B1tF1ghter: Also, I'll repeat myself:
checksum EVERYTHING.
marsattakx: What is your recommended method for doing so? Do you think its best to ISO the files and then checksum the ISO? Or to compress them into an archive like rar, 7z, or zip? Or perhaps you think using something like multipar to protect against data loss, and then checksum the par files?
In your question you are asking both how to protect data from corruption as well as how to check it's integrity.
Both are very complex questions and highly depend on personal factors, such as what is your supposed attack vector, how are environmental factors in places your backup media is going to reside in, and others.
Before doing anything it would be the best to ensure the files you got are actually 100% uncorrupted and as they should be.
Which in case of GOG files can be a pain since GOG doesn't provide file checksums along the downloadable files.
Afaik apart from Galaxy (which doesn't show you the checksums but afaik verifies them) you can only really use this
https://www.gog.com/forum/general/gogrepopy_python_script_for_regularly_backing_up_your_purchased_gog_collection_for_full_offline_e for that.
For checksums:
whatever you do ALWAYS checksum the original files first.
Only after that put them in any form of container (should you desire to do so) such as zip, par, and others.
If you do choose to pack it then also checksum the packed container.
Store your checksums in some secure location where there is no risk of damage.
You can of course store them on the same storage device, but never store them ONLY there - that would lead to utter frustration and issues should the very blocks storing the checksum files get corrupted for whatever reason.
Checksum files weight close to nothing, so you can afford to store them in multiple locations.
Such as inside password manager as attachment, in cloud (apart from file names they do not provide any private info), printed on paper, etc.
Use at the very least sha256.
Preferably sha512 or better.
Or use both as this way you are lowering possibility of collision even further.
Remember, even the best backup is utterly worthless if you don't know if the files got corrupted.
ISO? I don't really see WHY you would want to STORE them in ISO format. That is only really usable if you want to burn them into optical media, and only stored like that temporarily (in ISO that is, until burned, at which point ISOs disposed of).
ISO isn't really a viable container for any sort of storage.
It's pretty pointless to use it for anything but raw dumps of optical media as well as temprorary source for burning media.
Generally speaking there isn't too much point in using archives unless you want to leverage the limited benefits they give:
- some software works better with them when handling them
- some storage devices perform better with very large files
- one zip consumes less inodes than for example 18 bin files
Remember that most archive formats don't provide any form of substancial checksumming.
Most use the likes of CRC, which is utterly worthless, so don't rely on that EVER for any real data integrity.
If you want to have redundancy in the files itself you are of course free to use likes of par.
Obviously you will need more storage space for that.
Depending on what is the importance of that what you want to store you have to consider all the factors and choose appropriate storage measures yourself.
Generally speaking I could go for hours talking how about 1 storage media is worse than some other 1.
It's very complex matter.
But always remember this:
- have multiple copies
- don't work on your cold storage copy, have another (separate from cold storage one) for "work"
- pay attention
- hardlinks are especially your enemy if you rm stuff
- online backup is a dead backup sooner or later, also prone to tampering (through ransomware for example)
- don't use usb bridges, connect drives directly through their designated interfaces (such as SATA, SAS, SCSI, etc)
- don't just blindly repeat what "people of the internet" advice on reddit, forums, and other places. Even most people in IT don't talk about certain facts. Storage dies. It doesn't last as long as advertised most of the time. Bathtub curve is a b*tch. There is no consistency in storage dying in relation to time. So always run long smart tests every so often (not applicable to optical media).
- tapes are cost effective, but their readers are bullshit level of expensive, also prone (both tapes and to a degree readers) to humidity
- checksum everything
- don't "wait until the very last moment and hope for the best (that your storage device will last a little longer)", consider life spans of your storage media and preemptively make new copies, remember that hdds don't last very long (and are prone to mechanical failures) while ssds "magnetically fade" when not connected to power for more than few months (also they are usually in plastic cases providing NO electromagnetic shielding)
- treat optical media with care
- don't use sh*t grade / quality storage, brand generally means nothing btw, for optical check stamper codes to know what you're buying, use only highly reputable media like VerbatimE (and better ones) and the likes
- don't cheap out
- (optical media) also ALWAYS check Media ID
- BD has generally higher longetivity than DVD
- BD is more scratch resistant than DVD (let alone CD)
- don't use random off the shelf BD / DVD burners, throw Asus and the likes out of the window, use Pioneer, Teac and such, preferably Japan-only export-restricted models (as they do have some extra features that export-unrestrticted do not)
- prepare for the worst (in general, I'm not talking about in regards to optical now)
- don't use NTFS as filesystem, it's awful
- don't rely on Windows for copying files, use *NIX for backups, from livecds I procure SystemRescue (formerly SystemRescueCD)
- when formatting your *NIX filesystem don't just blindly use gparted, learn gptfdisk and mkfs and do stuff manually (also backup GPT headers), consider your usecase and use appropriate inodes/bytes ratio according to it (default is attrociously inappropriate for backup drives, on 1 TB you would loose more than 10 GiB for NOTHING), for ext4 use -m 0 as since that is your backup drive there is clearly no point in reserving any space for "system users", btw remember that inodes aren't just files (also folders, remember about it when choosing inodes/bytes ratio)
- if you happen to use FDE on backup drive remember to backup your headers (also use above 80 entropy passwords, also use Argon when possible, also consider password retention in regards to backup procured expected age as it may be more difficult to store the password over time and should you loose the password your backup is worthless, ergo consider your pros and cons as encryption isn't always so great in the long run)
I also wrote some stuff about the matter here:
https://www.gog.com/forum/general/devotion_is_coming_to_gog_on_dec_18th/post1264 Good luck ;)
edit: added quote (forgot to do that originally)
edit 2: added note about Media ID, BD burners, BD vs DVD longetivity and scratch resistance
edit 3: This is introductary TLDR, I don't intend to drag this off topic into far far away, if you want to talk about it further I could talk through PMs (tho I am highly busy thus I could respond with huge delays)