[Box Backup] Mailbox backup is dangerous.

Achim boxbackup@boxbackup.org
Thu, 27 Aug 2009 14:53:59 +0200


Gentlemen:

On Thu, 27 Aug 2009 13:09:50 +0200, Christian Tschabuschnig
<tschaboo@gmx.at> wrote:
> Micha Kersloot wrote:
>> I have to warn you this is very true. There is no deletion time
recorded
>> by boxbackup.
> 
> This is a very serious bug and I'm wondering why this issue didn't start
> a big discussion here at first. I think that there should be a big
> disclaimer on the front webpage which says something like "doesn't
> (always) behave like you'd expect" or similar. Because boxbackup isn't
> usable in this state and not only dangerous to mailboxes but also to my
> digital photos and other stuff which I want to protect by backups!

My understanding of what you are saying is making me a bit nervous. Could
you please confirm whether I should get really nervous by confirming or
disproving the following simple, but very real use case:

0. User configures BB to sync D: drive to his dedicated BB server on a
daily basis and checks that everything works. He was assigned himself 50GB
of quota, since nobody else is using the service anyway.

1. User copies his summer vacation pictures from his digital camera into
d:\photos

2. The week after, the user unknowingly overwrites some of the holiday
photos from step 1. without noticing: the digital camera re-uses the same
filenames for different photos from a visit to the zoo!

3. Six months later, the user wants to create a photo book as a present
for christmas and tries to access his summer pics, and detects that they
had been overwritten with the zoo pictures.

4. User tries to restore Summer photos from his BB server, but finds out
that they have been deleted by housekeeping!

Could this scenario happen with BB: does it delete files from the store
that don't exist on the original machine anymore? Isn't protection against
accidental deletion one of the main reasons for backup?

> But otherwise I like boxbackup - and it's "lazy approach" - very much
> and it's working for me. The planned snapshot approach would solve the
> issue, but it doesn't sound as if that would be implemented in the next
> days or weeks.

Some visibility on what milestones are pending and how the list could help
would indeed be great.

> Again I'd like to emphasize that this deficiency should really be
> communicated very clearly to current and potential users of boxbackup
> and not just to the minority reading this mailing list. That openness
> and honesty is one of the major reasons (for me) to use OSS.

First I need to understand what the real implications are: the talk about
flags and "last seen" etc is slightly confusing for me.

Achim