Thanks for the tip re: backupwallet. That's not listed in the online API documentation.
Two questions, if you'd be so kind:
1) Is there any benefit to multiple backups? Or do newer backups strictly invalidate older ones? That is, should I call my file backup.dat or backup.datetime().dat?
There's always some benefit to multiple time point backups. You might have bad ram in the computer and one of the backups is corrupted, same goes for hard drive or even just a slightly loose cable. But for the most part, assuming all goes well, the latest backup does invalidate older ones.
Now, don't feel too safe because you have one backup, even 100 of them, on the same physical location. Same computer is asking for trouble, same house is calculated risk. Better to make a daily or so backup to an external storage service. It's always about balance; how much do you keep in the wallet, how often you do transactions, what would it cost you to loose such wallet.
2) This is a lotta damn foolishness we have to deal with here, and it's all caused by sending the change to a newly generated address. What's wrong with sending it to an existing, possibly designated one?
How this might work
*If there's an address labeled "Change," that address receives all change payments. Uber-strict backups not necessary. Maybe even something more intuitive like "Your Address," the designated one that's already there.
*If not, create a new address as usual, for anonymity or whatever.
I don't see any technical reason to not do so that way. Other may think differently, but from the top of my head there's nothing preventing that. It would, however, create a very simple path to follow and find you, and while this may not present an issue to you personally, if your address is compromised there's a good chance the receiver is also traceable now. I'm paranoid, you probably aren't, so my opinion is highly biased