Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I use duplicity (via the DejaDup GUI) and I really like it. However, there is one thing I think most people need to be aware of:

Duplicity does NOT encrypt the names of your files.

Some might not care about this much, but for me I really don't like my encrypted backups containing so much metadata.

EDIT: FWIW I don't use the AWS backup options. I have separate offsite backup connections to cloud services as well as NAS.



Author here.

> Duplicity does NOT encrypt the names of your files.

I, personally, do not care, but you're right. For the purpose of this article I could even leave encryption off, though. "I don't trust the backup destination" wouldn't be part of my threat model here.


Any half-ass backup software encrypts the file names in the repository, and it seems duplicity does too.


It actually does not as you can see all of the file names before you enter your encryption password.


That’s most likely local cache (it takes file names from your local disk)!!

The file names and content are encrypted.

No decent backup software will leave file names in plaintext.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: