On Wednesday, 5 August 2015 06:50:50 UTC-4, tomcoo...@gmail.com wrote: > > Hey there > > We are dev team building outsource projects. And each time finishing the > projects we've had a pain with configuring backups (files and DBs) for our > customer's VPS. > > Honestly, I think that you, guys, Ruby on Rails developers, face the same > issue every single day. So while solving this problem, we've built the > BitCalm.com <https://bitcalm.com> service. > > Please check it out and give us your feedback. > Do you think it's useful for anybody else but us or is it creepy shit? =) > > If you're interested, here are core features: > - It helps to configure auto backups to S3 in 1 minute. > - incremental backups for your files and dump backups for your DBs. > - web-dashboard to add/configure/manage multiple backups in a single place. >
Quick thoughts: * the option to install via a remote ROOT LOGIN concerns me. Having root *able* to log in over SSH is a security antipattern. Having SSH with passwords enabled is one too. Giving the server's root password to a third party is an even bigger mess. * the encryption situation is not explained well. In particular, it is unclear how exactly data is encrypted during transmission and who holds the keys used for that. It also appears that some features are yet-to-be-implemented, as mentioned in the Security FAQ: "In 2015 we plan to enable data encryption before sending with your own public key." This is of concern especially for customers using BitCalm-provided S3 storage, since the website can download the backup to the user's local storage - and therefore (absent a layer of encryption) read the contents. * there's a pair of mutually-exclusive statements in the Technical FAQ, in adjacent paragraphs: "The size of database data should not exceed free space in your /tmp folder." "Databases of any size may be backed up, because all reading and compression process is done with chunks of data in RAM." One or the other of these is presumably false. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscr...@googlegroups.com. To post to this group, send email to rubyonrails-talk@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/4ad1a54e-89ef-4598-9230-c620f780087c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
