February 19, 2019
This is a technical post and goes into some detail about a recent server migration.
Actual’s server was migrated to Amazon Web Services (AWS) last week, providing significant upgrades. Since launch a few weeks ago, the server was a cheap instance on a generic provider and stored all the data in a sqlite backend. If you don’t know what that means, imagine riding a kids tricycle. Now you’re riding a full suspension mountain bike.
Let us know if you run into any problems. All data has been fully migrated so you shouldn’t notice any changes.
Note that Actual doesn’t store any user data unless you’re syncing between devices. If you’re using it on a single device all data is completely local. In the future, Actual will provide end-to-end encryption so nobody can read the data, even if it’s on our servers, except you.
This upgrade provides a few benefits, the most important one being security. The database is now an isolated encrypted PostgreSQL server, meaning your data is encrypted at rest. This means if a hacker was able to reach the database from within Amazon’s infrastructure somehow, they wouldn’t be able to read it.
The database is only accessible from the backend server (within a VPC), and the server uses AWS Secrets Manager to hold the keys to the database. This means even if a hacker was able to read files from our server, they wouldn’t gain access to anything. They’d have to be able to run code itself to connect to the database (after all, the backend needs to be able to use the database, so there’s no stopping that).
The backend server is also now an instance of Amazon Linux 2, a linux specifically prepared by Amazon for production environments. This provides better security to stop the possibility of a hacker gaining the ability to execute code.
All of this also provides significant gains in performance. One user saw an extreme difference and that they barely even saw the syncing spinner anymore. However, the driving reason for this upgrade was for security.