In this example data can be read by the third party because the encryption key is entered while logged into the remote server. For my personal backup I ended up doing a daily rsync over ssh to a server in my house to an encrypted and compressed ZFS volume. This server then makes a daily snapshot and uses the ZFS send mechanism to transfer the snapshot incrementally to a third party OpenBSD ZFS VPS. This way the third party has no way of determining the key. It is done by shell scripts run with anacron on Debian systems. I can share the scripts if anybody is interested.
This is….not good advice.<p>[set pedantry = 1] Nothing here makes you “independent from a business”, as promised, even in a generous interpretation. With the first section being “set up an instance on Vultr” they missed the goal of being independent. They should have come up with some at-home hosting solution to create that independence. Step two is “set up some CalDav solution” on this instance.<p>And that’s it. Everything else is “TBC”.<p>Even if it were complete, there is no meaningful discussion around the tradeoffs between “I 100% own and control everything in the value chain” (not technically possible these days, but I’m happy to settle for close enough) and “someone else is doing all the hard work of ensuring a solid coverage on my CIA Triad” which will cost me money.<p>As it is this is a (not so good) “HOWTO set up a CalDav service on Vultr”