What I Would Do If I Ran Tarsnap

I've gotta agree with just about everything Patrick said there, despite being inclined more towards Colin's way of doing things.

For the last several years I've been running a business whose primary purpose, really, is charity: providing high quality technical services to people and businesses who couldn't otherwise afford them.

It sounds like a noble cause, but it sucks balls.

You're not serving your customers' needs if you end up in the hospital for any of a hundred different reasons that can happen to anyone at any time, and there's nobody that can manage the service for you while you're out. (Look: you obviously think that having a backup plan for data is important; why do you not think that having a business backup plan is also important?)

You're not serving your customers' needs if you can't afford to ensure the integrity of your own infrastructure. No business lasts forever; what happens if Amazon, two years from now, starts making policy decisions that cripple your business? Steve Jobs died just over two years ago and most people agree by now that Apple has become a different company. Bezos is not immortal, and there's a board of directors that would very much like to be making a lot more money from Amazon.

You're not serving your customers' needs by maintaining an unnecessarily high barrier to doing business with you. I do web and mail hosting for a number of customers. Having backups is really important to me. But I'm also busy and underpaid and my hair's always on fire and my bank account never has quite enough money in it, so tarsnap for me has never looked better than my current backup system (BackupPC on a machine I have physical access to in a secure location). Excel modeling to attempt to estimate my monthly costs for a service is obnoxious.

You're not serving your customers' needs by being unable to fix problems that they are actively complaining about because you're the only engineer in your business capable of addressing them.

Colin's current way of doing business is actively interfering with his goals -- assuming those goals are anything more than, "provide a cool backup service as a hobby".

You don't have to become a disciple of SV startup culture. There's a fantastically large middle-ground that allows for changing the business just a little bit without sacrificing its soul.

The amazing thing here is that both Colin and Patrick are amazing engineers: Colin as a software engineer, but Patrick as a business engineer. A business is an abstraction that can -- and should -- be engineered. That means understanding the scope and requirements of the problem being solved and then coming up with a system that meets them. Colin, for godssake, take Patrick's advice just as seriously as somebody should take your advice on cryptography.

Someone should just clone Tarsnap, run it as a business, and compete with Colin. He's in it for the fun and hobby, not the money and no one can change that in his personality. If anyone feels that a company can be doing something better but refuses to do it better, then compete with it.

People keep trying to "fix" Colin instead of doing the entrepreneurial thing and competing with him. He can't be fixed because there's nothing "wrong" with him. That's like telling Good Will or the Salvation Army to change their pricing. If you want a for-profit department store then start your own Walmart. If you want a better backup service like Tarsnap then clone the thing and do it better.

Tarsnap is trustworthy partly because of Colin's reputation, and you can't clone that.

Colin's an unfathomably smart, pretty reasonable dude. It feels wrong to assume that he's in this for the religion of it, or that no argument exists that's convincing enough to change his mind.

For the same reason, "fixing" seems like the wrong verb here.

Better, why compete? Just wrap him! Put up a better marketing site, sell packages, and pass the actual traffic back to Colin's servers. Volia!

What the OP don't understand is that there are services like that already (i.e. [1]). You want something more drobxy but supposedly secure?! Go for SpiderOak!!! Plenty of solutions around you could even buy Amazon S3 or Glacier storage yourself, make a gpg and use dump/tar/whatever-utility-you-like encrypt and upload them yourself using a script (or set of scripts).

[1] http://www.haystacksoftware.com/arq/

That... is interesting.

It's not easy to wrap tarsnap. If you own one tarsnap account, how do you split that up into multiple accounts? You'd end up writing code for account management and authorization (not written by colin).

Also, you can't provide the guarantees you want. You could hire 24 hour tech support but will they be able to troubleshoot colin's servers if they are down and he is sleeping?

Update: another business idea for Colin. Keep tarsnap as-is but license the server code for a fee so others can run a business as proposed.

The difference is, I trust Colin. Aside from djb he's one of the few people on this planet I would trust to write crypto/security software and get it right.

SpiderOak? Only heard about them because they're "hip" on here, given the state of technology in the average startup, I wouldn't trust them with my data ever.

So you want the hip part of Spider-oak and the quality of TarSnap. That's fine to ask, but these things very rarely play well together.

PS. Let's not be harsh on SpiderOak though, I never used it for backup purposes and haven't read about any security breaches or privacy concerns about it anyway.

As to "just clone Tarsnap", up till now I thought that only the client app is open-source, isn't that so? If yes, then I believe it's not even "just clone"?

I believe that the website mentions open source contributions, but that the entire client is not open source.