Yeah you could totally sync your shell history if you’re using a NFS share or something, but that’s going to affect way more than just your .bash_history
Well, all the client side code is open source and compilable, and all history is fully encrypted before being uploaded.
So even if we were being controlled, you still can be confident that we can't do anything with your data - all we can see is how active you are, that is until someone finds a way to quickly break xsalsa20poly1305.
Why is our localisation relevant/quoted?