I need backup. The time I almost lost 80 hours of work tought me that. And I can't trust myself to handle the encryption. The guy who lost his life savings in bitcoins tought me that. And me, at four in the morning on a work day, trying to get GPG keys right for duplicity.

I also need about 200GB off site for stuff that I will never use again but want to keep. Enter Glacier.

Glacier will let me keep those 200GB online for 2 bucks a month. Ridiculously cheap, no? That's what I thought. The catch is, if you ever need to restore it, Amazon essentially does a random hash on your bandwidth usage and presents it to you as your bill. Seriously, that price structure is really, really hideous.

Why would Amazon do such a thing? I wonder. They don't normally suck. They recently coaxed an on-line vendor into sending me three boxes of dry ice because I wanted to see what would happen if I ordered Yoghurt. No one has ever so disproportionately outperformanced my expectations.

To mitigate my distrust of Glacier I kept on looking around and eventually came across a comment somewhere by somebody who said he's an ex Amazon employee. Apparently it's all custom hardware, with custom processors (seriously? wow) and custom hard drives with really slow spin cycles to reduce wear and power consumption.

This didn't make me like the price structure more, but it did help me believe that Glacier is more than just an elaborate scam. They can actually afford to be cheap. It the high retrieval fees reflect a trade-off with their hardware that actually exists, they are not just a way of preying on retrievers to subsidize those who don't retrieve. They are Amazon's safeguard against using their special custom hardware in a way that will break it.

What also helped is the realization that to have a safety net against an avalanche on your Glacier bill, you do a simple thing: Throttle bandwidth.

So I came up with the following strategy to sieze the opportunity that is Glacier:

* For big, important stuff I might need in a month, use it as secondary off site backup.
* For huge stuff I might need in 10 years, use it as the only backup. Keep the external hard drives but don't worry if they rot.
* Make a bet that before I might need to restore the full monty, someone, somewhere will create a Glacier client that will just let me set a budget and a timeframe. As a last resort, set up a RaspberryPi and a USB drive and keep it downloading for a couple of months. An Amazon Export-By-Mail might do the trick as well.

A little note on encryption:

The crypto community will never stop badmouthing Amazon S3 server side encryption, and I understand why. It's mathematicians who don't care how big a number is as long as it's not infinite.

Not screwing up encryption just takes too much time when it comes to backups. And with Amazon's encryption, they store the keys in a different place than the files. This means that a bored employee will not be tempted to thumb through my vacation pictures, which is good enough for me. The manager who has the keys will probably be too clueless to decrypt the data.