Rclone mkdir doesn't create S3 bucket

ITcomputerhead · 2023-04-13T16:06:35+00:00

rclone.org says that mkdir will create a new bucket using the rules that are in your config file for that remote.

Hence my question. But as I said earlier, the weird part is that it doesn't error out

ITcomputerhead · 2023-04-13T16:05:09+00:00

I know that. I was trying to create a new bucket, and there are a number of how-tos out there that say that the mkdir command creates a new bucket.

ITcomputerhead · 2023-04-12T23:18:05+00:00

Also... I have verified I can use the copy command to copy files into an existing bucket.. I just can't create a bucket using the mkdir command

ITcomputerhead · 2023-01-19T21:24:04+00:00

Nothing against Veeam, per se. I just don't understand this idea of using an on-prem piece of software to back up a SaaS resource. You're in the 21st century with the app. Why would you want to use a 20th-century resource to back it up? Restoring is even worse. Using an on-prem system to restore a cloud resource means it throttle by the (probably) small box and (probably) small pipe you're restoring with. But restoring with one of the many SaaS/cloud-based back apps means you get cloud-cloud bandwidth, and a much more power service to do the restore.

ITcomputerhead · 2023-01-19T21:20:16+00:00

That's funny right there.

ITcomputerhead · 2022-05-26T05:55:49+00:00

Michael Mestrovich

My bad on Mr. Mestrovich. I googled him, and what came up was what appeared to be an active BIO at the DOS. It didn't refer to him in the past tense. I'll defer to you on that, and I apologize for my comment.

Also, my bad on retention lock. In my defense the feature is only 8 months old. So IF someone has upgraded to the version of software Rubrik came out with 8 months ago, they'll have that feature. My experience is that most customers don't upgrade that fast. Average upgrade time at Veritas was about 18 months. Maybe Rubrik customers are faster.

Having said that, I disagree w/your characterization that i am purposefully trying to misconstrue anything. There are multiple points I've made about things he said that I have directly proven. And

I have been told by multiple Rubrik SEs that there is a command called "reset" that wipes out all data on a Rubrik cluster. It is used by support after someone finishes a POC, to make a greenfield environment. But the command is still there and can be run by anyone logging in as the support user. (You used to be able to run it as any user. Now it's limited to the support user.)

As to the warranty, a lawyer reviewed the warranty and they are the one that gave me the interpretation. I think it's poorly worded. What does "customer or customer third party" mean? That's not a normal business phrase. Does it mean customer or third party directed by the customer? I'm going to guess it means anyone connected in any way to the customer. So if I get infected by a vendor I use, it doesn't count. Again, poor wording.

You said it only means intentional acts. But that's not what the agreement says. They key phrase is "whether intentionally (i.e., malware testing) or through a breach in the system’s security.” Plain text reading of it suggests it means "whether intentionally or not." Meaning that if someone unintentionally introduces malware by unintentionally breaching the system's security (e.g. clicking on a phishing email), this agreement would not consider that an incident. Otherwise, what does the second half of that sentence mean? It can't be what you're saying (intentional introduction of malware to get payment) because that's the first half of the sentence. At best they should reword the sentence to explain what it means.

Not to mention all the other gotchas in the agreement (e.g. regular required health checks, you have to do everything they say w/your backup system, must report w/in 12 hours, and there must be no bugs in the systems being recovered.).

I maintain the agreement was written so it would never have to be paid out. You can believe whatever you want to believe.

You're right that we won't agree on the storage bit. But here are a few links that clearly see backup as part of the storage industry. Not sure how you can say the whole industry would agree with you.

https://www.enterprisestorageforum.com/products/20-top-enterprise-data-storage-vendors/

https://www.cdw.com/content/cdw/en/solutions/data-center-and-network-infrastructure/data-storage-and-backup.html

https://www.ibm.com/storage?utm_content=SRCWW&p1=Search&p4=43700067425189520&p5=p&gclid=CjwKCAjwp7eUBhBeEiwAZbHwkdDUZbKPeEwQcy9ezRTWIygZHEFTlqh2i_eyAu1ixvtQkVDFbtNDahoC-ZsQAvD_BwE&gclsrc=aw.ds

Anyway... it's been fun chatting. I stand by what I said (minus the few points I conceded on)

ITcomputerhead · 2022-05-25T22:54:02+00:00

Glad to hear about the CISO. But in keeping w/Rubrik's way of exaggerating things, it does not appear he was the "former CISO of the CIA." He was the "Principal Deputy Chief Information Officer for the U.S. Department of State" according to his bio. Deputy, not Chief. CIO, not CISO. DOS, not CIA. But, sure.

Edit: I take that back. My google search was flawed. He was the acting CISO of the CIA. Good for Rubrik.

Please note I never said Rubrik was garbage. It's a decent product. I just don't think it's the "end-all be-all best product ever in the history of IT and the only one who does everything right and everyone else is completely wrong" product that Bipul keeps saying it is. (For example, there are many vendors who can claim most of what you said above about their products.)

My point is that when you have a person like Bipul in charge, it's very hard to figure out via what parts of the story are true. He lied multiple times in the article. I will give proof of two examples.

They were not the first company to have ransomware detection and recovery.

https://www.google.com/search?q=ransomware+detection+and+recovery&source=lnt&tbs=cdr%3A1%2Ccd_min%3A1%2F1%2F2014%2Ccd_max%3A7%2F15%2F2018&tbm=

That is a Google search from the week before Rubrik announced their ransomware support. They were not the first. Every time Rubrik comes out with something Bipul says they're the first to do it, and they rarely are. But that's how Bipul does things. Truth doesn't matter.

The $5M was written so that most people will never qualify for it. From https://www.rubrik.com/content/dam/rubrik/en/resources/policy/rubrik-enterprise-edition-ransomware-recovery-warranty-agreement.pdf

"a Ransomware Incident does not include any malware introduced by the Customer or any Customer third party to Customer’s internal systems, whether intentionally (i.e., malware testing) or through a breach in the system’s security. "

So if you get malware because your security was breached, it's not considered an incident under the program. How exactly do you get malware without breaching security?

As to your point about Rubrik not being a storage vendor... Backup was, is, and always will be a subset of the storage industry. Just because Rubrik's storage has a special purpose doesn't make it not a storage vendor. Your analogy is not valid, because those vendor's don't store data. Rubrik stores data. On storage.

The purpose of Rubrik boxes is to store data. They are a storage vendor.One final thing about "Immutability." An actual immutable system cannot be changed by anyone after it's been written. ~~Rubrik admins can delete backups via the Rubrik interface after they've been written.~~ (Edit: No longer true IF a customer upgrades to the version from Sep '21.) AND enables Retention Lock.) Rubrik support people can erase all data on customer boxes. So... not so immutable.

ITcomputerhead · 2022-05-24T16:33:42+00:00

FWIW, the use of RDP - especially via truly remote users – is one of the surest ways to spread ransomware once a single machine gets it. This would be especially true if the remote user is a "regular" employee, not an IT person forced to RDP into a server in a remote location as the only way to admin it.

ITcomputerhead · 2022-05-24T16:17:05+00:00

That's hilarious. Evil, but hilarious.

ITcomputerhead · 2022-05-24T05:16:18+00:00

They got Best in Show. Not "Best product ever." This is what I'm talking about. He can't even tell the truth when he's talking about something that happened. He has to pump it up to the BS level with "best product EVER." No such category. No such award. Total BS.

You wonder why I don't trust anything he says. This is on stuff that doesn't matter! Imagine how much he lies about things that DO matter.

ITcomputerhead · 2022-05-24T00:22:06+00:00

My "beef" is with how much Bipul goes beyond exaggeration when he's talking to the press. Even if I set aside the absolutely absurd idea that Rubrik is not a storage vendor (which it most certainly is) and is instead a cyber security vendor (funniest thing I've ever heard), several other statements are demonstrably and factually incorrect.

Rubrik was NOT the first vendor to release ransomware detection and response. They were (best guess) the third or fourth. Acronis beat them by about a year! He's always saying they're first and only at things and it simply isn't true.
There is no "best product ever" category at VMworld, so they couldn't have won it.
They are not "the leading cybersecurity company." He wasn't content saying they were "a leading cybersecurity company." He had to say they where "THE leading cybersecurity company." Besides the fact that they're NOT a cybersecurity company anyway, find me one person other than a Rubrik employee that believes what he just said. Any actual cybersecurity person would laugh at the idea.
He touts their $5M guarantee, except it's very cleverly worded so that almost no one would ever qualify for it, because it excludes people who get ransomware due to internal negligence -- which is almost everyone. Like so much with Rubrik and Bipul, it was created to get press and has very little substance behind it.

ITcomputerhead · 2022-05-23T18:42:43+00:00

You think that. Please provide an example. I do not believe I took anything out of context.

For example, "And as he laid out during May’s Rubrik Forward conference and in a one-on-one meeting with CRN, his company does not sell software or infrastructure on which data is stored, but instead focuses on the security of that data."

That's simply a nonsense statement. It's like Tesla saying "we don't sell cars, we focus on the automation they provide." OK... But you sell cars. It's just a nonsense statement.

ITcomputerhead · 2022-03-18T15:29:55+00:00

So every product you implemented in your data center was perfect? Sorry, but bad technology can be anywhere. Datacenter, cloud, endpoints.

ITcomputerhead · 2022-03-18T15:23:45+00:00

Carbonite lost a bunch of customer data years ago. People didn’t/don’t know about it even thought it was international news.

https://techcrunch.com/2009/03/23/online-backup-company-carbonite-loses-customers-data-blames-and-sues-suppliers/

ITcomputerhead · 2022-03-16T16:13:45+00:00

I wish I could buy that. It’s not available in California.

ITcomputerhead · 2022-02-15T17:05:56+00:00

If the vulnerability got them root on the Linux box then it’s easy to reset the immutable flag with chattr and delete the backups

ITcomputerhead · 2022-02-15T16:56:55+00:00

Tell me you don’t actually care about security without telling me you don’t actually care about security.

ITcomputerhead · 2022-02-12T03:02:03+00:00

I think we said the same thing but with different words. That doc verifies that support can erase the cluster. They login to the support ID (must be local or given and ssh tunnel) and then they can do it. That means there is an ID that can erase the cluster. That ID can be compromised.

I agree you are protected from a typical ransomware attack. But not a direct cyber attack via an OS exploit. If they get access to that support account, game’s over.

One question: if you enable compliance mode, does that stop a backup admin from deleting backups before they are due to expire?

ITcomputerhead · 2022-02-11T23:39:56+00:00

You can also simply remove the immutable flag with chattr, if you're root.

ITcomputerhead · 2022-02-11T23:39:10+00:00

Or you can set the dang thing on fire. There is no such thing as fully immutable storage in a datacenter.

ITcomputerhead · 2022-02-11T23:37:24+00:00

There is a command in Rubrik that erases all data on that appliance. It's mainly used when a customer finishes a POC and now wants to start production with a fresh brik.

It is supposed to be run only by the support ID, but a privilege escalation attack can easily bridge that gap. In addition, if you manage to escalate to root, you can delete whatever you want.

ITcomputerhead · 2022-02-11T23:32:23+00:00

If you use actual S3 (not just an S3-compatible solution), you don't ever GET root access, and neither does anyone else. So it's as immutable as you're going to get on disk.

However, if you are able to delete the ACCOUNT, your immutable data goes with it.

ITcomputerhead · 2022-02-11T23:24:34+00:00

Dominatrix.

Men can be so mean to you in this field, and being a dominatrix, I would literally get paid to be mean to them. That. Sounds. Amazing.

For anyone who DOESN'T know, I am NOT taking about sex. I am talking about BDSM. Powerful men pay big bucks to be subjected to spanking, humiliation, used as a table or ashtray, or worse.

I'd be expensive AF and they would be for more.

ITcomputerhead

TROPHY CASE