[AusNOG] CryptoLocker Virus

[Robert Hudson]

The underlying idea behind the tech may be old, but for given purposes, it
is still hard to beat tape.

I can buy LTO5 tapes these days for around $50 each. That makes their $ per
GB ratio very favourable.

Tapes also tend to be much lighter than hard drives for the data they
carry, and generally more resistant to bumps and knocks during transit.

LTO5 is also very good at storing streaming data - exactly what most
backups are made of (if you're off-siting anyway).

And as the old saying goes, never under-estimate the bandwidth of a
station-wagon full of backup tapes.

Sure, the latency might be horrible, but the payload is bigger than you'll
ever achieve using any known network protocol or technology - which is why
I've seen tapes used to migrate data between international sites (you get
get terrabytes of data from one side of the world to the other in less than
24 hours in nothing more compex than a briefcase and no more expense than
an economy-class ticket - doing the same thing over a network, no matrer
how much bandwidth you think you have between say Germany and Australia).
Oh, you want guaranteed delivery? Two copies (on tape), sent with different
minders on different flights on different routes.
On 25/10/2013 9:02 AM, "Matt Palmer" <mpalmer at hezmatt.org> wrote:

> On Fri, Oct 25, 2013 at 07:01:13AM +1000, Luke Smith wrote:
> > > I'm somewhat surprised that it isn't a more widely-broadcast best
> practice
> > > to ensure that the machine being backed up has no capability to modify
> the
> > > existing backup sets.
> >
> > And that's why I still think tape (or other offline storage) is still a
> > valuable part of any backup strategy.
>
> You don't need to resort to antiquated technologies to avoid clients being
> able to nuke their own backups.  Server-initiated backups (my preference)
> get this capability by default, and even with client-initiated backups,
> it's
> not hard to allow the client to create and write to a new backup set
> without
> allowing the client to modify or remove completed backup sets.
>
> - Matt
>
>
> --
> Sure, it's possible to write C in an object-oriented way.  But, in
> practice,
> getting an entire team to do that is like telling them to walk along a
> straight line painted on the floor, with the lights off.
>                 -- Tess Snider, slug-chat at slug.org.au
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20131025/2253c6f0/attachment.html>