Is it reccomend to clone qubes from a potentially compromised qubes PC to another trusted PC. After all it runs code in the base layer to restore qubes. My question is if i clone from a malicious PC could it infect the base system, i dont care about the qubes only that the base system is not at risk.
Do you think dom0 is compromised? If so, in theory, you should not recover anything.
It sounds like you might want to use the paranoid backup restore feature. It was basically made for this case.
Well, in that case, just don’t migrate anything.
do you think dom0 is compromised?
If it’s not compromised, it is safe to restore qubes that are not considered compromised.
If you think it is compromised, you can consider all qubes to be compromised so it is better to not restore anything. Of course, you could still retrieve some files manually, using antivirus and maybe reencoding them if you are really paranoid (for pictures, you could do a jpg to png to jpg conversion to ensure the jpg were not malware payloads)
Sorry for the misunderstanding ,I dont really care if qubes are restored compromised as long as the malware stays only to qubes and not to base system. For example lets say i clone from a compromised Machine and restore on a trusted machine, when i am restoring the files could it compromise my base system eg. dom0.The reason i am asking is because it restores it and must execute logic in dom0. If the qubes are compromised but cloned to my trusted machine without a potential compromise of my base system i consider that no problem but if i restore a malicious qube and it compromises the base i am screwd.
this is exactly what you are looking for, it’s an option in qvm-backup-restore command (it does not seem to be available in the GUI restore)
--paranoid-mode, --plan-b
Isolate restore process in a DispVM, defend against
untrusted backup;implies --skip-dom0-home
2 Likes
Could you please clarify what this does thanks
2 Likes