Posted by: Anonymous
on February 01, 2008 01:19 PM
Either this is a half baked article, or the authors of rsyncrypto have no idea what they are doing.
The example in the 4th paragraph makes no sense. As the rsync connection is protected by SSH the attacker would have no idea which parts of the file were modified. All the attacker would know is that some data was sent from one computer to another. The attacker would not be able to determine that an 8kB file was sent or that the first part of the file was later modified.