Is Google Drive support in danger with the possible Drive API Restrictions / Changes?

Does anyone know if Duplicacy Google Drive support is in danger by the recently reported Google Drive restrictions for developers?

Am I correct to assume this only impacts Google Play apps so Duplicacy Google Drive support is safe?

This appeared in my YouTube feed?

Thanks

Is there a text version of this?

Regardless, obviously apps can still read and write their own files. The security was tightened.

Whether any of the *drive services shall be used as Duplicacy target is more important question to discuss.

The only reason people try to use Google and other drives for backup is because they are trying to penny pinch. It’s not a good justification.

Relevant discussion: (Newbie) Backup entire machine? - #6 by saspus

These are the two articles referenced in the video - again I think the problem is when using Google Drive in Google Play Apps but not 100% sure if this will have impact for Duplicacy or not.

TLDR for an application to use the Google Drive API you have to pay a large multinational audit company many $$$ for a security audit - annually!

As a home user Google Drive currently works fine for me - no need to pay for another service that offer no advantages over other more convenient and appropriate solutions for my circumstances.

1 Like

I got the same email from Google asking me to complete a CASA Tier 2 security assessment. They couldn’t give me a definite answer on which part of Duplicacy needs to be accessed (the Duplicacy CLI or the server code that connects to Google for authorization), nor did they have an idea about which scope Duplicacy should be using (the full drive scope vs the limited app scope)

Anyway I figured out that the app scope (https://www.googleapis.com/auth/drive.file) is enough for Duplicacy. For existing backups created with the full scope, we just need to copy the subdirectories to a new directory created with the app scope, and Duplicacy will have access to all files under these subdirectories.

So my understanding is the CASA Tier 2 security assessment is only necessary if your app needs the full scope (https://www.googleapis.com/auth/drive), and Duplicacy should be safe for now.

4 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.