Blog

ccc

Mike's picture by Mike | June 13, 2016

Update September 16: CCC 4.1.10 qualified on macOS Sierra

Choose "Check for Updates" from the Carbon Copy Cloner menu to download the latest update. And be sure to update your backup before upgrading to Sierra!


Apple announced macOS Sierra today, and as soon as they make the developer pre-release available, we're going to start the process of qualifying CCC 4 against that OS. We'll start with a shorter collection of tests that verifies that nothing harmful is going to happen if you use CCC on that OS. Once that pre-qualification is complete, we'll post a beta release of CCC 4 that folks can use for testing on the new OS. Over the summer, we'll continue the full regimen of qualification and testing, and once we're happy with the results of our tests, we'll post an update to CCC 4 that runs on Sierra.

Will I have to pay for an update to CCC that works with macOS Sierra?

When we have completed CCC 4 qualification on Sierra, we will issue an update to CCC 4 that is free to all current CCC 4 license holders.

What happens if I try to run the current (stable) release of CCC 4 on macOS Sierra?

CCC 4.1.9 will open on Sierra, but you'll be greeted with a message stating that CCC isn't yet qualified on Sierra. For more information about how and why CCC presents this message, see Coping with Apple's pace of innovation in an application that can delete files.

Update June 23: CCC 4.1.10 beta posted

Our preliminary testing turned up a couple really minor issues, which we've addressed and rolled into a beta release of CCC 4.1.10. If you would like to participate in CCC's beta testing program, open the Software Update section of CCC's Preferences window, check the box next to Inform me of beta releases, then click the button to check for updates.

ccc

Mike's picture by Mike | March 8, 2016

Recently Palo Alto Networks reported a "ransomware" threat to Mac users named "KeRanger". After reading their analysis I found myself deeply concerned. Ransomware threats are nothing new, but I realized that this is probably the closest I've felt to the seedy world of cyber terrorism. Up until now all of that seemed to be aimed at governments, defense departments, big corporations... Windows users! Here we are, though, it's at our doorstep, and our neighbors are already victims. I received an email from a CCC customer yesterday that started with:

I happen to be one of the people who got hit with the ransomware hacks.

Yikes! I was not expecting a good outcome here. Thankfully, the rest of the email was:

Luckily I had a CCC of my drive and booted off that, deleted the ransomware files and was fine.

While this threat appears to be mostly contained at the moment, I think everybody should take some time to examine their defenses against this sort of attack. Having a backup is an obvious first step, but there are some additional steps that you can take to protect your backup too.

Protect yourself from ransomware

This particular ransomware attack is fairly clever. It lies dormant for a few days, then starts to encrypt your documents. It targets documents on externally-attached hard drives as well, and (in future developments) may even target Time Machine backups. CCC backups on external disks are vulnerable, as well. We have some suggestions that can help protect your backups from this sort of threat.

Keep your backup disk unmounted as much as possible

KeRanger targets volumes that are currently attached to your Mac and mounted. Physically detaching your backup disk from your Mac is the most effective way to protect that disk from attack, but it makes your backups more laborious, and you're less likely to keep them up to date. You can configure your CCC backup tasks to unmount the destination volume at the end of the backup task (click "Advanced settings" to reveal the option). With these settings, CCC will automatically mount the destination when the backup task is scheduled to run, then unmount the destination when the task is finished.

Encrypt your backup disk with FileVault

Keeping your backup disk unmounted is sufficient to protect you against the current KeRanger attack, but it may not protect your backup from future attacks. Finding attached-but-not-mounted devices isn't very difficult, nor is it difficult to mount those volumes once you've found them. If the cyberswine figure this out, you'll need an additional layer of protection. FileVault encryption will effectively prevent unauthorized applications from mounting your backup disk. Enabling FileVault... Read More

ccc

Mike's picture by Mike | February 10, 2016

A security vulnerability was recently reported on the Sparkle framework that many applications, including CCC, use to manage application updates. The report indicates that applications using non-secure (e.g. http rather than https) URLs to retrieve application update information could be vulnerable to a "man in the middle" attack.

We don't use any non-secure URLs within CCC, and that has been the case for a while. To be very specific in regards to the reported Sparkle vulnerability, CCC uses an HTTPS URL when checking for and downloading updates and release notes. In fact, as of CCC 4.1.5, it's not even possible for CCC to use an insecure (HTTP) URL, OS X El Capitan would forbid access to that resource.

Download CCC 4 today and make a bootable backup of your Mac!

Sarah's picture by Sarah | December 22, 2015

We will be closing December 24 at noon EST and remain closed December 25. We will also close December 31 at noon EST and remain closed January 1 to spend the holidays with our families.

Limited staff are available to respond to customer requests until January 4. We appreciate your patience if it takes a bit longer for us to respond than is typical.

Mike's picture by Mike | December 2, 2015

We hear this concern frequently:

"I'm considering buying CCC, but I am concerned that a new OS will come out and I will be asked to purchase a new license to continue using CCC."

Generally when a new OS is released, we offer a free update to CCC that allows users to continue using it with the same license on the new OS. That has been the case with 8 out of the last 9 major OS releases over the last 13 years, with the notable exception being Yosemite, which broke CCC 3. That being a recent experience, many users share this concern. I would like to succinctly alleviate these concerns with the following statements:

CCC 4 will be qualified and supported on OS X 10.12. We will issue a free update for that OS, just as we did for 10.11 El Capitan.

CCC 4 license holders will not be prohibited from using CCC 4.1.5 (or later) on OS X 10.13 and later

In the past, CCC refused to open on newer OSes* because we were concerned that a future OS version would break CCC in a manner that could lead to data loss. CCC 4.1.5 introduces a mechanism that can proactively warn users if this situation arises, so we no longer restrict that version of CCC from running on a future version of OS X. If you're interested in the longer version of this explanation, see this article: Coping with Apple's pace of innovation in an application that can delete files.

* Again, though, understand that CCC 3.5.7 was broken on Yosemite. While the aforementioned restriction would prevent that version of CCC from opening on Yosemite, it was the underlying architectural limitations of CCC 3.x that made it not work on Yosemite.