Sophos Free A-V For Mac May Kill Time Machine Backups 133
kdawson writes "Herewith the tale of the instantaneous loss of 19 months of Time Machine backup data, with the possible involvement of a fresh install of Sophos's new
free Mac A-V package. Sophos support has been contacted but has not responded as of this writing."
seems about right to me (Score:2, Interesting)
you sometimes get what you pay for.
Re: (Score:1)
Only if you tell it to delete them (Score:1, Insightful)
As he apparently did. Perhaps it wasn't clear enough, but it's not like it just randomly did it.
Also, backups are backups. He can just create new ones.
Re: (Score:2)
Also, backups are backups. He can just create new ones.
Exactly, that is what I don't understand. I have to use a Mac at work, but I've never tried Time Machine since I use rsync on everything - even Windows machines. But in any case, if TM "backs up" your data, you end up with your original data + a backup with the point being you can lose one of the two and still have your data. So what happened here? He lost his backup, then what about his original data? How did he lose all his work when only the backup is gone?
Also, he probably messed things up by killing pr
Re: (Score:2)
Exactly, that is what I don't understand. I have to use a Mac at work, but I've never tried Time Machine since I use rsync on everything
That's why you don't understand. Time Machine keeps historical data around, so you can have say a laptop with a 250 GB drive, a 2 TB backup drive, and everything that was ever on your laptop drive will be on your backup drive. Like the OP said: 19 months of historical data. Time Machine is basically backup for the current state, plus history.
Re: (Score:2)
If you need that historical data, it should be kept on some kind of permanent storage, which is backed up. Relying on old backups to keep it around after you deleted it is not a valid approach, any more than filing your old records in the trashcan is.
Re: (Score:2)
Hmm... So it would be a bit like me using rsync without the --delete option so that data that gets deleted is not erased from the backup and then I go and ERASE data that I NEED from my working copy, since, you know, it is "backed up" ???
Hate to break it to the OP if that is the case, but keeping a single copy of your data cannot be called "backup" in any way. The whole situation sounds idiotic, as a historical backup that can get corrupted in various ways used as your single data store is LESS safe than no
Re: (Score:2)
Not just that, it includes snapshots.
Say you want to go back and look at your resume as it was 4 months ago. Or you're working on a project and you want to see what it looked like before you made a big change.
Re: (Score:2)
Yes, I get it, I was using Amanda over a decade ago. And it is exactly the reason I said it is more liable to corruption than just having your files somewhere. So it provides more functionality than just a backup copy PROVIDED THAT you don't go deleting your original files - otherwise you have the extra historical functionality but at a great risk.
Re: (Score:2)
Time Machine is not backup.
That is what *I* am saying. The way OP is using it, it is like a repository, he can't claim "his backup is deleted" when he is using a backup tool as a repository.
Oh, because Time Machine apparently is not supposed to be something like svn/git. According to apple:
Time Machine will automatically back up your entire Mac, including system files, applications, accounts, preferences, music, photos, movies, and documents. But what makes Time Machine different from other backup applications is that it not only keeps a spare copy of every file, it remembers how your system looked on a given day — so you can revisit your Mac as it appeared in the past.
Note the "spare copy" - you are not meant to delete files you need from your working directories.
Re: (Score:2)
That's all well and good as long as you notice it deleted your backups before your hard drive crashes. And it assumes that you don't realize the next day that you need to revert some file to a previous version, or you deleted some file by mistake 4 weeks ago that you really needed.
Backups are there to protect against the unexpected, so while these might be low probability events, they are exactly what your backups are there for.
Re: (Score:2)
He says that it was "irreplacable data". The whole point of a backup is that the data is trivially replacable, because it has been duplicated. I suspect his backup routine is rather like this one [penny-arcade.com].
Re: (Score:2)
He says that it was "irreplacable data". The whole point of a backup is that the data is trivially replacable, because it has been duplicated. I suspect his backup routine is rather like this one [penny-arcade.com].
You really don't get it do you? Time machine is not just a backup, it is a lot like a repository such as SVN. It lets you find a previous revision of a file or project and save it out somewhere else to do a comparison or undo changes you decide that you don't want. It is an incremental backup.
Re: (Score:2)
Except that it's designed so that older backups eventually expire, depending on usage. There is a finite limit to what it can store and using it as long term storage is a bad idea.
That is all very interesting but the same thing eventually happens to source repositories since storage space is finite and performance of a repository decreases over time if you don't archive once in a while.
For all intents and purposes, it is unlimited from a consumer perspective since you are not going to want to go back more than a year anyway and it is a good idea to have a time machine backup drive that is considerably larger than your system directories + home folders.
Re: (Score:1)
If his backups were that important, maybe he should have backed them up!
Not needed (Score:2)
With a little sophostry installed from Sophos, backups are a thing of the past. You will now never lose a file either due to virus, trojan, or simple human error. Want to revert to how your essay looked 12 hour ago? You no longer need to! Sophos magically takes care of all errors and mistakes for you ahead of time, freeing you up to work effortlessly and error-free on your gorgeous Mac without the constant file churning that Time Machine used.
Loss of data, backups disabled without warning? (Score:3, Funny)
Sounds like a virus, you should install AV
Sophos (Score:1)
Compared to Norton, Symantec, and the other system-strangling solutions available for virus detection, Sophos is definitely the leading provider. When I was at college (10 years ago), their software scanned everything coming in and going out, and yet hardly slowed the systems down at all (yes, if you had a local machine Admin account you could end the process and prove this!)
I would be surprised if this turned out to be true.
Re: (Score:2, Informative)
Norton is made by Symantec, they are not separate entities. Sophos is a leading provider? Never even heard of them.
Re: (Score:2)
Re: (Score:2, Insightful)
If you're a government, educational institution, or a large corporation, you've definitely heard of them.
If you're a troll on /. with no real experience working in IT, then of course you haven't heard of them.
Re: (Score:1)
Sophos DID hardly slow the systems down at all, it maxed out 1% CPU time most of the time, and flagged "dodgy" executables as they landed in the network share, before allowing Windows even to load icons from them. I realising I'm biting YET ANOTHER troll, but what else is there that one can do to fight bullshit and misinformation? Anybody else got experience using Sophos in an NT4 Workstation / Server environment "back in the day" wanna back me up?
Re: (Score:2)
Re: (Score:1)
Yes, but I was actually illustrating that Sophos has a very long history of writing quality bug-free software for mission-critical environments, like Governments, Educational Institutions, and large corporations.
The chances of their software not functioning as intended and screwing up systems or backups are far smaller than their lesser counterparts, Symantec et al, and the whole article smells of Troll Fat.
RTFA First (Score:3, Informative)
After looking through the article, while the user seems to have erred in taking Sophos and Time Machine both at their word -- I need to re-read the part he was talking about VMs, something there didn't sound right but I'm not sure what -- and been a little too quick with the OK button, it does strike me as odd that Sophos didn't drop some kind of error when it tried to write to the backup file.
How does Sophos do this? (Score:4, Interesting)
He tried to open a quarantined file, once with the 'cat' command
and once with vi, as root, and both times Sophos warned him and
prevented him from proceeding. Now, the code for the 'cat'
command is quite simple, it basically just does a open(2)
of the file and then issues a series of read(2). My question
is: Does Sophos actually intercept the system calls in order
to make sure no application opens an infected file? If so,
wouldn't that introduce a HUGE performance penalty on the
everything happening on the machine, since these system calls
are so crucial?
Re:How does Sophos do this? (Score:5, Funny)
If so, wouldn't that introduce a HUGE performance penalty on the everything happening on the machine, since these system calls are so crucial?
Uh, it's anti-virus software: of course it introduces a huge performance penalty when accessing files. Otherwise, how would you know that it was doing anything?
Re: (Score:2)
If so, wouldn't that introduce a HUGE performance penalty on the everything happening on the machine, since these system calls are so crucial?
Uh, it's anti-virus software: of course it introduces a huge performance penalty when accessing files. Otherwise, how would you know that it was doing anything?
What I've never understood, is why? Why not just check on writing; and reading on removable drives?
Re: (Score:2)
When virus definitions are updated, it is possible that a file that was written in the past is now considered infected. As well, the file could have been written to the disk without the antivirus software's knowledge (could have not been loaded, killed/crashed, etc).
Still, I agree with you that most of the time we have already scanned the darn file..
Re: (Score:2)
What I've never understood, is why? Why not just check on writing; and reading on removable drives?
2 things:
firstly they may keep track of which files have been scanned with the current up-to-date DB and not re-scan them on read, though it may be slower to do the lookup than to just do the scan.
secondly think about the situation described in TFA, he went to open a scanned, identified and infected file.
Re:How does Sophos do this? (Score:5, Funny)
Yes.
Really, though, on a Mac, it should have a mode that makes it noop unless it's a Microsoft Office app running.
Re: (Score:2)
Re: (Score:3, Interesting)
Mac extended attributes tell the OS when not to open a file. For example com.apple.quarentine get's tagged onto every file you download from the internet unless it's of a set of known safe file types. If you have os 10.6 try typing ls -loe@ in your downloads folder. When you edit a file the mac file system also tags it as changed so it knows it will need to back it up without having to go checksum compare every file like rsync checksums do. Thus it's perfectly possible that the virus software could int
Re: (Score:2)
Yes, but it's not something that's done by intercepting system calls. The com.apple.quarantine attribute is only respected by apps like Finder which are specifically looking for it. If you just use something like 'cat' in a terminal window you can still view the file without getting the "ZOMG! This is from teh
Re: (Score:2)
Yes, but it's not something that's done by intercepting system calls. The com.apple.quarantine attribute is only respected by apps like Finder which are specifically looking for it.
No this is not true. While the finder does a pop-up for these the system does check this attribute. You can see this for example when you launch code you compiled yourself, even from the bash command line. Look in the 10.6 OS system.log and behold there is a warning that the code is not signed. No finder involved; the finder is simply more vocal, but it's the system that is checking things.
Re: (Score:2)
What I don't like about this is that when I compile code, every time I run it, a waring message gets written to the system log unless I also code sign it before I run it.
You don't like that unsigned code gives you a warning?
Re: (Score:2)
Well... yes. That's how every single real-time virus protection suite works. Files are scanned for viruses (using lookup tables and/or heuristics) before being passed back to the application.
That's also why for quite some time my company policy has been at least two CPU cores per computer - one for the virus scanner and the OS/apps can have the rest.
Re: (Score:3, Insightful)
That's also why for quite some time my company policy has been at least two CPU cores per computer - one for the virus scanner and the OS/apps can have the rest.
That doesn't make sense. When the scanner kicks in, the application is blocked on the open() call until the scanner is finished analyzing the file, so your second CPU does nothing, and vice versa.
Re: (Score:2)
Maybe they run background scans?
I won't pretend to understand core coherency under Windows, but if they have one of those network traffic interceptors, conceivably every other thread in a multi-connection webpage load could get scheduled to a different core and get interleaved between scanning and transferring.
Probably smarter just to benchmark it than reason it out.
Or, if they do the standard corporate thing and keep RAM low and swap like mad, the second core can run the memory manager. ;)
Re: (Score:2)
I think you misunderstood. More CPU cores won't make that application, or more correctly that thread, any faster per se. They will, however allow other threads to continue running while the first CPU core is tied up with CPU-intensive virus scanning.
Re: (Score:2)
Yes, and yes. That is why all AV software sucks.
What do you suggest as an alternative? Remember, people have grown to expect real-time protection.
Re: (Score:2)
***What do you suggest as an alternative? Remember, people have grown to expect real-time protection.***
Good question. In this case a disable network-virus scan-backup-re-enable network scheme without real-time protection might have worked better, but it is hardly bulletproof. It's a little late to point out that it would have been better to have alternating external backup drives -- more to protect against hardware failure than software issues. And that won't work if you don't know the backup drive has
Re: (Score:2)
It's a bit of a problem in Windows since anything could potentially be an executable including an email or a Word document (gee, thanks MS!).
SOME GUY LOST SOME FILES (Score:3, Funny)
Not sure why, film at 11.
Re: (Score:2)
Because that 'some guy' is the infamous kdawson.
Re: (Score:2)
Time machine had backed up a virus, so Sophos killed the entire Time machine backup image to get rid of it.
Re: (Score:1)
"Time machine had backed up a virus, so Sophos killed the entire Time machine backup image to get rid of it."
Not quite what happened, according to the article.
Time machine had backed up a virus, so Sophos blocked the user from meddling with it and stated it could not automatically remove the virus. The user then attempted to work around both Sophos and Time machine and discovered that not only did he remove the virus, he corrupted his TM plist, which meant that it lost the record of what files belonged in
Re: (Score:3, Insightful)
It's the media effect. If we invade another country and accidentally kill a few tens of thousands of civilians, and suffer hundreds of casualties, it won't be presented as effectively as the death of the single journalist who got shot in all of this.
Mess up a few hundred random computer dudes, and nobody may hear of it. Don't even in the slightest mess with a /. editor, or lots of people will know.
Assuming this is true.... (Score:4, Insightful)
... Then this is a serious hit to Sophos as they have a very good reputation. Having said that, AFAIK this is their first Mac app. So perhaps it needed more QA before release. Until more reports of this phenomenon appear, I'd reserve judgment. However it might be wise for Sophos to get out front of this issue before the spin gets out of control.
Re:Assuming this is true.... (Score:4, Informative)
Re: (Score:3, Insightful)
Re: (Score:1)
No, each time machine backup is a folder that mirrors the root of your hard drive. Each file is separate on the time machine drive. Space is shared for unchanged files and folders between backups using hard links.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
If your backup drive is a locally accessible drive, Time Machine stores your HD data to the backup drive as files, folders, and (I think) lots of hardlinks. That's how time machine is designed to work. You don't have direct file system access to a volume when you access it over a network, so Time Machine fakes it by creating a sparse bundle on the destination volume, mounts THAT as a 'local' hard drive, and chugs along.
Re: (Score:2)
That's how it presents itself to the user, but it does this magic inside a Sparsebundle image file.
Re:Assuming this is true.... (Score:5, Informative)
No, it's separate files. You can browse it using finder or terminal.
Unless you're backing up a filevault protected home directory. Then it handles it in just about the stupidest way possible: it saves the whole honking encrypted image as one big file.* And despite the fact that it doesn't decrypt the image, it still only works if you're logged in and the image is open.
*If you're set up as sparse images, then you do a little better. But still, no incremental backups for you. If a file changes, you have to copy the *whole* thing, because good encryption won't make it obvious which bits of the file are different. Also, I'm not sure it can tell which files are, say, disk cache for the browser....
Re:Assuming this is true.... (Score:4, Informative)
FYI, I'm not using filevault, just individual files to be backed up... but TM uses sparsebundles in ways I don't begin to understand. One respondent via Twitter suggested that Sophos may have simply been in the process of deleting the entire sparsebundle -- i.e. the entire lot of backups -- when I killed its process. No idea if this is correct. I hope Sophos eventually provides some insight.
Re: (Score:2, Interesting)
Have you double checked to make sure that you can't still see the backup history using the native Time Machine browser app? In my experience with TM failure, one symptom included a sudden change in the amount of free/used space reported - not unlike your experience - see below for more details.
One of the reasons I switched to Mac was because I liked the Time Machine concept. I use a Seagate USB drive plugged into a Macbook Pro. A few weeks in, Time Machine reports that it is unable to complete a backup. Mul
Re:Assuming this is true.... (Score:5, Informative)
One thing. directly connected hard drives do not use sparse bundles if FileVault is not on,.
Re: (Score:1)
Re: (Score:2)
In 10.6, browser cache does not get backed up for a non-filevault user....
Re: (Score:2)
My backup disk is a Time Capsule, whose internal disk is connected only wirelessly. Probably doesn't count as direct-connected. Does it therefore use sparse bundles?
Re: (Score:2)
No, it's separate files. You can browse it using finder or terminal.
Yeah, that's what I see here on 10.5 as well - at one point I had my rsnapshot backing up a Mac's Time Machine 'latest' tree.
From the other comments here it sounds like 10.6 might have gone with sparse bundles for all of its backups? Maybe to enable encryption?
I dunno, Apple has abandoned my wife's Apple hardware. Her Mini will get turned into a mythfronend when Lion is shipped. Too bad the iLife analogs on Linux are terrible (quite feat
Re: (Score:2)
Re: (Score:2)
Here is what I would expect:
If it does it without decrypting the contents, then the user shouldn't need to actually be logged in in order to get the benefit of the backup. It should back them up if it's changed since the last backup regardless of whether the user is logged at the precise moment backup begins.
OR,
It could require the user to be logged in, because it needs access to the unencrypted files. Obviously, it would encrypt the backup itself. The benefit here would that a logged-in filevault user w
Re: (Score:1)
Re:Assuming this is true.... (Score:4, Informative)
yes, one large file which is actually a sparse disk image.
it's a sparse disk image bundle thingy. Which uses a bunch of 8MB files, not one file. from the hdiutil man page [apple.com]:
By default, UDSP images grow one megabyte at a time.
Introduced in 10.5, UDSB images use 8 MB band files
which grow as they are written to.. -imagekey
sparse-band-size=size can be used to specify the
number of 512-byte sectors that will be added each
time the image grows. Valid values for SPARSEBUNDLE
range from 2048 to 262144 sectors (1 MB to 128 MB).
The maximum size of a SPARSE image is 128 petabytes;
the maximum for SPARSEBUNDLE is just under 8
exabytes (2^63 - 512 bytes minus 1 byte). The
amount of data that can be stored in either type of
sparse image is additionally bounded by the filesys-
tem in the image and by any partition map. compact
can reclaim unused bands in sparse images backing
HFS+ filesystems. resize will only change the vir-
tual size of a sparse image. See also USING PERSIS-
TENT SPARSE IMAGES below.
Re: (Score:1)
TM had the privileges to stop Sophos fucking this guy's shit up. Sophos should probably have been aware of the existence of Time Machine and perhaps had a specific behavior or at least prompt for it (as TM comes with the OS IIRC - i'm not a mac guy and never use TM when i'm on one).
blame sophos?
blame apple?
let the shitstorm begin.
Re:Assuming this is true.... (Score:4, Insightful)
Re: (Score:2)
My Time Capsule instantaneously loses... (Score:1)
Re: (Score:2)
Something must be broken then in your setup somewhere, because I use a Time Capsule, recently upgraded from 500GB to WD Green 2TB, and never had a single data loss/corruption issue. I'm using it with a MBP and an iMac, and have used it with OS X 10.5, and now 10.6. Not a single problem, apart from running out of room on the 500GB drive and having to upgrade.
Re: (Score:2)
How did you get data from the old drive to the new one? I have the 1 TB model, but that won't last forever.
Re: (Score:2)
I didn't. Simply reinitialized the time machines on the new drive.
Transferring data would have been trivial. All you need is SATA-USB or SATA-Firewire adapter. Procedure I'd use:
1. Format the new drive with same format as the one in time capsule (remove it, check whether it's HFS+ journaled or not, put it back).
2. Hook up time capsule via gigabit ethernet, hook up new drive via USB/Firewire.
3. Disable time machine.
4. Mount both drives.
5. Copy all files over using a *recent* rsync, with xattrs/acls and whatn
Re: (Score:2)
I think step five might be the secret sauce.
Re: (Score:2, Funny)
Trash your preferences!
flash the P-ROM!
buy more RAM!
i can't help you! ...well, that's the usual order of responses i get from mac techies.
combo of bad apple, bad sophos, and stupid user. (Score:2, Informative)
The closest I've ever come to AV software has been running clamav on a Slackware machine acting as a mail server, but I do understand how they work. It doesn't look like it was the AV's fault.
Well, it was in a way, AV software is a braindead solution to a problem that shouldn't exist. Use only properly signed software from trusted sources in a secure platform, that's a real solution.
Anyway, this guy killed both Sophos and the Time Machine process in the middle of a backup, while they were both trying to acc
Re: (Score:1, Insightful)
Well, it was in a way, AV software is a braindead solution to a problem that shouldn't exist. Use only properly signed software from trusted sources in a secure platform, that's a real solution.
So.. You are never allowed to download something and try it out, unless it's from a trusted source. Exactly how are normal people supposed to get their programs into said trusted sources? Should we perhaps have an "app store" for all software, putting a few large entities in control of what is acceptable or not?
I also enjoy your naive belief that virus can only spread by downloading and running infected code. This is not 1989. Comprimosed web pages, exploitng holes in browsers and browser add-ons, infected
Re: (Score:2)
I also keep a copy of combofix [bleepingcomputer.com] on a usb drive just in case.
Re: (Score:1)
Come on dude.
Use a modern, secure operating system. Use only free software that has been reviewed by the community. Peer-reviewing works, you know?
I only use Free Software. We review everything that goes in those repositories. It's simple, and it works.
Don't use privative software, don't download from untrustworthy sources. Easy.
Re: (Score:2)
Also, don't ever accidentally subject yourself to zero-day exploits in your browser, which means never browse any valid website compromised by malware pushers without the knowledge or consent of the website owner.
In other words, connect your computer only to a fantasy Internet powered by the carbon-offsetting power of unicorn farts and good wishes.
Yes, the world is out to get you. Not you personally, of course; you're not that interesting. Just you as part of the entire gamut of possible malware victims. Th
Re: (Score:1)
My browser runs as a non-privileged user on a secure Unix system. The process itself doesn't have write permission on any executable file, not even itself.
That user is != to my actual user, so it won't even get to my docs or other information. It'll only affect my browser, which can write nowhere but it's own home directory. If something like that happened, restarting my browser and killing any process it might have spawn would be enough.
Re: (Score:2)
***Well, it was in a way, AV software is a braindead solution to a problem that shouldn't exist. Use only properly signed software from trusted sources in a secure platform, that's a real solution.***
Uh, Yeah. ... Of Course.
Now that you have solved that problem for us, what are you going to tackle next? World Peace? Finding economists who understand economics? Keeping sociopaths out of political office?
You do understand that the trusted sources solution is utterly impractical once you allow access outsid
Re: (Score:1)
Not true. I use Free Software. I was a Slackware user for ages (version 3 through 12, then I switched to Ubuntu). I trust the community. I've never gotten malware into my machine. Security bugs? Sure. They were all promptly fixed.
So, don't say that something that has been a reality for 20 years isn't possible, you sound stupid.
Cost/benefit (Score:1)
Re: (Score:1)
Well, zerodays attacks can not be detected.
And the only thing the AV will do is to scan for Windoze viruses, and Mac before it got the X in OS X.
So its more or less completely useless, except for helping the poor mass of sheeps that should never be allowed to use a computer because of their stupidity.
if there are no viruses on OSX, why use? (Score:1)
if there are no viruses on OSX, why use an antivirus program? don't we have to wait for OSX to be compromised first?
I am actually not surprised (Score:4, Informative)
The time machine stores the back up files on an external hard drive in a specific way such that can perform the backup task and the possible restore task effectively. In order to this to work noone should modify or delete any data stored in the backup location. This will most likely corrupt the backup.
The author of the article told Sophos AV to delete files from within the time machnien backup location ... well, of course one can expect that it messes things up.
What the? (Score:1)
First, we get an article that consists of one idiot posting on a blog who openly admits that he clicked delete himself on the popup and thus caused the problem in the first place. If it had been a critical set of Windows backups, the same thing would have happened, or even the System Restore folders.
Then, I realise it's an article by kdawson who I have deliberately blocked because all their submissions have glaring errors and omissions or are nothing more than rumour, but they've handed it off to another p
and the other 95% (Score:1, Flamebait)
Lost what, exactly? (Score:2, Interesting)
kdawson complains about having lost nineteen months of 'mac life' but what was there to lose? These were backups. They weren't the only location of the files in question, and if there were files stored only in Time Machine, are you also one of those people that keep important files in the trash can?
I'm not saying there isn't a problem if Sophos deleted the backups, just that it isn't that big a deal.
Timothy (Score:1, Insightful)
Please never refer to yourself as an editor. Ever.
Not such a bad thing (Score:1, Flamebait)
The guys sounds like a complete douche and fanboi - drooling on about it being Unix, and having root, and having the 'cat' command. You bent over for Steve Jobs buddy, and not you're finding Macs are just computers too. Sorry for the loss of your innocence.
Backup (Score:2)
IMHO a backup of something important should be done with the simplest method possible. Put it on a medium (optical, HD, ...) and put the medium in a cupboard to never touch anymore. Why trust a program of which you don't know exactly what it does and that can be influenced by other programs as turns out now?
It's key to read the instructions (Score:1, Insightful)
If you're using Time Machine and you think it'll keep files you've deleted from your original drive around forever, you're mistaken. Time Machine focuses on staying current; if you run out of space on your Time Machine volume, it starts deleting old backups to make room for the new ones. It assumes that since you deleted it, you don't want it anymore. It'll keep it around for a while as a side effect of how it works and as a convenience, but it's not the priority.
It also defeats the whole purpose of backing
Re: (Score:2)
Time Machine is too easy to use. Many users even use it for archiving deleted files or older versions of files. This is madness. A Backup is not an archive. As soon as you start to rely on parts of your backup as a source of data that is not elsewhere anymore you deserve everything that may happen to you. But you'll never get this into the brains of users. Give them a backup system that is easy to use and they will use it for letting it archive stuff.
Used just as a plain silly backup system TM is great. Set
Let me get it right... (Score:2)
The virus scanner asked him whether to delete the files, he clicked "yes" and thats it? So what would should the program have done?
Comment from G. Cluley of Sophos (Score:2)
I've added a comment from Sophos's Graham Cluley to the end of the blog post [recoveringphysicist.com]. He/they have been quite responsive, especially given that the free A-V product comes without official support. Apparently I am the only one ever to have reported such a problem with Time Machine.
Re: (Score:2)
It's a daemon that copies files that have changed in the last hour to an second hard drive. It's useful for casual development work, and the GUI client is intuitive. I've also used it to recover files after they've been over-wriiten by buggy programs. It's also come in handy for certain games-- if the autosaved game file from today is less interesting than the autosaved game file from yesterday, or two weeks ago, I can recover the older files.
Yes, you can get the same effect by running VMS, or Git, or adhe