This week's donation went to a software developer named Colin Percival who also goes by "cperciva". He contributes to GhostBSD, FreeBSD, and Tarsnap among others. github.com/cperciva www.daemonology.net #ghostbsd #freebsd #github #foss #tarsnap

cperciva - Overview

new blog post: Reduce The Size Of Your Tarsnap Backups With This One Weird Trick (the trick is “pay attention to the size of your backups”) https://lucaswerkmeister.de/posts/2024/12/10/tarsnap-backup-size/

#tarsnap #backup

Here’s a small but useful shell function to analyze the size of tarsnap backups according to your current --exclude config without the overhead of creating and extracting the backups: https://github.com/lucaswerkmeister/home/blob/master/.bashrc.d/ncdu-tarsnap

#tarsnap #backup

@xerxespersrex nodds in agreement...

• Shit like #SSPL & #RSAL is IMHO even worse than #SourceAvailable as it's literally "#AssholeLicensing"...

At least most source available products like #Tarsnap are honest that they are not #OpenSource!

@shoppingtonz @indigo I mean, #FakeFLOSS is a problem...

• Because unlike say #SourceAvailable (i.e. #Tarsnap) where it's an act of #transparency, it's an actual act of #AssetDenial and hinderance to honest #FLOSS whilst also being more hostile than #CCSS...

After creating an account, almost a decade ago and depositing $5 of credit, I've finally started making use of Tarsnap - "Online backups for the truly paranoid".

Most of my stuff is either ephemeral, or simple enough to rebuild, but a few new things recently made me realise they would be a right pain in the backside to have to recreate so it's time I started getting things backed up properly.

Setup one machine this morning and got my first backup in place. I'll wait until tomorrow to make sure the overnight cron job also works and of course make sure I can recover the backups before I start celebrating.

Now, where did I put that @mwl book?

https://www.tarsnap.com/

#tarsnap #backup

@kasiandra ja, das ist allenfalls "#SourceAvailable", kein #OpenSourxe (vgl. #Tarsnap)...

@alterelefant @HauntedOwlbear nodds in agreement

• If you trust yourself and/or staff to properly make, test, verify, backroll and maintain 3-2-1 backups then #SelfHosting is the more efficient move.

That being said I do acknowledge the convenience that solutions like #Tarsnap deliver and I think @cperciva deserves the revenue he makes with this convenient, fully encrypted #backup solution that makes #AmazonGlacier easy to use...

https://www.tarsnap.com

• I just can't use it for legal reasons neither he nor anyone else can fix - not even #Amazon - as per #CloudAct.

Needless to say it did inspire me to consider trying my hand on building something similar but without being locked to Amazon:

• OFC I can't and won't look at tarsnap's code since it's only #SourceAvailable, not #FLOSS and I do want it to be different and not copyright infringement!

@carlwgeorge @vermaden @samurro @tara Well, that confirms you went #ReplyGuy on me in the most disingenious way possible, wasting everyones' time and patience in the process.

• Gues what: Good luck with that sales.pitch, cuz I'd rather give @ubuntu or @opensuse my money cuz that nonchalant attitude is insulting.

If you (or #RedHat / #IBM) don't want to support #OpenSource or anyone using anything they made for #RHEL without paying, then shure you can do that but then don't expect people to like you.

• #grsec already did that and I'm shure it resulted in 0 extra customers.

#CentOS was in fact a "gateway distro" and had Red Hat not axed it I would've convinced my (fmr.) boss to consider paying for an RHCSA, but alas I've invested time and effort migrating from CentOS to #UbuntuLTS and even negotiated commercial support from #Canonical instead, because they were more friendly and welcoming.

• Personally, I think that Red Hat should just be honest and just stop any #Linux contributions, instead try to upsell their customers to #zOS on z/Architecture #Mainframe|s instead cuz that was such a great business...

Even "Source Available" like #Tarsnap is better - espechally in #finance - because having actual #SourceCode available is a matter of #trust.

• And #transparency is the reason people choose #Linux over #Solaris and other #Unix-esque OSes.

But I'm not getting paid to prevent Red Hat from continuing to shoot itself in the foot...

• In fact, I'd love to short it into the ground!

https://infosec.space/@kkarhan/113065846313541796

#thxbye #next #EOD

@GrapheneOS It doesn't change the fact that #security requires #transparency and thus full access & reproduceability from source.

To give you a good example, source-available #Tarsnap demonstrates that stuff is truly securely encrypted by enabling #SelfCustody of keys and thus show they can't decrypt anything!

• You may call me paranoid, but having 'massive trust issues' saved not only my own life more often than I'd be able to disclose so you may see this as a 'survivorship bias', but we'll only see #MassSurveillance becoming impossible when people ain't just users of some big-ass platform that can be easily targeted once it becomes inconvenient for it's host nation, but actually push for #decentralization and #TechLiteracy.

"Just use A, B, C & D, E, F" is the real threat as it sugfests people a false sense if security.

• Just like a dresh #TechInspection doesn't prevent one to hose an engine due to lack of oil!

Collecting any #PII IS the illicit activity NO MATTER the excuse...

• You may choose ignorance but like with #LavaBit, #EncroChat & #ANØM I tend to turn out to be right all along.

Sooner or later the #Enshittification of #Signal will reach a point where you'd rethink and consider apologizing...

@GrapheneOS I think both apps are shit as *both #Telegram and @signalapp demand #PII in the form of #PhoneNumbers.

• #Signal at least has their #client's source code published so similar to like #Tarsnap it's more trustworthy by virtue of better #transparency...

OFC Telegram is (by my personal observation) almost exclusively being used by #Scammers and other #TechIlliterate criminals.

• Trusting Telegram is like trusting #EncroChat or #ANØM aka. #OperationIronside aka. #OperationTrøjanShield: It literally has #Govware #Backdoors because the #UAE of all plaves would've swatted their "HQ" if not forved #Durov at gunpoint to integrate it into it if it wasn't there...

@jo I usually recommend multiple backup strategies; one fast and convenient one, that works for the usual >99% of cases, and one that may be slow but provides additional robustness and resilience against malicious data destruction and site-wide emergencies like fire or floods. Take a look at combining your existing #tarsnap with #sanoid and #syncoid
https://github.com/jimsalterjrs/sanoid

I like Tarsnap for the simplicity, but it is _so slow_ to restore backups. I should really have a faster, alternate method. I'm kicking around zfs send/receive...

#freebsd #tarsnap

It took 10 years, but I have finally spent $1 of my initial $5 deposit at #tarsnap.

@Yuki @BrodieOnLinux As shit as RMS his, he's sadly right.

Needless to say, @cperciva will pretty much remind people that "#SourceAvailable" is NOT #OpenSource and that #Tarsnap's #SourceCode is merely made available for #security and #auditability reasons as well as enabling people to build it for their (potentially weird) machine...
http://tarsnap.com/open-source.html

@mwl @trini thanks, nice to know. I'm still figuring out between #tarsnap and amazon #glacier and other options for long-long-long term "cold" storage... I do have off-site "warm" backups covered for the most part, but thinking of some long-term off-site cold storage.

@trini and anyone else interested in the discussion (it appears @mwl wrote a book about it) - do you still use #tarsnap on a regular basis? What do you have backing up there, if you don't mind me asking?

Backstory: I had an email few weeks ago notifying me of my funds running low. I had some documents backed up there and I had about $50 prepaid - that was like 8+ years ago and I totally forgot about that...

I sent additional $20 their way, but was wondering - is it sill worth it?