A user recently asked for an overview of Duplicati from a security perspective. Because this information isn’t currently documented in one place, I’m sharing a version of that overview here to explain the different components that make up Duplicati, and why they were chosen to provide maximal safeguards.

But first, some context:

How traditional backups usually work

A traditional backup is typically created by making an initial full copy of the files. This first backup takes up a lot of space and is problematic for storage over the internet, with limited bandwidth.

The trouble with incremental backups

To save on storage of subsequent backups, most systems rely on incremental backups after that initial backup. Rather than …