PC Pro

BARRY COLLINS

Malware writers will never go out of business while system backup remains so painfully flawed

- barry@mediabc.co.uk

Ransomware thrives from the lack of a backup plan

There’s one reason why the recent ransomware attack managed to knock out large parts of the NHS – and it’s got nothing to do with Tory pennypinch­ing, North Korea or any of the other excuses floated in my feature on p36. It’s because proper backup remains a monumental pain the backside. From backing up your smartphone, to your Windows PC, to the server hosting your website, nothing is as simple as it ought to be in 2017. I’ve been writing about this stuff for 20 years, and even I’m not 100% confident that, if my laptop were held to ransom or my website knocked out, I’d be able to fully recover. Certainly not without spending several hours doing so, anyway.

Windows remains stubbornly resistant to anything approachin­g angst-free backup. File History may look after your data if you’ve got everything stored on the main system drive and an external disk drive permanentl­y plugged in, but for those of us who’ve been working on laptops for the past decade, that approach is flawed. Most of my data is stored on an external drive, a setup that File History is unwilling to comprehend, forcing me to rely on third-party software and a paid-for cloud backup service to achieve anything like peace of mind.

Even if you’ve managed to make File History work for you, don’t feel too smug. Rumour has it that Microsoft plans to phase out File History in favour of OneDrive, relying on its cloud backup service to recover your data should the worst happen. As someone who’s given up using OneDrive due to the number of times it’s failed to sync files properly, I wish you the very best of British if that’s your primary means of file recovery.

Even if File History or OneDrive work flawlessly for you, they’re not fuss-free recovery tools. If your PC were struck down by ransomware and you needed to wipe the system and start again, you’d still have to find the right Windows ISO, reinstall all your applicatio­ns and then finally sync all your docs, photos and other files down from the cloud. You’d be looking at a day’s work to piece everything back together again.

At this point, I can see Jon Honeyball’s hand shooting up at the back of the class, pleading “please sir, please sir, why not back up everything in a VM?” Run your OS in a virtual machine, have a NAS drive take snapshots every hour or so, and simply restore the last working configurat­ion if everything goes pear-shaped.

To which my response is: why the hell isn’t Microsoft already doing this? It has the cloud infrastruc­ture, most of us have nippy fibre connection­s: why is not possible for Microsoft to take a daily snapshot of your Windows PC and let you restore any PC to its last known working configurat­ion via the cloud, much like System Restore works on a local level? Hold down F12 during the boot sequence, select the recovery snapshot, fire up the coffee machine and come back in an hour or so. I’d happily wire a tenner a month into Redmond’s coffers for the peace of mind that would offer.

The same goes for my web host. A couple of months ago, I made a schoolboy error with my business website. I was struggling to get a page to display a photo gallery in the precise way I wanted it to, when I noticed that my WordPress theme had an update available that might solve the problem. Did I take a backup before pressing that update button? Of course not, I’m an irrational, impatient bag of atoms and what was the worst that could happen? Within seconds both the live site and CMS were, of course, inaccessib­le.

It turns out the theme wasn’t compatible with the outdated version of WordPress I had installed (I know, I know). Wibbly wobbly WordPress seemingly doesn’t bother to check if themes are compatible before it starts an installati­on, it just ploughs on and to hell with the consequenc­es. Thankfully, the world is full of idiots, and some panicked Googling revealed a workaround involving manually editing the installati­on files and tricking WordPress into re-installing its default theme. Cue an entire afternoon wasted putting my website back together.

Again, why is this a problem in 2017? Backing up a website is just painful. The backup tools in cPanel are woefully rudimentar­y, while the many different WordPress plugins assume that you can get back into your CMS in the first place. Why can’t I pay my web host to take snapshots of the server and restore my site to a previous working state in seconds? I know it’s an option if I pay hundreds of pounds per month for top-grade hosting, but why isn’t it also an option for the entry-level hosting packages that most small business websites rely upon?

Backup is simply too difficult and too time-consuming for most people to deal with. And, for as long as that remains the case, the malware writers can keep counting the bitcoins.

Did I take a backup before pressing that update button? Of course not, I’m an irrational, impatient bag of atoms

?? Barry Collins is a former editor of PC Pro, as you’ll occasional­ly find out from the About Me section of his website. @bazzacolli­ns ??
Barry Collins is a former editor of PC Pro, as you’ll occasional­ly find out from the About Me section of his website. @bazzacolli­ns

Newspapers in English

Newspapers from United Kingdom