This article describes a conceptual implementation of a free, secure, multiply redundant method of backing up an unlimited number of files using the increased disk space allowances offered by webmail providers such as Yahoo, Hotmail and Gmail.
In the past, email providers gave you enough room to store a good amount of plain email correspondance. Yahoo and Hotmail, the two leaders in free webmail, offered between 2 and 10 MB of disk space storage for free. Up until very recently, even if you were paying for a premium account your disk space was still limited to 25 MB using Yahoo. Today, competition is heating up for the free webmail providers, with Gmail offering 1 GB of online disk space, Yahoo now offering 250 MB per account, and Hotmail soon to follow. So what else can we do with all that offered disk space (other than send emails to one another)?
Free, secure, distributed backups
Signing up for a new account with Hotmail or Yahoo is relatively easy. It takes a couple of minutes to get set up. This article proposes a system whereby free, secure, distributed backups of your files can be easily created for a potentially unlimited amount of disk space.
The method proposed is as follows:
Back up your data
- Client application on workstation assesses files to be saved – operates like a normal backup program and can be your entire hard drive if you want.
- Backup program consults available online free webmail space, initiates account creation process if not enough space is available.
- Backup program then creates compressed, encrypted chunks in par format, saved to the maximum attachment size allowed by free email provider.
- Backup chunks are then sent to email accounts for storage
Restore your data
- Backup restore program determines which files you want to restore, looks up which files it needs to download from webmail to restore correct files
- Program downloads chunks from webmail, then reconstructs data and decrypts and decompresses data, saving it wherever you want it to.
- Your data is restored
Why this could / should be a web-based application
Part of the basic reason why you want to back up your data to a secure off-site location is in event of catostrophic failure. Your computer dies. Your hard-drive dies. Your house burns down. In these cases it may not be feasible that you even have the backup restore application available, or your encryption keys available to decrypt your data. In this case, using a 3rd party web-based application to do the back up and recovery makes sense. In a distributed, community-based model, multiple servers could be run, just as key servers are run, that would ensure secure and timely access to your data backup and recovery process.
Backup server architecture
The main function the backup server provides is maintaining an index of your available backups and the abilty to encrypt and decrypt your data. This might suggest a small, downloadable executable, probably written in Java for portability. You enter your username and password into the small backup/restore applet and it communicates with the server to establish a key pair for the encryption. You would have the option of saving your private key locally, to a USB key device for example. The server might also store both public and private key pairs encrypted with your password for the purpose of remote web-based file access.
This system relies on having access to a high-speed Internet connection in order to function efficiently. The desirable use of bandwidth would be between the workstation and the webmail providers. So the Java applet would connect to the webmail provider and download each required attachment for the backup restore, or would send an email using the webmail interface to each account to store the backup.
This vs. other backup systems
The main difference between this proposed approach and other currently available backup systems is the use of the free webmail and storage providers to provide distributed and, most importantly, free online backup storage space.
Please add your thoughts or comments below regarding this concept. Has it been done already? Is it worth it? What would you change or do differently, and why?