Hi,
I use Samba to transfer files from Windows to Rockstor. I know that Rockstor wants my password for access. But are my files still safe from vandalism if my Windows pc is like infected with CryptoLocker? In other words: do any Windows programs have access to the Rockstor shares? And is it possible or is there a risk that a virus somehow gets the password from Windows explorer because it remembers it for the current session?
I would say that you have the risk as any other Samba share. If Cryptolocker has access to the share and is able to encrypt them then the likelihood is that BTRFS will correctly treat it as an intentional act and thus replicate the encryption. Aas far as I know, using the snapshot facility would allow you to revert to the pre-encrypted versions, unless I’ve understood it incorrectly.
Remember the mantra RAID is NOT a backup. Having another device that you backup to which is not directly accessible via your PC will massively reduce the risk. Taking periodic offline backups, i.e a removable drive that is disconnected after backing up, is recommended also.
1 Like