Subscribe
Sign in
It just works! And the fact that it's open source is awesome. The way it works is pretty amazing too: the database dump, encryption, compression and upload is all done in memory…
While I have no reason to doubt the binaries embedded inside the agent (pg_dump, mysqldump and mongodump) are legitimate, I have no way of auditing them either. Additionally these binaries and their integrity checking is controlled by dbacked's servers, meaning they can be swapped arbitrarily at any time (by themselves or an attacker). I would need to see their source for these binaries, and a way of pinning which version I am using before I could seriously consider this product from a security perspective.
