new 2048-bit RSA public/private key pair when our client is installed, store the public key on the local disk and transmit the private key to our datacenter via https. Then, for each backup session, we generate a new random 128-bit AES symmetric key which we use to encrypt the user’s data. "

How nice of them to store my private key for me on their gear? I must trust them loads? And they generate and keep my symmetric key for me.. thanks?

.

"We destroy the unencrypted 128-bit AES key at the end of each backup session and never write it to disk."

And that makes the trust model better how?

.

"But for some users this is not good enough and we allow the user to secure this file with their own password. When this is done it is impossible to access the data without the user’s password. "

Oh how nice. Then I /merely/ need provide my key "safely" over https to their datacenter for it to apply my key there and then "safely" be destroyed.

So safe!!?

Explain how that is client side encryption?

The /data/ they receive from me must NEVER be /information/.

]SH[

Actually, now I use Backblaze - it's kind of the same concept as Mozy, except it's upload and download are -way- faster.

The biggest thing that bugs me is it backs up everything (besides a select few system areas) by default. You have to make a blacklist of what you don't want. I like Mozy in the sense of you flag what you DO want. I submitted a request for them to make it a feature for a whitelist vs. blacklist approach, but who knows. Their philosophy is "set it and forget it"

I have successfully downloaded 60+ gigs of content back from their servers too, and it was about as fast (if I recall) as my connection would allow. Everything with Mozy included their upload to their servers seemed slow.

I actually have an idea for a local filename obfuscation system with links setup based on file type and metadata (much like an iPod does) - however I don't know filesystem mechanics good enough and trying to get a PHP-driven WebDAV server was a failure. Symlinks off a UNIX-based filesystem works great, but needs proper garbage collection for dead links. That's my most promising idea yet. The hard copies of the files would be named in a generic format and then it doesn't matter if the service encrypts the filenames or not.

You need TrueCrypt, SyncToy, and a Mozy account. Create a TrueCrypt file bigger than what you need for backup. For instance, my critical files are about 250MB, so I created a TrueCrypt file of 400MB. Write a little script, using the command line capabilities of both SyncToy and TrueCrypt to open the encrypted storage, mount it as a drive, do your backup to it, then unmount it. Now use Mozy to backup the encrypted file. Here's the script I used.

First, I run the SyncToy profile "Dellbert Data" - an unencrypted 'echo' backup
Then, I mount the encrypted Backup.tc file onto the U: drive
Then I run the SyncToy profile "Dellbert Encrypted", an 'echo' backup to the encrypted file.
Then the encrypted file is unmounted.

All I have to do now is use Mozy to Backup.tc. Since Mozy uses block transfer, only the changed parts of the encrypted file are transferred over.

@echo off
echo .Backing up and Encrypting ...
"C:\Program Files\synctoy\SyncToy.exe" -R"Dellbert Data"
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /v c:\Backup.tc /lu /b /q
"C:\Program Files\synctoy\SyncToy.exe" -R"Dellbert Encrypted"
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q /du

If I recall I was told they were working on this. But I am trying to figure out where I saw that.