undefined | Better HN

0 pointsframmie5y ago0 comments

Not having data encrypted by default is concerning, however I do admire the simplistic approach of handling your own dataflow and tools for sure.

0 comments

dividuum5y ago

> Not having data encrypted by default is concerning[..]

While I agree in general, I think rsync's case is special: Unless the file encryption on their side is somehow derived from the SSH connection (so the files are only readable by your connection and while you're connected - is such a thing possible?), it would mean that they have to store the encryption keys somewhere. The far better approach is to treat them as completely untrusted and only store content you locally encrypt before sending it over. That way you don't have to care about them encrypting your data, it's completely in your control. I use restic for that. Works great.

noir_lord5y ago

Agreed - They can't be compelled to give up what they never had and it means as a user you can control exactly how your content is encrypted.

rhizome5y ago

If it's such a concern, why wouldn't you be sending them encrypted in the first place?

j / k navigate · click thread line to collapse