A few weeks ago I got a Synology NAS after having used a Netgear ReadyNAS for a few years.
The ReadyNAS was quite slow, especially when many small files are involved. I won’t go into details why it is the way it is, but the Synology NAS is much faster.
The ‘bare metal’ side of the Synology is worse (no display, case and drive bays more flimsy), but the software side is, generally, much better, with some exceptions (like the restrictions that snapshots have to be stored outside the RAID).
The (re)discovery of the loss of three months worth of digital photos made me rethink my backup situation, which is basically non-existent (RAID is nice but it isn’t backup).
I store snapshots of some folders on an external drive, but a better backup solution would be nice. I have thought about Amazon Glacier etc, but am not sure about the cost (not sure how many requests my backup would generate).
When I logged on to Dropbox I discovered, to my surprise, that I now have 1TB of storage – despite only having the free account …so I am now planning to use Dropbox to backup some folders, starting with my photo folder.
As I don’t want the nice guys from Dropbox seeing my photos I want to encrypt the backup. Not that there’s anything strange in my photos, but I haven’t read the Dropbox T&Cs that carefully, so I don’t know what they do with my files. I might also want to backup other files with more sensitive information in the future if this works well.
My plan was to create an encrypted disk image and sync it with Dropbox, but it turns out Synology has an option to encrypt the Backup for you. Unfortunately I didn’t find any useful information about what kind of encryption they use in their help file.
Problems with the out of the box solution
Unfortunately there are two problems with directly backing up files using Cloud Sync and the built-in data encryption.
- Files are sent individually and file names are transmitted as is (e.g. puffins.jpg is still puffins.jpg) and
- all files and subfolders of the folder I want to back up end up in my Dropbox’s root folder.
I’m not an expert, but I would assume that knowing the files are jpg means you know how their header etc is supposed to look like, and having thousands of individually encrypted files, presumably encrypted with the same key, should make it easier for anyone trying to decrypt them. I don’t even know what Synology is using to encrypt the files – maybe some simple block cipher.
My alternative solution is my original idea: to put all the files I want to back up in an encrypted disk image and sync that disk image to Dropbox. If you keep your files in disk image as well as in their ‘usual’ place it does however mean that you use up twice as much space on your NAS.
I created a new share where the encrypted disk image will go.
I then set up Could Sync to sync this share with Dropbox.
I then created a new encrypted sparse bundle image in this share.
Disk Utility / New Image. Choose sparse bundle under Image Format.
Sparse bundle images are a good choice because they expand when more files are being added, so they don’t take up too much unnecessary space.
This way you still get individual files sent to Dropbox, but they are in your sparse bundle folder and they don’t directly correspond to your original files anymore.
Because this is supposed to be a backup, not something I need on all machines using Dropbox I used selective sync in Dropbox to stop it from syncing this folder to my computer.