How to check the integrity of your backups and iCloud files

One feature which appears to have been lost in the new Time Machine backups to APFS volumes is the ability to check the integrity of their contents, which now appears confined to backups made to HFS+ volumes. I’m also aware of concerns that important files which you keep in iCloud as an offsite backup may become damaged or corrupted.

I recall hearing of someone, a few years ago, who stored a hundred test files in their iCloud Drive, and monitored their number and condition over time. What I don’t recall hearing is the result of that test. So I’ve been conducting my own study of the stability of files in iCloud. About a year ago, I put 97 files totalling 61 MB, whose integrity is checked by my utility Dintch, into my iCloud Drive. I periodically check their number and integrity, and am pleased to report that – so far – none has gone missing, nor shown any signs of change.

You can use Dintch, Fintch or their command tool companion cintch to tag and check files which are stored either in your Time Machine backups, including those in Big Sur when backing up to APFS, or in iCloud.

These utilities compute a cryptographic hash for every file which you feed them with, and save that to an extended attribute which remains attached even when they are backed up or transferred to iCloud. The hash isn’t stored in a separate file, but remains attached to the individual file no matter where it goes.

To tag files locally or in iCloud, use one of those two apps or the command tool. To check their integrity, use them again to report on whether they still match that hash in their extended attribute.

Checking files stored in regular folders and iCloud is very simple. It’s a bit more complex with those in your Time Machine backup, because of the limited access which Big Sur provides. Currently, it only gives ready access to the full contents of the last backup. You can find that in the path
/Volumes/[backup volume name]/[date and time].previous


Files seen there are strictly read-only, and should represent the full extent of the current Time Machine backup. It doesn’t therefore contain items which have been deleted prior to that backup, but should be an exact copy of the source of the backup at the time that backup was made.


In my example, of the 97 tagged files in my test folder (the same as I’ve been using for my iCloud tests), all successfully validated against their original hashes. The only exception was a .DS_Store file which I neither put there not did I tag.

Dintch, Fintch and cintch are of course free from here, and come with detailed documentation.