What has been the experience of folks using the online backup/storage services like Carbonite?
Carbonite / Mozy / Amazon / etc. have one distinct flaw. You can only back up as fast as your Internet connection lets you. If you have a mid-range T1 line @ 1.544 MB/s then you will see no more than that rate for backups. So 1GB of data would take an hour and a half to backup or restore. Or no more than 16GB in a 24 hour period.
Speed calculator here. That also assumes no time lag for distance, other traffic or Tx / Rx / verification errors so you can increase that time by 30-40% realistically and much more if you want to use the connection for other things.
If you do get the info there, then you have to worry about their security (to keep hackers out of your data) and / or what they do with that data once on their system (It is encrypted with their software and if you read their EULA you can see their staff have access to your files, see below). As you see below they inspect the data for illegality. So those MP3 downloads your cousin gave you and movies you downloaded for example might cause you some grief. You can encrypt your data yourself, of course, but that adds even more overhead and delay in getting to your info and it may not be accepted if already encrypted. Then what do you do if your HD crashes and you find they have gone out of business.
An external USB 2.0 HD can transfer 480 MB/s max and you can tuck that drive anywhere. You keep control of your data and in case of issues you just plug in a HD and restore quickly.
I underlined the below for emphasis.
"Your pass phrase is encrypted twice before it is stored on the server to prevent anyone but you from recovering the stored pass phrase. The system is designed so that recovering a pass phrase requires action from two people: the person that created the key and a senior level server technician. Neither person can recover the pass phrase without the cooperation of the other person. The system is also designed so that only the creator of the pass phrase can view the pass phrase once it is recovered. Data blocks are compressed, encrypted with AES-256-bit and your private pass phrase, digitally signed for integrity verification upon restore, and tagged with multiple strong checksums to provide data integrity assurance. The encrypted data is then encrypted again as it enters the Internet, until it reaches one of the secure data centers."
"Carbonite will not view the contents of your backed-up files. Carbonite may view your file system information (file and/or folder names, file extensions, sizes etc. but not your file contents) to provide incremental backups and file comparisons, quality control, and technical support. Carbonite will not disclose your personal information, including the contents of your backed-up data with Carbonite, to third parties unless disclosure is necessary to comply with law." Have you read the Digital Millennium Copyright Act (DMCA) and how do they know if it is illegal or not without looking inside the data itself???
"Carbonite may disclose your Personal Information to third parties if we believe that such action is necessary to (1) comply with a law, regulation, or governmental or judicial warrant, rule, or order; (2) protect and defend the rights or property of Carbonite; (3) enforce the Carbonite Terms and Conditions of Use and/or this Privacy Policy. Carbonite may also provide access to your Backup Data to government authorities if Carbonite suspects or believes that the data contain child pornography or other prohibited data, or that the data or the Carbonite Products or Services are being used for illegal purposes. Carbonite will provide access to your Backup Data to your surviving spouse and/or your executor upon presentation of a death certificate and identification which Carbonite reasonably believes to be valid and sufficient, or in response to a court order, warrant, subpoena or other judicial or administrative legal process."
http://www.carbonite.com/privacy/
PS. Not picking on Carbonite. The others have similar EULA's. They have too, it is to conform to the law in the US.
Personally, if I were to use an outside storage center that I did not control I would have 4096 bit Twofish encryption on everything I put there. However, an external HD is much more convenient.