[Box Backup] Feature Request

Bjarne Carlsen boxbackup at fluffy.co.uk
Wed May 21 12:09:59 BST 2008


While the workaround to transfer data via an USB harddrive, which is
described in the wiki is nice, this workaround actually breaks the
security of Box Backup in relation to clients. 

Box Backup is a system where the server is not trusted and should never
be concerned with the clients' keys.

I propose a switch in bbackupd to back up the client's files directly to
a connected USB-device in encrypted form in order to perform the first
transfer to the server. In this way, the server and its operators will
never see client-data in unencrypted form, nor have access to the
xxx-FileEncKeys.raw.

What say you, developers?

Bjarne




More information about the Boxbackup mailing list