2 Replies Latest reply: Feb 3, 2013 9:56 AM by Camelot
Nello Lucchesi Level 1 Level 1 (130 points)

I'm successfully using Time Machine (TM) backing up to an AFP share on FreeNAS.  I can access my FreeNAS server from anywhere on the Internet using a dynamic DNS and port-forwarding.

 

While I'm at a public hotspot, TM backups run successfully--though extremely slowly--as scheduled.

 

But I'm concerned about security and wondering about whether traffic is going out in the clear on my WiFi connection on its way to my server.  (I did NOT select the TM option to encrypt my backup.)

 

I'm guessing that EVERYTHING regarding TM is being sent in the clear, including the AppleShare password.

 

Can anyone comment on the security vulnerabilities in doing a TM backup from a public hotspot?

 

Thank you

 

  - nello


MacBook Air (13-inch, Mid 2012), OS X Mountain Lion (10.8.2), 8GB RAM and 128 SSD
  • Linc Davis Level 10 Level 10 (169,325 points)

    AFP tries to use SSH for transport, but silently falls back to clear text if unable. The only way to tell what it's doing, as far as I know, is to examine the packets.

     

    If you care about security, it's best to use a direct VPN connection to the server when on an untrusted network.

  • Camelot Level 8 Level 8 (46,440 points)

    If you ask me, you have a bigger problem.

     

    The mere fact you can access your Time Machine backup from a public hotspot means that ANYONE can.

     

    The issue of whether Time Machine is using a secure vs. insecure connection back to your server is an important one, but the fact is that your server is constantly accessible to the internet and anyone can it hit at any time, not just at the time you're backing up. That means all your data is as secure as your password (which probably means - not a lot).

     

    A VPN is, by far, the preferred solution, and don't expose your data to the outside world.