1. posts
  2.  → DBacked
  3.  → reviews


Simple, secure database backup as a service 🛠️


DBacked is a command-line tool and SaaS product that creates, encrypts and stores backups of your MySQL, PostgreSQL or MongoDB database. It monitors your backups and sends you an email if a problem is detected. The CLI tool is open-source and free to use with your own S3 bucket.

Would you recommend this product?
Creator of bref.sh

It just works! And the fact that it's open source is awesome. The way it works is pretty amazing too: the database dump, encryption, compression and upload is all done in memory…


Open source and extremely optimized


Can't think of anything

Site Reliability Engineer, YCS2012 Alumn

While I have no reason to doubt the binaries embedded inside the agent (pg_dump, mysqldump and mongodump) are legitimate, I have no way of auditing them either. Additionally these binaries and their integrity checking is controlled by dbacked's servers, meaning they can be swapped arbitrarily at any time (by themselves or an attacker). I would need to see their source for these binaries, and a way of pinning which version I am using before I could seriously consider this product from a security perspective.


Automating a problem I'd rather not think about


Pre-compiled binaries inside "open source" agent, MD5 used for backup integrity

@geekuillaume. Do check this!
Developer - Maker - CEO of my own life
Thanks for the comment @jamescun ! I'm planning on adding a config field to change the binaries location. I've included the script I use to download and compile the binaries, it's very easy to use. Concerning MD5, it's only used for corruption detection, not for hashing password on anything else. The risks associated with a MD5 collision happening during the upload are almost non-existent. I'm using this because AWS S3 which only supports MD5 (https://docs.aws.amazon.com/fr_f...).