Re: [rdiff-backup-users] Incremental, automated, remote, secure

[Grant]

>>> I'm struggling to devise an incremental, automated backup scheme that
>>> remotely and securely backs up data from one system to another,
>>> preserves permissions and ownership, and keeps the backups safe even
>>> if the backed-up system is compromised.  Would the following work?
>>
>> What are you calling "compromised?"  Because the proposed solution you
>> mentioned didn't even mention encryption.  So I guess you must be
>> saying "compromised" when you're really talking about the backup
>> system being damaged or otherwise suffering data integrity failure.
>>
>> Either way, the answer is, "you can't, with anything, ever."
>>
>> If you are talking about security compromised, then all you can do is
>> encrypt data before it leaves original server, and run integrity
>> checks on it.  You'll keep your data private, even on a compromised
>> system, but you'll be subject to tampering.  You'll be able to detect
>> tampering, but you will not be able to recover.
>>
>> If you are talking about integrity compromised, on both your original
>> and backup systems...  Well ...  Then the data integrity was
>> compromised on both your original and backup copies.  Sorry, nothing
>> can protect you from that, except having more redundant copies.
>
> I think the OP was talking about
>
>   client with data to be backed up
>
>   server to store backups
>
>   at some point, *client* is compromised
>
>   the desired security property is for the client not to be able to
>   modify/delete the backups that happened before the compromise

Exactly, yes.  I will add encryption soon.

- Grant