|
|
|
|
|
|
by csnover
811 days ago
|
|
|
> If you supply your own encryption key, it's true that Backblaze can't read your data at rest. It’s worse than this. The private key for data decryption is sent to their server by the installer before you can even set a PEK. Then, setting the PEK sends the password to them too, since that’s where your private key is stored. So you have to take their word not just that they never store the key and promptly delete unencrypted files during restoration, but also that they destroy the unprotected private key and password when you set up PEK. It’s a terrible scheme that seems almost deliberately designed to lull people into a false sense of security. |
|
|