A Comparison of Cloud Storage Options > For Online Backup...

For Online Backup...

CrashPlan has good features, but they use some proprietary encryption and refuse to publish its specs to allow 3rd parties to examine its quality.
They also REQUIRE connection to their servers, even if you do local or friend-to-friend backup. So if for whatever reason their servers go down or you don't have internet access, you will never be able to recover your backups.
--
[Sig removed by Administrator: signature can not exceed 20GB]

How are Blowfish and AES proprietary? I am not sure of any others that support any linux flavors...

...and how are you planning on backing up your data to backblaze or Amazon when you have no internet connectivity?

Read some more details of what exactly they are encrypting with blowfish and aes.
And just because they say they use blowfish or aes, doesn't mean they use it properly. Just read »www.elcomsoft.com/download/BH-EU-2012-WP.pdf as an example of password managers that don't properly use standard encryption algorithms.
CrashPlan refuses to publish their specs, so the best you can hope for is "Trust us, we are secure".

What part of "They also REQUIRE connection to their servers, even if you do local backup" did you miss?
--
[Sig removed by Administrator: signature can not exceed 20GB]

Ok. So, I am sorry where do I find the exact tech spec of BackBlaze's Security process?

eh that link is irrelevant of CrashPlan as there's no remote mention of it.

»datasafemag.com/top-10-online-ba···ankings/

BTW -- did you mention BackBlaze support Solaris and Linux cause it does not.

I don't give a fuck about what Blackblaze does.
We are talking about CrashPlan here.
A few month ago I contacted CrashPlan support. Request #141900
I asked them:

If I setup an offsite/peer-to-peer/friend only backup and for whatever reason your servers are not available, what's going to happen to my backups? What about situation when I setup private encryption key?

You would not be able to process a backup or restore without being able to communicate with the servers, we do this as a security checksum. If we were to go out of business, or discontinue the software for any reason (which is unlikely) then we would remove that requirement from the software.

So I must be able to communicate with your servers even when I do local backups/restore? I am worried about some situation during a catastrophic failure/outage that I need to recover my data without internet connectivity.

Yes, you do need a connection to the internet to backup or restore any files with the software, even if it is a local backup.

What functionality/tools/proof do you have that you are doing what you claim you are doing? How can I confirm to myself that you are encrypting my data only with my private key and there's nothing going on such as you don't include your own key in there?

While we do not furnish any direct "proof" you can test those scenarios on your own. If you use the data key encryption and someone tries to use the wrong key to access your data from a remote system, it will wipe the archive.

I'm not so much worried that somebody will try to use wrong private key to access my data, but rather than you are encrypting my data with my private key and not your key to which you have access.
I'm looking for a technical analysis similar to what was done with LastPass here »blog.tinisles.com/2010/01/should···ass-com/

props on that... now, with all that in mind, how do you presume, Cisco, Google and others trust them enough to use crashplan as their solution?

I question that claim that Cisco, Google and others trust them a whole company.
I wouldn't be surprised if it was just a single purchase for a single license for personal use or just for a sake of completeness of during evaluation process.
I can claim my website is "used by Google" if I see just 1 hit from Google's IP.
We don't know and they don't say specifics of how it's used at Cisco or Google. Maybe they back up their spam folders and don't care about privacy or integrity of that data.
--
[Sig removed by Administrator: signature can not exceed 20GB]