[908B64B197]

> what's a good way to make sure your rolling backups aren't simply backing up malware-encrypted files?

Compute checksums. Also, if storing diffs check out how many files the back-up think changed. All of your photo library getting re-uploaded should be a red flag.

[Helmut10001]

I do this using an `rsync --dry-run` with `--stats` enabled, you can get the number of changed/deleted files from the stats and then decide whether you want to proceed without `--dry-run`. This is for off-site backups. For on-site, I prefer ZFS Snapshots.