Yikes! Question about padding and the file format · Issue #19 · pvizeli/securetar · GitHub
So ther’s a chance it can corrupt the backup?
9 Likes
Oof that’s pretty nasty…
0.002% chance, murphys law
3 Likes
btw, isnt this line a bit confusing
I am not only uploading to Home Assistant Cloud but also have local copies. Since it is about Locations (secondary info line there) I believe we should turn these 2 around?
have the main text be one of these
“Locations to which backups are uploaded” or “Locations where backups are uploaded”
to also fix the somewhat clunky English
and the secondary line list the actual locations?
2 Likes
I realise you made that statistic up but considering the number of users making daily backups that’s not good odds.
2 Likes
I didn’t make it up:
1 / (256* 16) = 0.002%
assuming all ~400k known users backup automatically, that’s 97 corrupted a day.
13 Likes
I agree with everyone backup encryption should be configurable. By default could be on, but the ability to permanently turn off should be left to the user.
I have also noticed the full backup DOES NOT backup HACS. Is this intentional or am I possibly missing something.
4 Likes
That is too many.
8 Likes
Not saying it isn’t 
Murphys law: what can happen will happen
6 Likes
To someone at the absolutely worst possible point in thier use of something…
Remember that part I said about black eyes? That.
Way too much risk. I used to think it should have been held. THAT needs patched. Immediately.
3 Likes
To make backups feel easy here is a visual suggestion below for a one click quick backup. Add one or more buttons which will always save to local storage.
I actually opened an issue during beta, thinking that it could not be intentional but a simple bug.
Paulus answer was that it was meant to reduce the risk of running out of space…
I mean… what can I say ?
It’s like someone lost touch with reality and best practice.
Now we have to remember to manually backup our add-ons before every update !
I thought HA’s purpose was to actually automate things.
Oh well…
15 Likes
- more complains because of missing backups if the updates fail. Even more fun than.
Yes. I it was a hint and proposal before and everyone had the choice to unselect before. Best implementation.
5 Likes
The solution to OpenRGB integration is on this PR. Just follow this description on how to update the code.
Indeed a very strange choice, because at what time is the risk of something going horribly wrong at it’s peak?
3 Likes
A full backup includes a copy of /config
Unless your custom_components directory is somewhere other than /config, then it would be backed up. HACs is a custom_component.
If you are missing that then something else has happened.
You can create an automation right now using the hassio.backup_full action, schedule it how you like or triggered by whatever you can come up with, and choose not to encrypt it by not adding a password. Nothing has changed there.
It has always required a script or third-party tool to decrypt outside of HA so that is not new:
Like this:
Or this:
1 Like
When one chooses to follow a particular practice, I guess it’s fair to say that one is adhering to an “ideology”.
“MVP” seems to be the one that is often mentioned when the community asks “Why is this new feature half-baked?”
Seems to me that if customers often find the result to be disappointingly under-cooked, the chef ought to adjust the cooking technique.
12 Likes
Apologies, forgot everything encrypted, so shows 0 byte length when diving into the tar files.
So we have a custom encryption, that:
- is enforced
- has no decryption tool
- has security issues (nonrandom IV)
- has file format issues (gets random broken due to padding, known for 2 years)
- is turned off, when it is the most critical (before update)
Hmmm, strange things happening.
29 Likes
