Security & Privacy
Your data stays on your machine - always
No Telemetry
RCompare never collects usage data, analytics, or crash reports. We don't track how you use the software.
100% Offline
All file processing happens locally on your machine. Your files are never uploaded to any server.
Memory Safe
Built with Rust, RCompare eliminates entire classes of security vulnerabilities like buffer overflows.
Open Source
The entire codebase is open for inspection. Verify our security claims yourself or have experts audit the code.
Privacy by Design
Privacy isn't an afterthought - it's built into RCompare's core
What RCompare Does NOT Do
- No network connections for analytics
- No crash reporting to external servers
- No usage tracking or behavior analysis
- No automatic update checks (you control updates)
- No account registration required
- No cloud sync of settings or data
What RCompare DOES Store Locally
- Hash cache for performance (optional, can be disabled)
- User preferences and settings
- Recent comparison history (local only)
All local data can be easily deleted by removing the cache directory.
Network Connections
RCompare only makes network connections when you explicitly request them
| Feature | Connection | Purpose |
|---|---|---|
| Local comparison | None | All processing is local |
| S3 comparison | Your S3 endpoint | Only when you configure S3 sources |
| WebDAV comparison | Your WebDAV server | Only when you configure WebDAV sources |
| SFTP comparison | Your SSH server | Only when you configure SFTP sources |
| Update checks | None (manual) | You check for updates yourself |
| Telemetry | None | Never - no analytics collected |
Secure Hashing
Modern cryptographic hashing for reliable file verification
BLAKE3
RCompare uses BLAKE3, a modern cryptographic hash function that is:
- Much faster than MD5 and SHA-256
- Cryptographically secure
- Resistant to length extension attacks
- Parallelizable for multi-core performance
Hash Cache Security
The hash cache is designed with security in mind:
- Stored locally with user-only permissions
- Invalidated when file size or mtime changes
- Can be completely disabled if desired
- Easy to clear at any time
Reporting Security Issues
If you discover a security vulnerability in RCompare, please report it responsibly:
- Do not create a public GitHub issue for security vulnerabilities
- Email the maintainers directly with details of the vulnerability
- Allow reasonable time for the issue to be addressed before public disclosure
We take security seriously and will respond to valid reports promptly.
Verify It Yourself
RCompare is open source. You can audit the code, build from source, or have security experts review it.