Security

[danisztls]

One of the goals of making encrypted backups is protecting the user data in the cloud from scanning and leakages. But I'm not a security expert so I can't guarantee that. Much of the trust is placed on gocryptfs.

Secure by obscurity, as in hiding whatever do you use, is tempting as it's a real possibility that an attacker could find an exploit while exploring this repo. But the odds are as low as the odds of one making a return on such time investment.

Cloud storage is not safe as is. And if current trends continues it shouldn't be long until the vulnerability industry reaches retail level.

This script runs locally on the machine and does not require superadmin privileges or open ports. And as I see any vulnerability would require access to the local system or the data in the cloud which is pretty much game over if you are doing nothing.