Originally published at: https://boingboing.net/2019/11/28/save-over-90-on-5tb-of-cloud.html
Originally published at: https://boingboing.net/2019/11/28/save-over-90-on-5tb-of-cloud.html
Does the encryption take place on my computer or is it encrypted after it’s made the journey there?
From the FAQ:
Polarbackup uses 256-bit AES military grade encryption to encrypt your data locally and before it leaves your machine to be transferred over an SSL (Secure Socket Layer) connection to Amazon AWS servers where they are encrypted again with the same 256-bit AES encryption before they reside on the servers.
I was tempted by the amazing deal, and by the shiny website that makes it seem legit, but after doing a bit of research while writing this up I’m giving it the same pass I give to all too-good-to-be-true lifetime subscription offers on Boing Boing Store.
There is a lot to like about this offering. It’s upfront that it’s using AWS. The $69.99 price for a lifetime of 5TB of storage is amazing. I’m tempted to purchase this plan, even though I think that such plans tend to be Ponzi schemes that go belly up. Not only is there the $69.99 Boing Boing Store offer, Polar Backup are even offering a buy one get one free deal on their website to get you two lifetime 5TB plans for $99.
However, I do wonder how they are going to pay for their infrastructure costs for $69.99 knowing that they are likely paying between 30-50% of that to Stack Social. Can they really afford to pay Amazon $20/mo for 5TB of Glacier cold storage for years with the remaining $35-50? They say yes:
Polarbackup will not run away with your money and data.
How can they do it? Among other vagaries, they cite magic technology "that runs up to 100x more efficiently than AWS’ cloud ‘out-of-the-box’ "
However, this company’s website was first registered just five months ago, and the LLC only last month.
And even though they say they won’t run away with your money and data, their terms of service say they can:
"Polar Backup reserves the right at any time to modify, suspend, or discontinue providing the Service, in whole or in part, without notice. "
Not only that, you agree to indemnify Polar Backup, and no breech of the agreement on your part is needed for you be required to pay them and/or their vendors:
YOU AGREE TO INDEMNIFY, DEFEND AND HOLD Polar Backup, AND ITS OFFICERS, DIRECTORS, SHAREHOLDERS, AFFILIATES, SUPPLIERS AND LICENSORS HARMLESS FROM AND AGAINST ANY AND ALL LOSS, COST, DAMAGE, LIABILITY AND EXPENSE (INCLUDING ATTORNEYS’ FEES, EXPERT FEES AND OUT-OF-POCKET EXPENSES) ARISING OUT OF, RESULTING FROM, OR IN CONNECTION WITH YOUR BREACH OF THESE TERMS, YOUR USE OF THE Polar Backup PRODUCTS, OR YOUR BACKED-UP DATA.
You take on near infinite liability to Polar Backup by using their products.
And: “Uploads are limited to maximum 4GB file size with the basic plan, but users can upgrade to unlimited upload size by purchasing an upgraded plan.”
What counts as a “basic” plan, and how much does this upgrade cost? Good luck finding that out. A Google site search on
polarbackup.com for “4gb” or “basic” or “upgrade” shows only that one bare mention in the FAQ. But here’s a good guess: the 5TB monthly plan is $119 a month.
How do you get people to pay $119/mo when you sell 2-for-1 $99 lifetime plans? I’m thinking 4GB+ file size “upgrades” are involved - prices that are orders of magnitude higher than the lure price of the $99 lifetime subscriptions. We’ve seen such schemes in previous BoingBoing Store cloud storage offers, where one Zoolz-based back up plan used small print in the TOS to define the personal account offered in the deal as being restricted to having only a small percentage the backed up files be media files (less than 500GB of a 2TB account). You would be “upgraded” to a much more expensive “business” account if you had too many media files in your fully paid allotted storage.
Additionally, their FAQ says restores take 3-12 hours, so chances are when they say “AWS” they mean “Amazon Glacier”, Amazon’s cheapest storage product, their slow retrieval cold storage. One person talking about their experience with Polar Backup said it takes even longer than that:
The files showed up as “Cold Storage”, and to be able to see them, a request needed to be made, and then an email would be sent 1-3 days after when they would be avaialble for download. Not a viable solution for a restore process.
Another poster confirms you have to email Polar Backup to download files - something the FAQ apparently “forgot” to mention.
Researching the company isn’t simple because StackSocial is so effective at SEO spamming that I stopped even clicking “next page” on the search results because they were all stack social offers rather than the info on the company I wanted to find. However, the Anandtech thread on Polar Backup was enlightening:
Polar Backup was only incorporated on 22 Oct 2019, has not yet filed any accounts (because too new) and has the same director as Zoolz.
Remember Zoolz on BoingBoing? They are the service that was used by a sketchy re-seller offering lifetime backup in a previous Boing Boing Store/Stack Social offer.
So, ultimately, I’m going take this too good to be true pricing as being too good to be true. If you are thinking of trying it because “how bad could it be?”, remember it is non-refundable.
I’d be curious to hear other people’s take on it.
Why can’t I just rent storage space from the NSA and be done with it?
No TLS, so… Outdated transport encryption?
Yeah, probably. I’m not recommending them, and I personally wouldn’t use this service. Just answering a question.
I gotta admit that I see the phrase “lifetime subscription” and I stop reading.
Having said that, I did read your post. My guess is that (in addition to assuming that you’re not going to use all 5TB) they’re doing some kind of dedupe on the data they put in before it reaches AWS. That’s why it takes longer to restore–they have to get it out of Glacier and reconstitute it before you can download it.
They might have something that works really well for the types of data that most people back up, or they might not (I’m inclined to think not). Nonetheless, if they’re using AWS there will inevitably be some point at which the cost of storing the data goes over the up-front “lifetime” fee. It’s just a question of how long until they reach that point.
I think you’re right and it’s likely they’re doing something sneaky with the fine print.
Oddly, if they were offering a reduced annual rate for Black Friday instead of the lifetime subscription I’d be a lot more inclined to buy it.
They have to be doing something sneaky, because the math just doesn’t add up.
5TB of Amazon Glacier will cost PolarBackup $20 a month. (5,000GB * $0.004/mo = $20/mo). That is not sustainable if Polar Backup is charging $69.99 for lifetime 5TB subscriptions and people actually use them.
Polar Backup was registered as an LLC in the UK just last month to Muayyad Fahed Shehadeh, who also founded Zoolz, which is an Amazon Glacier-based backup company and claims to use 256 bit AES.
So, based on the shared CEO and technology of Zoolz and Polar Backup, this incident reported by Torrent Freak is perhaps germane (cribbed from my post on a previous zoolz-based lifetime backup offer on BBS) :
This zero knowledge claim has been called into doubt recently as one of Zoolz’ customers, Ryan Gallagher, had his account terminated after the company found several .torrent files in his backups. Gallagher didn’t store any infringing media, but just 1 Megabyte worth of old metada.
Zoolz wouldn’t let Gallagher recover any of his 1.3TB of back up data because he had some .torrent files in his back up - just the pointer files, not any actual copyrighted content. They said they couldn’t separate them out, so they destroyed all of his data.
Surprisingly, their extreme measures concern over copyright only applies to “home” accounts (like the one offered at the time in the BB Store). If you paid Zoolz more money, instantly copyright is no longer a concern.
“The flagging system is a deviation of the zero-knowledge policy only applicable to abusive home user accounts, not business users.
And if that doesn’t seem like a dichotomy that applies to Polar Express Backup, then note this from their website:
Could Polar Backup pull this kind of “When we said zero knowledge we didn’t really mean it” BS? Seems likely. The files may be encrypted but Polar Backup may, as you note, be de-duping them based on hashes, which means that any report of a copyright violation of one hash could result in every account with that hash being terminated. Is there an internet meme on your HD? Then you could loose your “lifetime” account and all of your archival data.
Further, your usage of your 5TB account will be terminated if your usage “greatly exceeds” the customer average, a vague, constantly changing secret number rather than an actual amount you can know and limit yourself to. And, conceivably, uploading 5TB of data to a 5TB account could be a TOS violation if that exceeds the amount uploaded to 5TB accounts by “average” customers. And you’ll have to take Polar Backup’s word for your use exceeding the rolling limit. Once your account is terminated for “excessive” use you’ll have 14 days to retrieve your data once, so better hope you aren’t on vacation at the time…especially given how it can take days to get access to the files to download, and who knows how long it would actually take to download 5TB of files via their systems and your ISP (and you could be dumped by your ISP if you have to do an unplanned data dump all in one goe for exceeding their bandwidth quota).
Polar Backup says such terminations are “infrequent”, which isn’t very reassuring from a company that’s a month old.
You could sue them if you had a problem with your account being unjustly terminated but it will have to be in Finland, as per the TOS, and you’ll have to pay all their costs and even the any judgement against them since, in that same TOS, you agree to indemnify them and pay all of their costs in perpetuity.
So, hard pass on this since the Amazon Glacier fees Polar Backup would have to pay to maintain a 5TB back up of unique files means I’d cost them $240 a year. Based on their costs exceeding their income, it’s tempting say Polar Backup is unsustainable and is the Movie Pass of backup deals, except I don’t think Polar Backup has any intention of loosing money on Glacier costs when they can just terminate inconvenient “lifetime” account customers instead.
And just as a kicker, the Polar Backup TOS states:
Polar Backup has a zero tolerance policy and will immediately terminate accounts that violate the law in any way, including storing, publishing or sharing material that’s fraudulent, defamatory, misleading, or that violates the privacy or infringes the rights of others.
I wonder if storing Boing Boing Store ad copy in a Polar Backup account could get it terminated?
I wondered about that too, since I’ve been looking at cloud backup in preparation for several months on the road and know AWS to be relatively pricey (eg, compared to B2). Also, the relatively cheap Glacier is probably not a good tier if you want to move data back and forth.
At home I use the free version of Veeam to back up my whole disk to a NAS, together with continuous backup of critical directories to a flash drive in my machine (using Duplicati). The ability to do backup without paying attention to it and without it being a big hit on the computer resources has made the difference between actually doing regular backup and living with risk. Unfortunately, this doesn’t work while away from home, and Veeam doesn’t seem to be compatible with inexpensive consumer-level cloud backups.
Yeah, it’s really optimized for long term storage. Glacier storage has a 3 month minimum. Even if you delete your upload after a day, you still pay for the full three months at full price. Which makes the Polar Backup lifetime offer all the more baffling, or suspect. If I do a 5TB back up and they load it to Glacier, that’s $60 minimum because they have to pay for a full three months at $0.004 per GB/mo, not including the upload charge. Plus there are separate upload and retrieval fees. Even if they were to terminate my account immediately after upload, they’d still lose money since they don’t gel the full $70 after Stack Social’s cut.
One thing to note in the Anandtech thread on Polar Backup is that people said they found it impossible to actually back up all of their files to Polar Backup.
After 4 days of continuous running, managed to backup just 100GB(!).
It seems possible that that buggy experience could be more by design than by accident.
This topic was automatically closed after 5 days. New replies are no longer allowed.